Saturday, February 25, 2012

Tomcat Security Overview and Analysis

Today I found a fully and clearly written article about Tomcat security mechanisms. If you are interested, follow this link: http://www.cafesoft.com/products/cams/tomcat-security.html

Friday, February 24, 2012

How-to: Reinitialize bounded, page fragment based taks flow programmatically

Sometimes you need reinitialize region based ADF task flow - especially when you want to use task flow in popup. There exists declarative solution in which you set properties:
  • RefreshCondition, or
  • set Refresh to ifNeeded
Unfortuantely declarative solution wouldn't work in some cases, while code-based works for me perfectly. What's more software solution is very simple.

To restart page-fragment, bounded taskflow from code you should access the task flow model from backing bean:

RegionModel model = (RegionModel)JSFUtil.getValueEl("#{bindings.my-task-flow.regionModel}");

and next refresh this model:

model.refresh(FacesContext.getCurrentInstance());

Tuesday, February 21, 2012

How-to: Enabling Realm debug logging in Tomcat 6 and upper

To enable debug level logging for Tomcat Realm and Authentication you shold modify $CATALINA_HOME/conf/logging.properties file as shown below:



 In many posts available in the Internet you can find other solution:

<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
    connectionURL="ldap://localhost:389"
    userPattern="uid={0},ou=people,dc=mycompany,dc=com"
    roleBase="ou=groups,dc=mycompany,dc=com"
    roleName="cn"
    roleSearch="(uniqueMember={0})"
/>

but this don't work anymore in Tomcat 6 and 7.

Monday, February 6, 2012

Content Repository vs. Web Content Management system

Web content management system (WCM) is often defined as "a software system that provides website authoring, collaboration, and administration tools designed to allow users with little knowledge of web programming languages or markup languages to create and manage website content with relative ease".

Modern web content management systems offer many advanced features for managing and publishing digital content (text, images, documents, multi-media, etc.) to websites, and for many scenarios a WCM product or system will meet the needs of content publishers.

But the traditional web content management system, focused on presenting web pages to a browser, is no longer necessarily the right choice for managing and delivering content in a multi-device, multi-channel, content-syndicated world.

Especially when :
  • digital content needs to be shared between disparate websites,
  • content needs to be delivered to the different kinds of devices or channels (mobile phones, tablets, kiosks, Facebook, Google+, etc.), or syndicated via an API,
  • exist a real need for integration of distributed resources of informations and documents
a WCM system focused on serving HTML pages is often not sufficient.


In different approach the organization can introduce Enterprise Content Management system, with the Content Repository as a heart of this system. In this approach the content is stored and managed in repository, served from central point to external applications, and additional built in services like:
  • full text search with document content search (indexing content of PDFs, DOCs and so on)
  • optical character reckognition
  • versioning
  • format conversion
  • identity (authorization, authentication, accountability)
  • built in workflow processing
can be provided. More generally, you would also need to buy or develop a Content Platform around the Content Repository to provide the features and services meeting your demands.


Why to choose Java Content Repository?

The Content Repository for Java Technology specification, developed under the Java Community Process as JSR-170 (for the first version, JCR 1) and JSR-283 (for JCR 2), aims to meet all industry needs of modern Content Repository system. What more: this is approved industry standard - cause of this customer can choose from range of vendor specific but compliant(and therefore interchangeable) implementations. Additional advantage of JSR-170/283 is that it is not tied to any particular underlying architecture, but still client applications can cooperate with each implementation.

Summing up the benefits of choose of JCR technology we can point:
  • JCR is an open industrial standard, well suited for document management and content management
  • JCR is wide adopted by potentates of software market like IBM, Oracle, Adobe and by most important opensource providers like Apache Software Foundation. Cause of this we can consider this technology as solution with stable and long term support
  • Cause of wide adoption there are available products suitable for middle size companies as well as high end products for big enterprises
  • Implementing JCR repository customer is not necessarily linked to a single supplier
  • There are available free and commerial useful utilities and tools (eg. for administration purposes)
  • Java Content Repositories are the perfect solutions designed to act as a central storage of documents of each company.
  • JCR repositories delivers wide range unique document oriented services. Even open source referential implementation Jackrabbit delivers many functionalities not available for any WCM system.

The most advanced commercial JCR are:
  • Adobe CRX
  • Oracle UCM
  • IBM Content Management
  • Magnolia CMS
  • Alfresco CMS
  • eXo platrofm repository
  • and so on

and the most important opensource implementation is
  • Apache Jackrabbit
As shown before, the typical user of a Content Repository is another software application rather than a user directly. In modern enterprise content delivery systems content repository becomes role simillar to database server in database driven applications.

Enterprise content management

As defined in Wikipedia: ECM is an umbrella term covering document management, web content management, search, collaboration, records management, digital asset management (DAM), work-flow management, capture and scanning. ECM is primarily aimed at managing the life-cycle of information from initial publication or creation all the way through archival and eventually disposal. ECM applications are delivered in three ways: on-premise software (installed on the organization’s own network), Software as a Service (SaaS) (web access to information that is stored on the software manufacturer’s system), or a hybrid solution composed of both on-premise and SaaS components.

ECM aims to make the management of corporate information easier through simplifying storage, security, version control, process routing, and retention. The benefits to an organization include improved efficiency, better control, and reduced costs.

Sunday, February 5, 2012

How to recover domain when the primary domain controller failes and there are member domain controllers

Today I had some problems in our development environment. After crash of Windows 2008 R2 PDC, the "backup DC" (I know - my terminology isn't valid :) ) also "refused to cooperate". After some googling I found nice solution of our problem:


http://geekswithblogs.net/mhamilton/archive/2007/04/15/111674.aspx


Unfortunatelly cited solution has some errors, so below you have fixes version. In short:.

Open a CMD prompt on the backup DC you want to perform this on. At the command-line prompt, type Ntdsutil and press <Enter>.

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\WINDOWS>ntdsutil
ntdsutil:


At this prompt, type roles and press <Enter>:

ntdsutil: roles
fsmo maintenance:

Now type connections and press <Enter>:

fsmo maintenance: connections
server connections:


Now type connect to server <serverName> where <serverName> is the name of the backup DC you are working on, and press <Enter>:

server connections: connect to server win2008-ad

Connected to win2008-ad using credentials of locally logged on user.


server connections:

At the server connections prompt type q and press <Enter>:

server connections: q
fsmo maintenance:


Now we are going to SEIZE the FSMO roles we want. NOTE: Out of the 5 FSMO roles, we are NOT going to seize the Infrastructure Master. We do not want to put the Infrastructure Master (IM) role on the same domain controller as the Global Catalog server. If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a GC server holds a partial replica of every object in the forest. For now, we'll seize the following:


Seize domain naming master
Seize PDC
Seize RID master
Seize schema master


My warning: If crashed DC was Infrastructure master you should also run:
Seize infrastructur master 

You have run this command before Seize schema master.

 

Have a nice day