Saturday, April 30, 2011

OSB getting file content with a File Proxy Service

I would start by polling with a Proxy Service :
Service Type: Messaging Service
Request Message Type . binary Type
Endpoint URI : file:///c:/temp/files

when OSB polls the file, the body is populated with this:

con:binary-content ref="cid:3042380f:12fa58f6644:-7fd8" xmlns:con=""

you assign a OSB variable as explained here

assign $body/ctx:binary-content to myBinaryData

then you invoke a java Callout with that myBinaryData variable

This post explains a little more

Here is the Java Callout code

package com.pierre.filefromosb;

public class FileFromOSB {
public static void processFile(Object param) {
System.out.println("class=" + param.getClass().getName());
System.out.println("param=" + param);
byte[] bytes = (byte[])param;

String content = new String(bytes);
System.out.println("content=" + content);

the result is:


(the file's content was "ciao")

Once you have the binary content (byte[]) of the file you can do anything you want with it.

Friday, April 29, 2011

I love DSL

but I have never written one :o( (apart the "internal DSL in XML or Java)

Debashish Ghosh managed to stir my enthusiasm here: minute 02:38

in order to model a problem you need to think in the terms of the issues which come up in the domain

the solution model should be expressed in a language which offers you the best abstraction level

Debashish recommends Eclipse Xtext (looks BRILLIANT! just follow this link)

VMWare Cloud Foundry test drive

just a proxy post to this EXCELLENT post by my friend Luciano:

Thursday, April 28, 2011

Long battle against Malware

Yesterday I have VERY STUPIDLY tried to install a dodgy JPEG editor downloaded from some dodgy site..... (IDIOT ME!)....
I was counting on my registered AVG antivirus to protect me....
the malware pierced AVG like a hot knife the butter.

Here the consequences:

- My Web Search plugin installed on IE and Firefox
- every browser was using as a proxy (even if you removet it, every 5 seconds it's set again)
- a fake DWM.EXE * 32 process was being spawned every 5 seconds, even if I killed the whole process tree it comes back
- a fake CSRSS.EXE * 32 as above
- a fake CONHOST.EXE as above
- a fake SVCHOST.EXE as above

(in your task manager, processes, right click on the process and use "locate folder" to identify if the EXE is in c:\Windows\System32 or somewhere else.

I bought Lavasoft Ad-Aware, with runtime protection: it could identify that something dodgy was going on, but could not eradicate it completely.

I also run MalwareBytes anti malware, which identified some stuff.

Finally I killed all the dodgy processes, deleted all the dodgy EXE files, cleaned up all the dodgy Registry entries (see here for a non exhaustive list), and now everything SEEMS to be back to normal.
Here a good description of this Trojan.

I am really amazed how easily Windows 7 64 Bit Security is pierced.

I will immediately resize my partition, install Ubuntu and use Windows 7 only if really needed.

Wednesday, April 27, 2011

Oracle Fusion Middleware List of Books

If you feel bored and look for some good book to read before you go to bed, here

is a wonderful library of Oracle literature

2 Day Administration Guide

Enumerates Oracle products:
Oracle WebLogic Server
Oracle SOA Suite
Oracle WebCenter
Oracle HTTP Server
Oracle Web Cache
Oracle Identity Management
Oracle Internet Directory
Oracle Virtual Directory
Oracle Identity Federation

Tuesday, April 26, 2011

Java Generics: Covariance and Contravariance

I was reading this nice introduction to Generics, and I realized that the terms "covariance" and "contravariance" were obscure to me, although I was familiar with the "?" notations:

* List<? extends Fruit>  (means: the list can contain Fruit and any subclasses of Fruit)

* List<? super Apple>  (means: the list can contain Apple and any superclass of Apple)

Here a more formal (and boring) discussion on the terminology

covariant: converting from wider (double) to narrower (float).

contravariant: converting from narrower (float) to wider (double).

which leads to the interesting PECS (Producer Extends Consumer Super) pattern very well explained here

Monday, April 25, 2011

Agile Cowboys

The Cowboy sees Agile as an opportunity to abandon processes and documentation so that they can enjoy the wild west life. Cowboys are the type of folks who are not necessarily negative about Agile because, in many cases, they know that they get away with pretending to be Agile since many folks, particularly the bandwagon crowd who are their up-line management, really have no idea what Agile is. It is the cowboy that has propagated the myth that Agile is an undisciplined approach for wild-west coders. "

I really appreciate this definition. I had to work in a team whose lead was as undisciplined as Billy the Kid, striving on the general ignorance about what "Agile" entails. He would always say "Agile abolishes the need of analysis, through the delivery of quick throwaway code". He lead my team to chaos and exhaustion - before management realized he was just a manipulative Rasputin.

Friday, April 22, 2011

The Code is the Design

it was very enjoyable to listen to this presentation, very easy to digest.

In a nutshell:

* Coding is a way to manage complexity

* UML sucks, just write Readable Code and generate diagrams in an automated way

* Java starts being outdated, move to Scala or C#

* XML sucks, move to JSON

* Read

* Don't mix metaphores

* Don't talk wrong, use existing terminology without inventing new words or patterns

* Don't be too clever

* TDD (test driven development) rules! Testing is part of the Design

* Your code must speak back to the reader

* Team Dialect is important in communicating

* Abstraction smells

* You have to refactor

Here is the original article from which many quotes were taken.

Thursday, April 21, 2011

WebLogic security

Excellent JAAS tutorial here

An overall presentation of JCA there

Here you find an overview of all JAAS classes

A Subject can have many Principal

a LoginContext lives inside a Configuration

The Configuration contains a stack of LoginModule, and the Credentials are authenticated in cascade across this stack.

A Policy is ensured by a Provider, and its role is to grant a Permission

..; to be continued....

Pair programming: is it really worth it?

In 15 years of development, I have rarely seen people actually adopt pair programming the "hard way", that is having one person sitting next to the other without using a keyboard. Much more popular is "help on demand", if you need me just call me.

I think there are several reasons why Pair Programming is not so popular.

- developers are mostly a bit individualistic

- most code is "easy" enough to require not so much brain effort behind it

- nobody likes to work with a jerk, so if one of the 2 developers is a jerk the experience of working shoulder-to-shoulder will be painful

- cultural reasons might encourage isolation rather than open communication

For instance, I normally ask a lot of questions to my collegaues, bringing up issues and sharing my findings. But in some contexts you are supposed to keep your head down and just deliver what you have been requested. In these contexts, PP will never find easy adoption.

Wednesday, April 20, 2011

Fluent Interface

and more remarkably

Most Java code is simply a fist in the eye... too much rumor... I want to improve readability of the code by using tricks like "import static" and operations (setters) which return the object itself on which the operation was invoked, so you can chain multiple operations on the same line.

Tuesday, April 19, 2011

Windows 7, plugged in, not charging

Try this:

- hybernate your PC
- remove battery
- restart your PC and login
- hybernate your PC
- reinsert battery
- restart your PC and login

that MIGHT fix the issue.

I think this is because I don't have an original power supplier, the one I use has a lessere Ampere output than the original.

SOA Registry and Repository: Centrasite

I don't know how it compares to Oracle Service Registry (OSR), surely the video tutorials are of great help to become familiar with the product.

See here for a bunch of tutorials.

Particularly interesting the one on "Impact Analysis" and "Analyze SOA Adoption".

I am expecting companies to become more involved with video communication as opposed to dead boring PDF white papers, as a means to market their products.

Oracle High Availability Assessment with Failure Injection

A very interesting document (aka "MAA SOA Assessment") on failover for these configurations:

Mediator and JMS Adapter
BPEL and Oracle Database Adapter
BPEL and File Adapter

on all sort of wounds inflicted to a HA Oracle env:

WLS Server Failure,
WLS Server Migration,
Node failure,
DB Instance failure,
DB node failure,
File System failure

and the the resiliency of the system is assessed.

( see also my "Break and Seek" post)

Another very interesting reading on the migration and failure recovery in WebLogic is here

SOA: the hype is gradually declining

Google Trends is quite explicit: the top of teh searches for "SOA" was 3 years ago...

But a new ghost is wandering across ITLand: the ghost of Cloud Computing:

Monday, April 18, 2011


I am not sure which one of the two is better... they seem quite equivalent, although MVEL claims to be faster than ONGL...

Constraints and Contract programming

Constraint programming is not very inspiring, while Design by contract gives more food for thought.

My impression is that:

a) constraints are ENORMOUSLY valuable as a part of the Business Rules enforcement

b) they are normally understated in the code and scattered everywhere (XSD, SQL Constraints, Java Code...)

c) constraint exercising is normally not enough covered by Unit Tests

d) DbC testing as exercised by the Unit Tests is not guaranteed to be active in production, hence it doesn't give us the benefit of validations in real life environment.
Why Unit Test should explicitly code logic which belongs to the Business Domain? These Rules/Constraints should be incorporated in the Business Logic (vs the test logic).... the test logic should be reduced to setting up scenarios which exercise those rules, and let the rules fail themselves.

Here a nice and simple example of DbC in Java (most links are broken though :o( ).
It shows clearly what a pre_condition, post_condition and invariant is.

Friday, April 15, 2011

RestEasy, JRebel, JAX-RS, Gradle...

All of this and more in this

superb tutorial on RestEasy of my friend Luciano.
Top stuff. Kudos.

Thursday, April 14, 2011

100 thousand visitors!!! Time to celebrate!

So this blog has just passed the 100,000 pageviews mark! (I guess it's not UNIQUE VISITS).

When I started 2 years ago it was just a personal notebook, then it became a very valuable way to force me to collect documentation and expose things in a more-or-less structured way.

Learn to say "I was wrong"

Like Fonzie, at minute 1.39... admitting you were wrong or you don't know something makes you so human and valuable

From the Gradle to the Grave :o)

I am reading this wonderful article on Gradle:

It's lovely how it liquidates the Ant vs Maven endless religion war as a "rant over dead technologies".
I absolutely share the same point of view. Let's focus on the future and forget the XML-mistakes of the past.

Tuesday, April 12, 2011

Start all your Oracle sequences from 1000

Say you have autogenerated IDs, using sequences.
If you start using your application, the first entity will have ID=1.

If you have already inserted "test" data, from SQL Insert, using that same ID=1,
this can generate a UNIQUE constrain violation.

So as a rule just create the sequences as

create sequence BLA_SEQ MINVALUE 1000 START WITH 1000 INCREMENT BY 1;

Funnily, you cannot CHANGE the "START WITH" using a ALTER SEQUENCE, otherwise you get this funny error:

ORA-02283: cannot alter starting sequence number
Cause: Self-evident.
Action: Don't alter it.

Self Evident??? You lazy self-referential B....

Build Specialist antipattern

Just reading on TheServerSide an article on the Build Monkey Antipattern:

I assume that with the same logic one should also be against specialists in anestetics, in liver surgery, in kidneys surgery, in brain surgery etc and have only one general "do-all" category of surgeons in a hospital.

Someone will scream "ah no but surgery is different". Please explain how - apart that a mistake in surgery costs a human life, while a wrong build process is simply a project which is not delivered on time.

Knowledge is infinite and specialization is surely an evil, but an unavoidable evil. He who believes that everybody should be able to do everything is, evidently, living in an Ivory Tower.

Sunday, April 10, 2011

Top 20 tools for a developer

I enjoyed this video on the top 20 tools for a developer to use. It's REALLY enjoyable, the guy Roy Osherove is VERY smart. His blog here

Unfortunately it mostly covers .NET Java stuff.

Here is the list:

Task Board
Two screens
Daily Standups
Everything Search Engine
Total Commander

Red Gate Reflector (this is for .NET)
Resharper (this is Visual Studio stuff) (also .NET thingie)

Amazon EC2

HG Mercurial Source Control (local commit)

Fog Bugz (a sort of Jira)
Gibraltar Logging cool remote debugging application for .NET (I like the concept!)

Crypto Licensing (licensing tool)

Amazon Simple Notification Service

OSB and Enterprise Integration Patterns

I simply repost the excellent job done by Arun:

as found in this thread on OSB patterns.

Arun's blog is really impressive, full of original first class material ... kudos!

Saturday, April 9, 2011

Camel is Cool

Good introduction here:

The adhesion to Gregor Hohpe Enterprise Integration Patterns is a great conceptual advantage.

The Camel manual is here. here the book from Manning:

Domain Modelling: lessons learned


don't even think of manually producing separate views of - basically - the same thing.

These views are:

- the UML class diagrams
- the JPA Entity models
- the DDL to create the tables backing the Entities
- the SQL Insert statements to generate reference/test data
- the XML datasets to populate the DB fefore each Unit Test
- the XML datasets to assert the content DB after each Unit Test

If you do all this by hand, I can guarantee you will waste a lot of time and energies at each minor refactoring. Mainly because things which are loosely or not connected at all (XML, SQL...) break silently and most of the time you will find the problem only runtime.

this is an application where each layer has been generated painfully and manually by a herd of monkeys

this is an application where all artifacts have been generated from a single repository

Design time validation is a LOT better than Runtime validation, so....

Build only ONE metamodel - if you dare you can be Java Entities with JPA annotations, but I am not 100% sure this will cover all your needs.
Otherwise build your own metamodel and use it to generate all the rest.

Datasets (INSERT ox FlatXML) can be generated by hand coded Entities. The advantage is that when the model changes, Entities break and you just have to follow the red in Eclipse.

Lesson number two: Use RICH DOMAIN MODEL

Encapsulating rules and behavior inside your model makes it A LOT easier to refactor and test your code.

Lesson number three:

Your service code should never have a direct write access to the Domain objects. Every "operation" should be expressed by a verb which explicitates the use case you are executing.

Friday, April 8, 2011

Homenage to Rube Goldberg

this is an absolute must:

here are 10 of them

Rube would have made zillions as an IT architect in some companies...

Wednesday, April 6, 2011

Rich Data Model versus Anemic Data Model

We are moving away from an Anemic Data Model (the Entity contains only data; the Logic to validate/manipulate/cross join this data is in the EJB Service)
towards a Rich Data Model (Entities contain most logic, entity methods are allowed to retrieve data from related entities).

This is more in line with good OO practices (mostly encapsulation), and it avoids have a lot of imperative code in the Service Layer. It improves, of course, code reusability, since the logic is one layer down the Service layer - so you avoid cross-services calls.

The only drawback is that Entities become more Service-like, sometimes they need to make DAO or EJB calls to retrieve extra information - its very difficult to expect an Entity to stay as a pure POJO without any access to Resources.

See also an often-quoted MF article.

Tuesday, April 5, 2011

org.hibernate.LazyInitializationException: failed to lazily initialize a collection

org.hibernate.LazyInitializationException: failed to lazily initialize a collection of role: acme.domain.model.Bla.mumbles, no session or session was closed
at org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationException(
at org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationExceptionIfNotConnected(
at org.hibernate.collection.AbstractPersistentCollection.initialize(
at org.hibernate.collection.PersistentSet.iterator(

Entity Bla contains a collection of Mumbles. The OneToMany annotation by default uses a LAZY loading approach.

If in your client layer you try to do a bla.getMumbles(), you get the exception LazyInitializationException. The session was closed in the EJB, and in the client you have only a detached entity.
To avoid the problem, in the EJB do a


(bla.getMumbles() is not enough!)

This will explicitly load ALL mumbles and the client will be happy.

Monday, April 4, 2011

ROA: Resource Oriented Architecture

I am reading RESTful Web Services

I am not in love with the book as I find it really verbose, it doesn't really catch my attention.

Anyway at page 216 they refer to ROA. The wikipedia article is very clarifying, the guidelines express the essence of the REST approach.
- stick all what you can in a URI
- documents should contain links (URIs) to related documents
- everything should be stateless

They talk a lot about "REPRESENTATION".
The table "RESTful Web Service HTTP methods" clearly shows what GET PUT POST and DELETE are supposed to do.

a good introduction on REST.

As usual, I keep thinking that all these technologies are simply CRAP, and that CORBA 20 years ago was doing much better than this. If you find a technology good only because anybody can write a URL in a browser and get a result, and you want to base on that your enterprise architecture, then good luck.

Friday, April 1, 2011

To Merge or To Persist....

Merge the state of the given entity into the current persistence context.

more info here (from the JPA 1.0 specs)

Hibernate has this to say.

if you entityManager.persist(anEntity), and they you entityManager.persist(anEntity) again, you will get a UNIQUE_KEY contraint violation (it will save it twice with the same ID)

in doubt, just use merge and you will be safe:
if you invoke it with a unpersisted entity it will do an INSERT
if you invoke it with an already persisted entity it will do an UPDATE