Friday, April 22, 2011

33degree conference – a great place to be!

Between 6 and 8 April I had a pleasure to attend the first edition of 33degree conference. It was really a great learning experience, as the schedule was literally filled up with interesting talks from well-known speakers. Talks for the conference were all hand-picked, to eliminate accidentalness typically caused by standard call for papers. This played out rather well – even if talk's topic wasn't exactly my cup of tea, I could still enjoy it a lot. It was also very fruitful to see some of the speaker rock stars in action – overall quality of such performances, their ability to catch your attention and not let it go really makes a difference.

Of course, it's never all moonlight and roses and I wasn't always 100% happy with all the presentations, but I must admit that to some degree it was my poor choice. Most tech talks (to differentiate them from 'soft' ones that concentrated on self-management etc.) were at quite introductory level, and I made a mistake once or twice of going to a talk focused on a features that I was already familiar with. Maybe it would be a good idea to add some indicator of talk's level, because sometimes abstract is either cryptic or doesn't discuss prerequisites. Below I will describe shortly all the talks, so should you come across any of them on future conferences, it will be easier to choose. Also, I believe there will be a lot of posts from other attendees with such summaries (the complete list should be available on the conference website), so I will be able to find out what I've missed :).

Linda Rising – deception and estimation

The first keynote was pointing out that every person is prone to deceiving herself and that we must be aware of it at every stage of planning. Linda Rising argued that every estimation is to some degree biased and that we should estimate only in short, agile sprints, so every mistake is quickly exposed and fixed before it becomes costly.

Matt Raible – comparing JVM frameworks

I was especially interested in this talk, as we're evaluating different JVM frameworks on the job right now, and had used Matt's previous slides in the process. In the new version, Grails became the leader, but the list of top 7th frameworks according to Matt's criteria remains more or less stagnant for over 2 years now. The most important thing to keep in mind is that you cannot go wrong with any of the top solutions and it's best to make prototypes in a few of the most promising solutions and check which is the most exciting for the team. At some point, every technology causes some problems, so it's best to have strong motivation to overcome them.

Nathaniel Schutta – Hacking Your Brain for Fun and Profit

This talk intersected its content a lot with a book that I'm currently reading: Pragmatic Thinking and Learning: Refactor Your Wetware by Andy Hunt. Nevertheless, it was brilliantly delivered and also brought some new points. I highly recommend Nath Schutta for his engaging style and excellent contact with the audience; I think that even if he talked about advanced functions of Microsoft Paint, he would grab my attention anyway.

Ted Neward – Busy Developer's Guide to Scala: Patterns

Ted Neward is a very vivid personality and is really insightful. He began his talk with interpretation of classic GoF patterns in Scala, and soon went to conclusion that catalog of patterns always mutates: some of them are now part of languages, some don't make much sense in realm of functional langs, some start to appear due to more expressive tools we have at hand. Although I'm not very familiar with Scala (I've seen the syntax and I'm able to make most of it by parallel to Erlang), the talk was highly enjoyable for me – it was clear and concise, sarcastic, but funny.

Workshop: Neal Ford – The Productive Programmer

Workshops were 3 hours long and I'm not exactly sure how well this formula turned out. Neal Ford's workshop was divided into two parts: the first one showed various tips and tricks for increasing productivity. Unfortunately, they were targeted on Windows and Mac users, and being Linux guy for many years, they haven't really surprised me – using sed and awk is my essential tool for many years now. Neal also showed some key shortcuts for Eclipse, but it was also nothing new to me. I was also quite surprised that he didn't mention power of bash command history, especially tweaking its settings (length, duplication, eliminating navigational commands). Overall, I think that the first part could be very beneficial for a programmer that works with Windows, but I wasn't quite the intended audience.

Second part was totally different, so maybe they would rather have split the talk into two separate ones. I've actually enjoyed this one, as it presented several ways to increase your productivity by eliminating distractions, increasing focus etc. It was also quite relieving to hear that problems with maintaining interruptions is so common and that it's just another challenge we can tackle.

Multiple presenters – BOF: Web frameworks shootout

The last presentation of the first day was conceived to present 'new-wave' frameworks, namely Play, Wicket, Grails and Lift, in short practical examples shown by enthusiasts of these technologies. Unfortunately, it turned out pretty chaotic, because due to short time all the presenters were in great hurry, showing for a while some code snippets without virtually any time for questions. Only Wicket talk had easy to follow example that we were presented before showing us the code, so it was the most informative. I think that it's hard blame the speakers, as it's hard to show any useful code in 15 minutes, so maybe it would be better to make an hour-long moderated discussion with all 4 enthusiasts, concentrating more on philosophy of the solutions?

Jevgeni Kabanov – Do you really get Memory?

This talk brought up an important subject of shift in CPU architecture (multiple cores, various cache coherence problems) and how it changes the landscape for Java developers – Jevgeni Kabanov argued that now we are always programming in a distributed environment, even if the execution environment is limited to only one box, and that we should revisit our knowledge of memory management, because a great number of the today's performance problems can be related to it.

Brad Drysdale – HTML5 WebSockets – the Web Communication revolution, making the impossible, possible

Actually, I missed on this one, because I hoped for some more advanced application of this tech, but instead was presented by reasons why WebSockets are superior to old methods of simulating duplex HTTP communication (which is out of discussion) and how Kaazing solutions can help in transition by providing fallback to e.g. Flash in older browsers.

Dierk König – Pro Groovy

During this talk (the only one without a single slide!), Dierk König presented interesting techniques he is using taking as examples some code katas such as quicksort or arithmetic operations on lengths with different measurement units. Overall, very interesting and inspiring talk, but quite slow-paced.

Patrycja Węgrzynowicz – Patterns and Anti-Patterns in Hibernate

The most important conclusion that one can draw from this talk is that using Hibernate correctly and efficiently is quite hard task that requires deep knowledge of the technology itself, as well as the details on how it works with particular RDBMS. We were presented with bugs found in example application coming from Java Persistence with Hibernate book to underline that subtle, but dangerous errors can be made even by the most knowledgeable experts. To err is human, so we should analyze closely and profile our application for strange behaviors (especially under load), before it will go intro production and our mistakes become costly.

Nicolas Leroux – Play! framework: a revolution in the Java world

It was introduction to Play! framework from one of its core committers and was quite intriguing in its content (Play designers has made some interesting decisions like completely getting rid of state on server-side), but I'm afraid that it wasn't very compelling for the attendees, because during coding Nicolas spoke very silently; on top of that not everyone is used to French accent. Overall, it was an informational presentation, but not very thrilling.

Steve Freeman – Five years of change, no outages

It was basically a retrospective of a complicated ETL project in bond trading domain. It was a huge success (being 5th approach to the problem) thanks to strong team culture focused on quality, wide use of testing (especially fixtures), short iterations (the problem could be partitioned horizontally) and good communication with analysts (they eventually participated in writing fixtures). The study was quite thought-provoking, but in my opinion the presentation was too tied to the specific project. The presented methodology was perfectly Fit (pun intended) in the specific situation, but the talk lacked some generalization, ideas was therefore hard to grasp and the outcome seemed uninteresting.

Nathaniel Schutta – Agile UI

Really brilliant talk on how to think about user interface design in order to have something usable in the end. The most important thing is to be in touch with the users, have their workflow in mind while designing the application and using the product personally from time to time. Users grade our work on look&feel, not the amount of design patterns used or the version of framework.

Sławomir Sobótka, SSEPP members – BOF: Dokąd zmierza Software Craftsmanship (Polish)

It was a discussion initially planned to cover topics related actual state of software craftsmanship in Poland, but it mostly turned into complaining how developers feel underestimated by the society and how it relates to other professions that have long history, which is quite difficult topic itself, because our profession is young and has its roots in academia, not common folks' needs.

Michael Nygard – Failures Come in Flavors

Really excellent talk about problems related to scalability and hearth-warming conclusion that there are finite classes of such, so we can prepare for them, if we only accept that they are inevitable. Michael Nygard has really wide experience in running large scale systems and shared some of the most peculiar accidents he experienced, like e.g. one of the servers mysteriously starting streaming "Weird Al" Yankovic songs to other components :).

Costin Leau – Using Spring with non relational databases

Nice presentation about Spring Data project and NoSQL connectors for GORM. It was particularly interesting to see SpringSource approach at NoSQL (the talk was before CloudFoundry announcement, so there were big points to add to this image later). Moreover, I've encountered Spring Cross-Store project for the first time, which is basically a solution to ease storing domain object across different database products – as for example entity attributes in key-value store and relations between them in graph DB – taking care of all housekeeping stuff.

Szczepan Faber, Bartosz Bańkowski – Lost Chapters of Divine Code: 7 Deadly Sins

Thought provoking talk kept in its style in line with "Divine Code" April Fools' book – it presented different patterns and anti-patterns in language of heresy and dogma. I think that it was very inspiring, if only approached with a sufficient dose of humor. Sometimes it's easier to have some stimulant discussion if you hear something that initially makes you tremble, but after some thought you can see some behind it – not that in the end you will agree with such "heresy", but it will make you question some "dogmas".

Neal Ford – Abstraction Distractions

Another "soft" talk concentrating on cognitive biases, this time in terms of abstractions (that we build all the time while building software). The're were several good points there, of which the most memorable for me was: "abstraction first are walls and then turn into prisons" – meaning that we build abstractions to separate ourselves from too many incomprehensible things out there in the wild, but with time, they start to limit our imagination and perception.

Michael Nygard – Architect for Scale

Second talk in the series concerning scalability, this time covering techniques to fight with the problems pictured in the first one. It made great job of explaining different solutions that can be used while building medium and large scale systems. What also was quite an eye-opener: scalability is a measure of system speed-up capacity: how long will you gain improvement to system parameters while adding more machines, before you will run into the wall of synchronization and coherency overhead and the system will actually become slower due to more nodes. So the shocking truth here is that optimizing system in terms of sequential operation is in fact decreasing scalability, because less work will have to be parallelized.

Venkat Subramaniam – It could be heaven or it could be hell: On being a Polyglot Programmer

Very energetic talk on upsides and downsides of learning and using multiple languages. I think that the whole audience was carried away by Venkat's enthusiasm. For me, it was encouraging to hear that dilemmas related to introducing new languages to the rest of the team are normal and that we should concentrate on possible productivity boosts of such change, not on the worst scenario or being rejected.

Ted Neward – Rethinking "Enterprise"

Another thought-provoking talk showing how easily we are manipulated by school handbooks and big company's marketing departments alike and what lies behind constant need of seeking a new, ideal technology to learn (to prevent being fired/outsorced) or thinking of software landscape in terms of 'sucks/rocks' dichotomy. The talk was quite provocative, but no less than the author of the words that neatly describe the talk's main point: "Think for yourself. Question authority".

Most of the talks have slides available for download from conference site, if you would like to give them a peek.

To sum up, I think that the conference was a great success – the organization was great (some guys were complaining about lack of WiFi – not a problem for me though), one of the most remarkable things was giving the attendees a chance to shape the conference by organizing online surveys beforehand. It also gathered a great number of visionary people, both speakers and attendees, so it was a really great place to grab some inspiration and return to the daily work with a bunch of new ideas to spread. Congratulations go then to the organizer of the conference – Grzegorz Duda! He also announced that the next edition of the conference will feature such speakers as Uncle Bob, so stay tuned for even more thrilling event next year!

Sunday, March 20, 2011

Long time no see...

It's been quite a while (over a year, to be precise) since I've last posted to the blog. I took hiatus from writing mainly because of great changes in my life: change of employer, followed by change of martial status, job position and master's thesis subject. So you can imagine that all the adaptation kept me pretty busy :D.

I've also managed to pass two certifications in the meantime:

So, to reflect all these changes, I've decided to move my blog to a custom domain, and switch blogging platform to Blogger. I was quite satisfied with Wordpress.com, but I needed more freedom with editing CSS (12$ 'upgrade' for small corrections is too much I think) and using custom Javascript. I had some experience with customizing Wordpress blogs, so hosting one on my own would look like a logical choice, but I've opted for Blogger mainly because it's quite flexible and of course much easier to set up and maintain.

I think that great improvements will come to Blogger, as it has a huge user base and is an invaluable source of content for Google – so important in times when so much user-generated content is buried in uncrawlable social sites like Facebook. So I wasn't very surprised to see Google announcement on new features that will come to the platform this year. They look really promising – I like especially the user experience design borrowed from Google Docs – the more document-oriented interface seems cleaner, exposing the posts as the most important element and I think that's the way to go. Also, the functionality of blog exploration based on topic clustering looks pretty cool (although everything depends on execution, so we need to wait to see it in action).

Transition to Blogger went pretty smooth, thanks to this conversion utility. I simply needed to export my blog from Wordpress, upload the XML file to the mentioned tool and then I've got another XML to import into Blogger. There is a very nice Google effort on making it easy to transfer your data in and out their products: The Data Liberation Front. There are however few things that aren't so smooth:

  • Blogger has really awkward handling of paragraphs: it encloses them in div, inserting br elements on every hard break. There is an option to turn off the later functionality, but it doesn't get you plain old <p>s anyways; it's pretty annoying, because it caused extra empty lines after my each paragraph and makes the markup very non-semantic. I'm writing the posts in HTML then to have control over it, but the editor is also pretty strange, because it seems to interpret whitespace – I hope that it will be fixed soon.
  • The platform doesn't let you define your own 404 pages. It's maybe not a big deal on its own, but because I've set a 302 redirect from my old blog here and URL patterns differ between Blogger and Wordpress, it causes all redirects from the old blog to land on the standard 404 page, so visitor feels a bit lost.
  • Great thing about Blogger is that you can host static resources like CSS or Javascript files on Google Sites. The catch here is that Google Sites block the traffic if the original request was performed outside of Google domains (which include blogger.com). So it's easy to host JS files if your blog is in blogger.com namespace, but if you choose to use a custom domain, you need to host the files elsewhere. I don't really think that this restriction will be lifted, because other checks for request coming from actual Blogger blog could be counterfeited; luckily, there are lot of CDNs (I'm using the one from Google) that host the most popular Javascript frameworks and toolkits and for simple scripts and CSS, you are free to modify the head element of the page.

Sunday, December 20, 2009

I am Sun Certified Business Component Developer!

I am very happy to announce that I passed Sun Certified Business Component Developer for the Java Platform, Enterprise Edition 5 (CX-310-091) exam with an astounding score of 100%!

The exam turned out to be easier than I expected (that is somewhat reflected by my score :D). I was also surprised by the fact that there were no drag-and-drop questions — the exam page mentions about them. Maybe the questions are randomized without taking the type into account or I simply did it so automatically that I didn't even noticed.

While preparing to the exam, I answered a fair amount of questions from JavaBlackBelt EJB section and the ones provided as a demo by various exam simulators, and I got the impression that the exam will test my knowledge of both specifications rather thoroughly. I've expected questions regarding e.g. declarative security in conjunction with both inheritance and XML descriptors or some twisted JPQL queries. That wasn't the case. Actually, of 61 questions about six were somewhat tricky and involved really good understanding of the subtleties. There were also 4 or 5 that were IMHO ambiguously formulated, provided additional, unnecessary details in the statements or were so obvious and unclear at the same moment that I sit there ruminating where is the catch. The majority of the questions, which is far than sufficient to pass the exam, were written really good and tested in scenario-based fashion the knowledge that I find absolutely compulsory for the developer to have.

It goes like this: think you know what each transaction attribute does? Show you understand the reason behind their creation, by choosing the most appropriate one for a given real-world scenario. This is what you are doing on the job and also my way of learning. I find it a real leap in the terms of exam quality, comparing to Sun Certified Java Programmer one. I'm not saying I know the way to construct a better exam for this level, but the problems from SCJP seemed very artificial to me. I felt like reading code of a guy that should be sentenced for writing it that way, while being in some sort of captivity myself, because I haven't got even a compiler, not to mention some code editor with syntax highlighting. That's a nightmare, not an exam.

I heard that new SCJP exam (called SCJP+ as far as I remember) is designed as a set of short programming tasks involving writing a real code. This problem-solving approach is in my opinion the best way to build the exams if we want Sun's certification to be highly valued in the market.

My certification is already outdated as the Java EE 6 came out last week :). Put the (probable) two years adoption period aside, there is something to worry about — as depicted on this page, the future SCBCD exam is to be split into EJB and JPA specific ones. While I find this move very rational, I am afraid that it will mean that the certification fee will double. I wish I were wrong.

To sum up, I feel that I've learnt pretty much about Java EE 5 through my preparation for the exam and feel really satisfied, since that was the point of this whole effort. I'm now pretty confident of the platform's strong and weak points. The broader knowledge of the shortcomings make me lean (language joke, yeah) toward Spring 3.0, as Java EE 6 doesn't seem to resolve them. I'll write more as soon as I'll get a good grasp of both.

Monday, November 30, 2009

Preparing for the Sun Certified Business Component Developer Exam

I did not have time to write recently, because I am busy preparing for the Sun Certified Business Component Developer exam. I am taking it in a little over two weeks, so this period of my blogging inactivity hopefully won't last long.

I chose the "EJB 3 in Action" as my main textbook and read EJB Core and Persistence specifications thoroughly. The last two are important to me as they operate with the language I expect to encounter at the exam. I find it not so uncommon for big vendors to use their sole own bits of terminology (for example in the web services realm).

I am also using Sun Java EE Tutorial as a refresher and contributing to JavaBlackBelt EJB 3 exams. I also find it convenient to choose NetBeans and Glassfish v2 as my playground to test some boundary cases I conceive. Generally, I am an Eclipse guy and many things in NetBeans (especially its editor) are counter-intuitive to me, but its "Verify" option is very helpful in the preparation. It basically checks whether the EJB project fulfills specification restrictions (in fact, some proper subset of them). Using reference application server saves me from checking every little doubt in the documentation, since I admit to believe in such empirical knowledge gathering. Nevertheless, I've already found some things that should be signaled by an exception, but were graciously unsaid by the server.

All in all, I've enjoyed the preparation to this exam a way better than to the SCJP one so far and hope to say the same after taking it.

Saturday, September 5, 2009

Configuring an encrypted connection between WAS 6.1 and Oracle 10g with server authentication

I stumbled upon some obstacles while configuring a secured connection between WebSphere Application Server 6.1.0.17 and Oracle 10g Release 2 over TCPS. The requirement was to establish an encrypted connection with server (i.e. database listener) authentication. It is realized in the second scenario described in Oracle's guide for enabling SSL on JDBC thin driver. It seems all pretty straightforward and in fact it is — on the Sun's JVM the following code works like a charm (tested with ojdbc14.jar for Oracle 10g Release 2):

import java.util.Properties;
import java.sql.*;

class OracleSSLTest {
  public static void main(String[] args) throws Exception {
    DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
    String url = "jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=oracle)(PORT=2484)) (CONNECT_DATA=(SERVICE_NAME=TESTSSL)(SERVER=DEDICATED)))";
    Properties props = new Properties();
    props.setProperty("user", "testssl");
    props.setProperty("password", "testssl");
    props.setProperty("javax.net.ssl.trustStore", "client.jks");
    props.setProperty("javax.net.ssl.trustStoreType", "JKS");
    props.setProperty("javax.net.ssl.trustStorePassword", "password");

    Connection conn = DriverManager.getConnection(url, props);
    System.out.println("Great success!");
  }
}

However, the same code launched on IBM JVM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Linux amd64-64 j9vmxa6423-20080315) generates the following exception:

Exception in thread "main" java.sql.SQLException: I/O Exception: The Network Adapter could not establish the connection
  at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
  at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146)
  at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:255)
  at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:387)
  at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:441)
  at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:165)
  at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:35)
  at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:801)
  at java.sql.DriverManager.getConnection(DriverManager.java:562)
  at java.sql.DriverManager.getConnection(DriverManager.java:155)
  at OracleSSLTest.main(Test.java:15)

I've checked that GIJ behaves similar. Running the code with a newer JDBC driver, namely ojdbc5.jar, gives more descriptive messages (the improved verbosity of the new drivers can save you a lot of time):

Exception in thread "main" java.sql.SQLException: The Network Adapter could not establish the connection
  at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:412)
  at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:531)
  at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:221)
  at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
  at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:503)
  at java.sql.DriverManager.getConnection(DriverManager.java:562)
  at java.sql.DriverManager.getConnection(DriverManager.java:155)
  at OracleSSLTest.main(Test.java:15)
Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection
  at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:359)
  at oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:422)
  at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:672)
  at oracle.net.ns.NSProtocol.connect(NSProtocol.java:237)
  at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1042)
  at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:301)
  ... 7 more
Caused by: oracle.net.ns.NetException: The ssl protocol specified is not supported.
  at oracle.net.nt.TcpsConfigure.configureVersion(TcpsConfigure.java:181)
  at oracle.net.nt.TcpsNTAdapter.setSSLSocketOptions(TcpsNTAdapter.java:146)
  at oracle.net.nt.TcpsNTAdapter.connect(TcpsNTAdapter.java:121)
  at oracle.net.nt.ConnOption.connect(ConnOption.java:123)
  at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:337)
  ... 12 more
Caused by: java.lang.IllegalArgumentException: SSLv2Hello
  at com.ibm.jsse2.mb.a(mb.java:6)
  at com.ibm.jsse2.lb.<init>(lb.java:16)
  at com.ibm.jsse2.jc.setEnabledProtocols(jc.java:245)
  at oracle.net.nt.TcpsConfigure.configureVersion(TcpsConfigure.java:177)
  ... 16 more

This difference between Sun's and IBM's JVMs is documented. I don't want to use SSLv2 (which is considered insecure now) in any form anyway, so I added another property:

props.setProperty("oracle.net.ssl_version", "3.0");

Enforcing SSL or TSL on the listener side in listener.ora doesn't do the trick. I've written some enhanced version of the test to simulate more accurately what I believe WAS is doing while establishing the connection:

import java.util.Properties;
import java.sql.*;
import javax.sql.*;
import oracle.jdbc.pool.OracleConnectionPoolDataSource;

class OracleSSLTest {
  public static void main(String[] args) throws Exception {
    DriverManager.registerDriver (new oracle.jdbc.driver.OracleDriver());
    String url = "jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=oracle)(PORT=2484)) (CONNECT_DATA=(SERVICE_NAME=TESTSSL)(SERVER=DEDICATED))" + 
    "(SECURITY=(SSL_SERVER_CERT_DN=\"CN=testssl,C=PL\")))";
    Properties props = new Properties();
    props.setProperty("user", "testssl");
    props.setProperty("password", "testssl");
    props.setProperty("javax.net.ssl.trustStore", "client.jks");
    props.setProperty("javax.net.ssl.trustStoreType", "JKS");
    props.setProperty("javax.net.ssl.trustStorePassword", "password");
    props.setProperty("oracle.net.ssl_server_dn_match", "true");

    props.setProperty("oracle.net.ssl_version", "3.0");
    Connection conn = DriverManager.getConnection(url, props);

    System.out.println("Great success!");

    OracleConnectionPoolDataSource ds = new OracleConnectionPoolDataSource();
    ds.setURL(url);
    // setting username and password once again through datasource methods seems to be required as exception is thrown otherwise
    ds.setUser("testssl");
    ds.setPassword("testssl");
    ds.setConnectionProperties(props);
    PooledConnection pc = ds.getPooledConnection();

    System.out.println("Another great success!");
  }
}

Since the test run without an error also with ojdbc14.jar, I switched to the Integrated Solutions Console to create the data source with the above properties. One thing to keep in mind is that the properties to be passed to the OracleConnectionPoolDataSource factory must be defined as a value of a newly created custom property connectionProperties in the following form:

javax.net.ssl.trustStore=client.jks; javax.net.ssl.trustStoreType=JKS; javax.net.ssl.trustStorePassword=password; oracle.net.ssl_server_dn_match=true; oracle.net.ssl_version=3.0

Another problem one may encounter is using an anonymous cipher. Trying to limit ciphers probed during the handshake with the statement:

props.setProperty("oracle.net.ssl_cipher_suites", "(SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_RC4_128_MD5, SSL_DH_anon_WITH_DES_CBC_SHA)");

Effects in the following exception:

Exception in thread "main" java.sql.SQLException: I/O Exception: IBM's Client TrustManager does not allow anonymous cipher suites: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
  at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:421)
  at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:531)
  at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:221)
  at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32)
  at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:503)
  at java.sql.DriverManager.getConnection(DriverManager.java:562)
  at java.sql.DriverManager.getConnection(DriverManager.java:155)
  at OracleSSLTest.main(Test.java:15)
Caused by: javax.net.ssl.SSLHandshakeException: IBM's Client TrustManager does not allow anonymous cipher suites: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
  at com.ibm.jsse2.eb.serverHello(eb.java:199)
  at com.ibm.jsse2.eb.a(eb.java:54)
  at com.ibm.jsse2.db.m(db.java:208)
  at com.ibm.jsse2.db.a(db.java:259)
  at com.ibm.jsse2.jc.a(jc.java:271)
  at com.ibm.jsse2.jc.g(jc.java:403)
  at com.ibm.jsse2.jc.a(jc.java:401)
  at com.ibm.jsse2.j.write(j.java:10)
  at oracle.net.ns.Packet.send(Packet.java:385)
  at oracle.net.ns.ConnectPacket.send(ConnectPacket.java:173)
  at oracle.net.ns.NSProtocol.connect(NSProtocol.java:283)
  at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1042)
  at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:301)
  ... 7 more

IBM documents a way to implement own TrustManager and override the default with SSLContext.init() method for your own code, but it obviously doesn't hit the spot. There is another solution in the documentation that suggests to add the line com.ibm.ssl.skipDefaultTrustManagerWhenCustomDefined=true at the top of the ssl.client.props file and define the custom trust manager with com.ibm.ssl.customKeyManager thereabouts, but it doesn't work for me.

Tuesday, September 1, 2009

Hello world!

Hello indeed.

In the conversations with my colleagues (and in the course of introspection) I realized that the reasons of founding this blog are somewhat fuzzy even to me. The best explanation I came up with — i.e. that it pretends to be homologous to skilful developers' blogs I regulary read — does not satisfy my inner need of exploring the heart of the matter.

So, after fair amount of rumination, I've formulated a short list of things I expect of this investment of time.

Don't get me wrong: I believe that in the field of software development you cannot assume positive expected monetary value from that sort of an investment, unless you are an evangelist or in some another way connected to the vendors of the software you write about. That's the joy, not money, you gain.

Let's face the truth — an employee of an ISV sparsely may tell a good word on the big company's proprietary product. However, there is a tendency to render a pretty positive opinion on an open source solution, where any bugs one may encounter can be fixed by patching the sources. That's not the feature nor quality, but the expectations and possibilities gap that matters. Similarly, the intention of this site is not to replace a pile of documentation written by professional technical writers. It is to present an independent view on the development process; and the knowledge not mean to be arbitrary correct, but open to correction and enhancement.

Through the previous digression I introduced maybe the main topic of this weblog's content. I owe a great debt to all the bloggers and forums' users that led me out of all these hopeless situations, when the stacktraces were dozens lines long and there was no hope. I don't know if it is hacker ethic's knowledge sharing principle, an egocentric will to show off or become influential, evolutionary-coded altruism or feel of guilty. You must go ask my psychotherapist if I'll ever get one. Only thing I know is that I want to quickly google a solution whenever I encounter a problem that's not my fault. So if the solution cannot be found — and I accidentally happen to work it out — I feel obliged to post it.

See, I don't know any country with a software industry employees union, but the profession nevertheless seems to be one of the most corporative.

Besides my findings that I hope will be helpful to the readers (and to myself as soon as I'll start to forget the stuff) I'm going to post my thoughts on books I read, talks I saw, projects worth to be promoted and so forth. Furthermore, I wish I would write something more architecture-level from time to time. That means posts without a LOC.

It would be really cool if there was any feedback, avid discussions in the comments, clever answers to the rhetorical questions I ask, gifts, money, hugs & kisses, but I don't really anticipate any of these, at least initially. I'm not really into this whole 'blogosphere' thing and have never frequently commented on blogs I read. So I won't be suprised if neither do my readers.

I think of programming as of creating aesthetically compelling structures in order to organize some segments of this chaotic matter we are struggling with. This weblog is intended to do the same with the topic of software development, where the phenomena of increasing entropy is visible as nowhere else.