Alice Blog: 7月 2013

2013年7月28日日曜日

Authentication basic knowledge useful link

1.Basic Auth
In the context of an HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name and password when making a request Contents.
HTTP Basic authentication (BA) implementation is the simplest technique for enforcing access controls to web resources because it doesn't require cookies,
session identifier and login pages. Rather, HTTP Basic authentication uses static, standard HTTP headers which means that no handshakes have to be done in anticipation.

Because of this, BA is frequently used where a restricted URL needs to be accessed programmatically, especially from shell scripts or batch files.
As a standard protocol, username and password for BA can be passed in URL, for example:

curl -u user:password -d "source=10001&status=api test" http://api.t.sina.com.cn/update.xml
Learn more, you can refer to:
http://en.wikipedia.org/wiki/Basic_authentication_scheme

2.Federated Authentication
A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.

Related to federated identity is single sign-on (SSO), in which a user's single authentication ticket, or token,is trusted across multiple IT systems or even organizations. SSO is a subset of federated identity management,as it relates only to authentication and is understood on the level of technical interoperability.
Federated identity is best described as:
    Two or more applications that share the same set of users.
    Two or more organizations that share the same set of users.
    Two or more organizations that share an identity provider.
    One organization trusting users from one or more other organizations to access its applications.

Learn more:
http://msdn.microsoft.com/en-us/library/ff359110.aspx
http://www.wikidata.org/wiki/Q912297#sitelinks-wikipedia
http://en.wikipedia.org/wiki/Federated_identity

3.IDP Initiated Federated Authentication
SP Initiated Federated Authentication
IdP（ID Provider）
SP（Service Provider）

Learn more:
http://baike.baidu.com/view/6402108.htm
http://open.weibo.com/wiki/Basic_Auth
http://www.cnblogs.com/QLeelulu/archive/2009/11/22/1607898.html
http://msdn.microsoft.com/en-us/library/ff359110.aspx

2013年7月24日水曜日

SAML

Security Assertion Markup Language (SAML) is an XML standard
that allows secure web domains to exchange user authentication
and authorization data. Using SAML, an online service provider
can contact a separate online identity provider to authenticate
users who are trying to access secure content.

Japanese

http://www.atmarkit.co.jp/ait/articles/0210/02/news002.html

Chinese
http://baike.baidu.com/view/758527.htm
https://www.pingidentity.com/customers/index.cfm
http://www.cnblogs.com/zsuxiong/archive/2011/11/19/2255497.html

English
http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language
SAML Single Sign-On (SSO) Service for Google Apps
https://developers.google.com/google-apps/sso/saml_reference_implementation

2013年7月23日火曜日

java: cannot execute binary file

java: cannot execute binary file
root cause:
you have a 32 bit OS that you are trying to run a 64 bit build.
If your OS was 64 bit, you would see x86_64 instead of i686.

Other information:
If you want to see OS info, you can try following command.
1.# uname -a
[oracle@cdcXXX2 bin]$ uname -a
Linux cdXXX62.##.oracle.### 2.6.32-100.28.5.el6.x86_64 #1 SMP Wed Feb 2 18:40:23 EST 2011 x86_64 x86_64 x86_64 GNU/Linux
So,This is 64 bit OS

2.#uname -a
[oracle@cdcXXX1 bin]$ uname -a
Linux cdcjp61.cn.oracle.com 2.6.18-128.el5PAE #1 SMP Wed Dec 17 12:02:33 EST 2008 i686 i686 i386 GNU/Linux
So,This is 32 bit OS

2013年7月17日水曜日

OAuth

What is OAuth?
OAuth is an authentication protocol that allows users to approve application to act on their behalf without sharing their password.

Introducing OAuth 2.0
OAuth 1.0 was published in December 2007 and quickly become the industry standard for web-based access delegation. A minor revision (OAuth 1.0 Revision A) was published in June 2008 to fix a security hole. In April 2010, OAuth 1.0 was published as RFC 5849.
OAuth 2.0 is a completely new protocol and is not backwards compatible with previous versions. However, it retains the overall architecture and approach established by the previous versions, and the same introduction (from the Official Guide to OAuth 1.0) still very much applies.

Learn More:
English:
http://developer.eventbrite.com/doc/authentication/oauth2/
https://dev.twitter.com/docs/auth/oauth/faq
http://hueniverse.com/2010/05/introducing-oauth-2-0/
OAuth 2.0 Spec (Core/Classic) - http://tools.ietf.org/html/rfc6749
OAuth 2.0 Assertion Framework Spec - http://tools.ietf.org/html/draft-ietf-oauth-assertions-11
OAuth 2.0 JWT Assertion Profile Spec - http://tools.ietf.org/html/draft-ietf-oauth-jwt-bearer-05
JSON Web Token (JWT) Main Spec - http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-08
Javascript Object Signing & Encryption (JWT Related) - http://datatracker.ietf.org/wg/jose/

Japanese:
http://gihyo.jp/dev/feature/01/oauth/0001
http://developer.yahoo.co.jp/yconnect/
http://www.atmarkit.co.jp/fsmart/articles/oauth2/01.html
https://developers.google.com/accounts/docs/OAuth2Login?hl=ja
http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com
http://wiki.developerforce.com/page/JP:Digging_Deeper_into_OAuth_2.0_at_Salesforce.com
http://msdn.microsoft.com/ja-jp/library/live/hh243647.aspx

Chinese:
http://www.cnblogs.com/highend/archive/2012/07/05/oauth2_introduced.html

HTML5 Related knowledge

1.What kind of HTML dev do you think you are?
HTML5 is the ubiquitous platform for the web, and is Web Applications 1.0. Whether you're a mobile web developer, an enterprise with specific business needs, or a serious game dev looking to explore the web as a new platform,
HTML5 has something for you! and it is important to see HTML5 can cross platform.

HTML5 introduces elements and attributes that reflect typical usage on modern websites. Some of them are semantic replacements for common uses of generic block (<div>) and inline (<span>) elements, for example <nav> (website navigation block), <footer> (usually referring to bottom of web page or to last lines of HTML code), or <audio> and <video> instead of <object>.

2.HTML5 New Tag
onabort, onbeforeunload, oncontextmenu, ondrag, ondragend, ondragenter, ondragleave, ondragover, ondragstart, ondrop, onerror, onmessage, onmousewheel, onresize, onscroll, onunload。
For details, you can refer to following:
https://developer.mozilla.org/ja/docs/Web/Guide/HTML/HTML5/HTML5_element_list

3.HTML5 Demo
There is HTML5 Demo.
http://html5demos.com/

4.HTML5 TEMPLATE GENERATOR
You can access following url, and have a try.
http://mizzz.jp/tg/

5.HTML5 LABS
http://html5labs.interoperabilitybridges.com/

6.HTML5 Sample
http://ayuta.co.jp/material/html5.html
For Example:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8"></meta>
<script type="text/javascript">
var video;
function init() {
    video = document.getElementById("video1");
    video.addEventListener("ended", function() {
      alert("Play end");
    }, true);
}
function play() {
    video.play();
}
function pause() {
    video.pause();
}
function fastforward() {
    video.playbackRate += .2;
}

</script>
</head>
<body onload="init()">
<video id="video1" controls width="400">
<source src="http://upload.wikimedia.org/wikipedia/commons/a/a5/20090124_WeeklyAddress.ogv" type="video/ogg">
</video><br/>
<button onclick="play()">Play</button>
<button onclick="pause()">Pause</button>
<button onclick="fastforward()">FastForward</button>
</body>
</html>

7.Other useful knowledge for mobile web developer
Following is mobile app and desktop app current market situation.

(From Cross Platform Mobile Development--Looking beyond the HTML5 Hype by Colin Eberhardt)
Why CROSS PLATFORM?
iPhone--Objective-C
BlackBerry - Java+BlackBerry APIs
Android -- Java+Android APIs
Windows Phone--C#/Silverlight

8.Slide
http://slides.html5rocks.com/#landing-slide

9.Differences from HTML4
https://rawgithub.com/whatwg/html-differences/master/Overview.html

Learn More:
http://www.html5rocks.com/en/
http://www.whatwg.org/specs/web-apps/current-work/multipage/introduction.html#is-this-html5?
https://developer.mozilla.org/ja/docs/Web/HTML/HTML5?redirectlocale=ja&redirectslug=HTML%2FHTML5
http://www.atmarkit.co.jp/ait/articles/1309/05/news042.html

2013年7月9日火曜日

ADF Mobile Development Useful Course Link

1.ADF Academy - Oracle ADF Mobile course
http://download.oracle.com/otn_hosted_doc/jdeveloper/academy/Developing%20Applications%20with%20ADF%20Mobile/player.html

2.ADF Mobile: Development demostration(Building a basic Mobile Application)
http://www.youtube.com/watch?v=WSTi44Froo8
This tutorial discusses about building a basic mobile application using JDeveloper.
Include deploying app on to real Android/iOS devices, and deploying the application to emulators.

3.Oracle ADF Mobile Demo for Developing Hybrid Mobile Applications
Key benefits and features of Oracle ADF Mobile for developing hybrid mobile applications across multiple device platforms.
http://www.youtube.com/watch?v=XWyPP55dZLU

4.Configuring your ADF Mobile development environment for Android
ADF Mobile allows you to rapidly develop applications for Android devices.
In this ADF Insider Essentials video you will learn how to see up your environment for developing ADF Mobile applications
http://www.youtube.com/watch?v=UbxyjmLxIII

5.Logging on Android for Oracle ADF Mobile
Setting up and seeing log messages for your ADF Mobile application on Android.
http://www.youtube.com/watch?v=5yyY7_U6GgY

6.Integrating the device services
Integrating the Camera - http://youtu.be/o6fBW5ZIBgI
Integrating Email - http://youtu.be/D16DGMAn8xg
Integrating SMS - http://youtu.be/qXsNfsabPuQ
Integrating the GPS - http://youtu.be/C-yHYvH7wYs
Working with Contacts - http://youtu.be/kpkJDeRH2ys

7.Oracle Forms to ADF Mobile with OraPlayer
Deploying Oracle Forms to iPhone, using ADF mobile, in a few simple steps.
http://www.youtube.com/watch?v=Xh-sNRX9LkU http://www.youtube.com/watch?v=Xh-sNRX9LkU

8.ADF Mobile WebCenter Content Simple Example
Facilities to develop user interfaces that are accessible on mobile devices – leveraging middleware services.
Mobile apps for WebCenter Spaces, OBI EE, WebCenter Content.
http://www.youtube.com/watch?v=xat6klSbZYE

9.Web Service with Complex Parameter in ADF Mobile
Many of the SOAP based web services out there have parameters of specific object types - so not just simple String/int inputs.
The ADF Web service data control makes it quite simple to interact with them. And this applies also in the case of ADF Mobile.
https://blogs.oracle.com/shay/entry/calling_web_service_with_complex

10.Calling REST services from an ADF Mobile Application
http://www.youtube.com/watch?v=HOesFpjBz2M
REST services are one of the primary mechanisms for communicating with server-side business logic from a mobile application.
In this ADF Insider video Grant Ronald, Director of Product Management at Oracle, explains how you can call REST services from an ADF Mobile application.

11.Using the Local Database
Using the Local Database - ADF Mobile Insider Essentials
http://www.youtube.com/watch?v=-XzE1n_j5Nc&feature=youtu.be

12.Accessing Secured Web Services from ADF Mobile
How to configure security for an ADF Mobile application and how to configure a secured Web service data control.
http://www.youtube.com/watch?v=rk5om3o3Pas

Cloud Computing Service Knowledge

What is Cloud computing?
Cloud computing is a colloquial expression used to describe a variety of different computing concepts that involve a large number of computers that are connected through a real-time communication network (typically the Internet).
Cloud computing is a jargon term without a commonly accepted non-ambiguous scientific or technical definition. In science, cloud computing is a synonym for distributed computing over a network and means the ability to run a program on many connected computers at the same time. The popularity of the term can be attributed to its use in marketing to sell hosted services in the sense of application service provisioning that run client server software on a remote location.
Following is cloud computing logical image.

What is SPI model (SaaS, PaaS, IaaS)？
SPI is an acronym for the most common cloud computing service models---Software as a Service, Platform as a Service and Infrastructure as a Service.

Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.
SaaS is becoming an increasingly prevalent delivery model as underlying technologies that support Web services and service-oriented architecture (SOA) mature and new developmental approaches, such as Ajax, become popular. Meanwhile, broadband service has become increasingly available to support user access from more areas around the world.
SaaS is closely related to the ASP (application service provider) and on demand computing software delivery models. IDC identifies two slightly different delivery models for SaaS. The hosted application management (hosted AM) model is similar to ASP: a provider hosts commercially available software for customers and delivers it over the Web. In the software on demand model, the provider gives customers network-based access to a single copy of an application created specifically for SaaS distribution.
Benefits of the SaaS model include:

easier administration
automatic updates and patch management
compatibility: All users will have the same version of software.
easier collaboration, for the same reason
global accessibility.

The traditional model of software distribution, in which software is purchased for and installed on personal computers, is sometimes referred to as software as a product.

Platform as a Service (PaaS) is a paradigm for delivering operating systems and associated services over the Internet without downloads or installation.
Platform as a Service (PaaS) is a way to rent hardware, operating systems, storage and network capacity over the Internet. The service delivery model allows the customer to rent virtualized servers and associated services for running existing applications or developing and testing new ones.
Platform as a Service (PaaS) is an outgrowth of Software as a Service (SaaS), a software distribution model in which hosted software applications are made available to customers over the Internet. PaaS has several advantages for developers. With PaaS, operating system features can be changed and upgraded frequently. Geographically distributed development teams can work together on software development projects. Services can be obtained from diverse sources that cross international boundaries. Initial and ongoing costs can be reduced by the use of infrastructure services from a single vendor rather than maintaining multiple hardware facilities that often perform duplicate functions or suffer from incompatibility problems. Overall expenses can also be minimized by unification of programming development efforts.
On the downside, PaaS involves some risk of "lock-in" if offerings require proprietary service interfaces or development languages. Another potential pitfall is that the flexibility of offerings may not meet the needs of some users whose requirements rapidly evolve.

Infrastructure as a Service (IaaS) involves outsourcing the equipment used to support operations, including storage, hardware, servers and networking components.Infrastructure as a Service is sometimes referred to as Hardware as a Service(HaaS).
Infrastructure as a Service is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components.
The service provider owns the equipment and is responsible for housing, running and maintaining it.
The client typically pays on a per-use basis.
Characteristics and components of IaaS include:

Utility computing service and billing model
Automation of administrative tasks
Dynamic scaling
Desktop virtualization
Policy-based services.
Internet connectivity

The increasing selection of services delivered over the Internet is sometimes referred to as XaaS.
Following is SaaS,PaaS,IaaS relation chat.

What is XaaS (anything as a service)?
XaaS is a collective term said to stand for a number of things including "X as a service," "anything as a service" or "everything as a service." The acronym refers to an increasing number of services that are delivered over the Internet rather than provided locally or on-site. XaaS is the essence of cloud computing.
The most common examples of XaaS are Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). The combined use of these three is sometimes referred to as the SPI model (SaaS, PaaS, IaaS). Other examples of XaaS include storage as a service (SaaS), communications as a service (CaaS), network as a service (NaaS) and monitoring as a service (MaaS).

Following the convention of pronouncing "SaaS" as "sass," "XaaS" is sometimes pronounced as "zass."

What is Oracle Cloud?
Following is Oracle Cloud products for each layer(SaaS, PaaS, IaaS), including Fusion Applications(red section) and Social Services.

2013年7月6日土曜日

java.lang.OutOfMemoryError:GC overhead limit exceeded

Error log:
java.lang.OutOfMemoryError:GC overhead limit exceeded
at java.lang.String.replace(String.java:2021)
at weblogic.utils.classloaders.CodeGenClassFinder.getClassSource(CodeGenClassFinder.java:24)
at weblogic.utils.classloaders.ChangeAwareClassLoader.upToDate(ChangeAwareClassLoader.java:107)
at weblogic.servlet.internal.FilterWrapper.needToReload(FilterWrapper.java:120)
at weblogic.servlet.internal.FilterWrapper.checkForReload(FilterWrapper.java:101)
at weblogic.servlet.internal.FilterWrapper.getFilter(FilterWrapper.java:41)
at weblogic.servlet.internal.FilterChainImpl.add(FilterChainImpl.java:35)
at weblogic.servlet.internal.FilterManager.getFilterChain(FilterManager.java:255)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3727)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
SUBSYSTEM = HTTP USERID = <WLS Kernel> SEVERITY = Error THREAD = [ACTIVE] ExecuteThread: '11' for queue: 'weblogic.kernel.Default (self-tuning)' MSGID = BEA-101020 MACHINE = cdcjp62.**.oracle.** TXID = CONTEXTID = 0124868f65b997e9:-6942af24:13fadf1d49d:-8000-0000000000001714 TIMESTAMP = 1373067991979
WatchAlarmType: AutomaticReset
WatchAlarmResetPeriod: 30000

Root Cause:
This issue is seen with all version of WLS 10.3 and above when running with JDK1.6 with all fix packs.
java.lang.OutOfMemoryError:GC overhead limit exceeded -
Indicates that due to some reasons the garbage collection is taking an excesive amount of time.
Parallel collector will throw java.lang.OutOfMemory if much time is spent on GC. If more than 98% of time is spend in GC and less than 2% of hep is recovered an java.lang.OutOfMemoryError is thrown

Solution: (Workaround)
This java.lang.OutOfMemoryError:GC overhead limit exceeded can be avoided by diadabling the GC overhed feature in JDK 1.6 by using this argument to start scripts
-XX:-UseGCOverheadLimit.

登録: 投稿 ( Atom )