Have you seen Watcher?

By
Hani Atalla
on June 16, 2009 Comments (3)

So you, the Plumtree / AquaLogic / WebCenter admin, get a call from a user indicating that Collab email notifications are not being sent (a plausible symptom that the Collab Notification service is in "stopped" status), or that Publisher is not responding (an indication that the Publisher service might also be down), alternatively Portal searches yielding no results (a sign that the search server is down) ... the issues that a Portal admin can encounter are just myriad.

 

Ideally, we shouldn't be notified from our users that an issue has occurred.  Granted there are a number of monitoring software in the market; e.g. Microsoft Operations Manager that monitors disk space, memory and CPU utilization, among other tasks, presenting the results in console like dashboards, yet we haven't seen a monitoring software dedicated to guarding a Portal deployment alerting its admin staff of potential issues.  Hence, the impetus for Watcher, a software monitoring tool dedicated to watch a Portal installation.

 

Watcher is created to run different types of monitors (currently 10 different rules) for a typical Portal install; these include:

 

1.      "Service" monitor to check if a particular daemon service has stopped and it attempts to restart it.

2.      "File Size" monitor to check if log files have reached a particular threshold size and ensure that the Portal admin is alerted if the size is within a predefined threshold.

3.      "Disk Size" monitor to check if a hard drive has reached a certain threshold size.

4.      "Directory Size" monitor to check the size of a folder.

5.      "File Text" monitor to check if a specific text string has occurred within a log file.  That can be useful to skim through a log file and search for a particular error string.

6.      "HTTP" monitor to check that the Portal URL is responsive and is returning a response within a given time threshold and that the HTTP request status code is 200 (OK).

7.      "Ping" monitor to ping a given host and ensure that the host is reachable within a given time threshold.

8.      "TCP" monitor to telnet a given host and send a command and parse the response.

9.      "Database" monitor to send different SQL statements and validate the result again specific thresholds; e.g. number of records in the ptUsers table should not be less than an "x" number thus indicating that the Active Directory Web Service has successfully executed.

10.  "Search Server" ensuring that all search nodes are in "Run" state.

 

The Watcher architecture is comprised of three components:

 

1)      A lightweight agent deployed as a service with a low footprint in terms of CPU and memory utilization running different monitors that can are configured as needed; i.e. different types of rules.

2)      A server console that receives the monitoring results from the different agents via HTTP requests.

3)      A notification service that alerts the admin of issues if a particular issue or threshold is encountered.

 

Watcher is shipped with preconfigured rules that can be further tailored as needed.  It can also be configured to monitor non Portal related services, database instances, hosts, URLs, etc.

 

To receive further information or schedule a demo, please contact us at info@function1.com

 

 

Thanks.

 

Hani

 

Known limitations with the Web Center Interaction

By
Vasanth Manikumar
on June 10, 2009 Comments (0)

Hey all!

Over the last few months, I've had 2 customers run into 2 separate limitations with the Oracle Web Center Interaction(WCI) product, namely in version 6.1 MP1.  The first of the two cases I had run into previously, so that prompted the idea for this post to share and build a running list of these limitations.  The second of the 2 cases led me to dig deeper to find the reason for these constraints.  What are these limitations you ask?

Well for example, if you're working with ALUI 6.1MP1, did you know that the maximum number of pages created within a community is 25?  Or that a community cannot be created within a folder more than 10 levels deep?

Some of you may be thinking: why would you want to create more than 25 pages.  In my customer's case, their requirement was to have more than 25 pages organized within a community but have the majority of the pages hidden in the navigation.

These fixed values are actually hard-coded in the portal server library (a.k.a plumtreeserver), which I coincidentally covered in my last post.  In particular, it's in the com.plumtree.server.PT_SERVERCONSTANTS class.  It seems as if Oracle is moving towards getting rid of some of these unnecessary constraints.  For example, the constraint on the number of community pages has been removed in 10gR3.  If you're on an earlier version or if you hit another similar limitation, you have 2 simple choices but only one is a viable long term one.  The first option would be to decompile the classes in the plumtreeserver.jar (or DLL for the .Net portal), modify the settings and rebuild the library.  However, this option is not ideal as this would complicate product upgrades and Oracle support contracts.

The best approach is to try to look for some other workaround for these constraints.  For the second limitation with admin folder levels, this still remains in 10gR3.  One possible solution is to create a flatter taxonomy so that more subcommmunity levels can exist.  If this isn't feasible or no other options are available, you may be faced with replacing the fixed value in the portal server library.  Again, we advise you do this only with extreme caution.  Please contact us if you'd like more information.

The initial idea behind this article was not the workarounds, but to create a running list of these "hardcoded" limitations within the WebCenter Interaction product stack and the respective workarounds.  I've started the list off, but please post your comments on other limitations that you have run into along with any solutions.  I'll be updating this post with all of the comments, so please submit any that you have found even if a workaround wasn't.


Portal Limitations

Limitation
    Workaround
Cannot create more than 25 pages within a community (in ALUI 6.1 MP1 or earlier)
    Create the pages in another community and move them into the target community.
Maximum number of MyPages is 6    None found yet!
Communities cannot be created within a folder which is "10 deep"    Restructure the taxonomy to gains some levels back
Maximum length for the name of a document in the knowledge directory is 255 characters
    None found yet.
Maximum folder level in the Knowledge Directory is 28    Restructure the knowledge directory taxonomy when the limit is reached.



thanks,

Vasanth

Oh ALBPM, why you gotta go and load images like 'dat?

By
Brian Hak
on May 19, 2009 Comments (0)
Howdy all.  Hope the nice weather is finding happy, healthy, and allergy free. As we were doing spring ALBPM house-keeping with a client the other day, we stumbled upon a bit of a problem with the way that BPM loads some images.  This led us to go digging into how the ALBPM->Portal integration works.  And anytime I get a reason to dig into the guts of software, it usually ends up as a blog post....hope you enjoy.

Cliff Notes if you don't want to ready my wordy explanation

  • The BPM->Portal integration makes use of the old Plumtree OpenControls libraries
  • Out of the box, the OpenControls libraries in use with the BPM->Portal integration are configured to go all the way back to the BPM container to load static files (images, js, css, etc) on every request to the portlet-ized BPM workspace.
  • There are a bunch of static files that get loaded every time you hit the BPM workspace.  The net result is that the BPM portlets are slower to render than they should be.
  • There's a servlet filter configured in the BPM workspace web.xml to cache static files on the client, but it doesn't seem to work.
  • You can force Open Controls to load images from a webserver of your choice (i.e. the portal image server where you presumably having caching set up) by adding the following entry to $BPM_HOME/enterprise/webapps/workspace/WEB-INF/web.xml
<context-param>
<param-name>com.bea.opencontrols.IMAGESERVER_URI</param-name>
<param-value>http://your.imageserver.url/bpmContext</param-value>
</context-param>

  • You'll also need to copy the following directory into your bpmContext folder of your imageserver:
$BPM_HOME/enterprise/webapps/workspace/opencontrols/plumtree

  • Bounce the BPM workspace after making the changes above and you should see a marked improvement in workspace performance

For the masochists amongst you, the long-winded explanation

First, a "Did you Know" on the BPM->Portal integration

  • Did you know that the BPM->Portal integration was originally written by Plumtree way back when as a way to bolt Fuego BPM into the Plumtree Portal?  This original codebase is still more or less intact, and is still used for the integration today.
  • Did you know that the BPM->Portal integration is built in Java and uses Java Server Faces (JSF)?
  • Did you know that the BPM->Portal integration also makes use of the somewhat dated Plumtree  OpenControls libraries?
  • Did you know that the code for the standalone BPM web-based client is a lot cleaner than the BPM->Portal integration?
  • Did you know that there are servlet filters configured on the BPM Workspace that should do neato stuff like caching and compression auto-magically?  
OK, so the whole "Did you know" thing is a bit of stretch, and really just a vehicle to give you background on the issue we were researching.  So....

The Issue We Were Researching
It turns out that, out of the box, the portlet-based BPM workspace doesn't handle some images too smartly.  Specifically, on every UI request, there are a bunch of static images that get reloaded all the way from the embedded Tomcat server that runs the BPM workspace.  Now, everybody and their brother knows that it's just good common sense to cache images, so what gives?  Welp, let's start at the very beginning and see.  After users reported slow-loading images in the BPM workspace, we used one of the best tools known to mankind to take a look all the HTTP requests being made on page load:


bpm_broken.png

As the lovely highlighting above points out, some images in the workspace are getting loaded from the portal imageserver, and are being appropriately cached in the client browser.  We know they're being cached by that handy-dandy 304 HTTP status code.  But what's up with all these requests for images and javascript files with HTTP status code 200 (i.e. going back to the server to successfully load a static file on every page invocation)?  And why do all those URLs end with "WebResource.resource?r=foo"?  Blasphemy!  Time to do some poking around and set things straight.

How we researched the issue
This is the section of the blog post where I take you deep inside the black art of tearing apart a web application and making educated guesses to arrive at a testable hypothesis.  Strap in for a non-stop thrill ride.

Anytime I'm faced with a black box type problem (i.e. there's something going wrong with a piece of commercial software to which I don't have the source code), I more or less go through the following checklist:

  • Is this something I've seen before?
  • Is this something that somebody else has seen before?
  • Is it going to be more painful to open a support ticket on this than to just figure it out myself?
  • What do I know about the inputs and outputs of the black box?
  • What do I know about how the application is built?
  • How can I tear the application apart to learn something useful?

In this case, we were looking at a problem that we'd never noticed before, nor could we figure out a way to ask the interwebs if anybody else had seen it before.  I was pretty sure that going through the process of working a support ticket was going to be more painful that just fixing the problem (besides, what fun is working with support when you can break into the guts of a system?), so I asked myself, "What do I know about the inputs and outputs of the black box"?

  • Input -> HTTP Request to a web page that loads multiple static files and some dynamic content
  • Desired output -> Cached static content
  • Actual output -> Non-cached static content 

Then I thought about what I know about how the application is built:

  • Java
  • Web application
  • JSF

Finally, how can I tear the application apart to learn something useful:

  • Look at the inputs (i.e. look at the URLs being requested)
  • Look at the web.xml and other configuration files of the application to see how everything is glued together
  • Decompile the source to see what the hell is going on

So off we went.  The starting point in our maze was to take a good look at the problem image requests (Warning: I'm going to get all stream of consciousness on you here...welcome to my troubled world)

https://portal.foo.com/gateway_noise/bpm_portlet_server:123/workspace/jsf/menu/WebResource.resource?r=/a/path/to/an/image.gif

Let's strip that down to look at the real interesting stuff:

bpm_portlet_server:123/workspace/jsf/menu/WebResource?r=/a/path/to/an/image.gif

OK, I know that I should probably be logging onto the bpm_portlet_server box and figuring out what's listening on port 123.  What do you know, it turns out that there's a Tomcat instance listening on port 123 - that's nice.

bpm_portlet_server:123/workspace/jsf/menu/WebResource?r=/a/path/to/an/image.gif

Looks like the name of the web app running on that Tomcat instance is workspace.  Maybe there's a WAR file or something sitting around that I can play with.  Let me take a look in the Tomcat webapps directory on bpm_portlet_server.  Hmm, nothing here...WTF?  Ah, but I know that this is a special Tomcat server that's configured all crazy-like because it's embedded with the ALBPM distro. Let me poke around in the ALBPM directories to see if there's anything interesting there.  Well how's about that, there's a directory at $BPM_HOME/enterprise/webapps named "workspace".  Seems like this might be useful.  Let's take a look.  OK, there's no WAR file here, but I do see a WEB-INF directory, guess they're just deploying an exploded WAR to the Tomcat server.  Let's see open up the web.xml and see how this thing is configured:

bpm_web_xml.png

Well that was pretty useless.   Except...hmm...what's this:

bpm_servlet_filter.png

Looks like there's a servlet filter configured that should be caching the images.  Let me just decompile that guy real quick and see what he's doing:

bpm_filter_source.png

What the hell?  This thing should looks to be setting the cache expiration.  Let me go back to  Firebug and see what the max-age is on the images I'm loading:

Max-age=0

WTF?  I guess the portal gateway is somehow stripping off the cache headers for this image. Why don't we just hit the web-app directly to see if the portal is screwing with the headers.  Back to browser/Firebug pointed at:

http://bpm_portlet_server:123/workspace/jsf/menu/WebResource?r=/a/path/to/an/image.gif

<Reload a few times>
<Look at FireBug to see cache headers>

Max-age=0

WTF?!?!?!  OK, guess that servlet filter isn't working right - that's annoying.

Let's take a look at that web.xml again...

bpm_web_xml.png

Yep..still noise.  Time to start randomly looking around in directories in the workspace web application.

<cd $BPM_HOME/webapps/workspace/jsf/>
<Look around at a million different files that aren't very insteresting>
<Stumble upon .../workspace/jsf/view/viewPresentationNormal.xhtml>

OK, this looks somewhat useful.  Looks like it's building the BPM inbox.  Let's pay attention to this file.  It includes viewPresentationPanel.xhtml...let's open that up.  OK, this guy is rendering a table.  The BPM inbox table has images that aren't getting loaded correctly.  Let's zero in here.  OK, including yet another file...

<Open viewTableCell.xhtml>

Hmm, this guy is including a ton of stuff that look like low-level building blocks for a table cell.  I think that the attachment gif was rendering incorrectly, so let's look at the attachment file it's including: instance/hasAttachments.xhtml

And....

wait for it....

wait for it...

BINGO.   

sort of.

hasAttachments.xhtml is definitely interesting, if only because of this line:

fn:getImage('ATTACHMENT_ICON')

OK, so we've finally managed to dive down to the where the app is making calls to get images. <Quick timeout to pat myself on back and IM friends a steady stream of profanities about how ridiculously ALBPM is built>.  Now, that fn: prefix is a tag libarary.  Let's see what taglib is being used.  Obviously that stupid taglib isn't included in hasAttachments.xhtml, that would be too simple.  So backtrace through the xhtml files until we get to viewPresentationPanel.xhtml which includes that line:

xmlns:fn="http://bea.com/bpmWorkspace/functionsLibrary

Now to find where the actual code for this taglib lives...BACK to web.xml

bpm_web_xml_highlighted_001.png

Yep, still noise.  Except for:

/WEB-INF/facelets/bpmWorkspace.taglib.xml

Who am I to stop now?  Let's open up bpmWorkspaceLibrary.taglib.xml

OK, the class file backing the tag library is:

fuego.workspace.jsfcomponents.FacletsFunctionLibrary

Off to WEB-INF/classes to see if we can find the class file.  Nope, not there.
Never fear, WEB-INF/lib, here we come.  Tons of jar files here...awesome.  Oh well, seems likely that the jsfcomponent classes are probably in fuego.jsfcomponents.jar.

jar -xvf fuego.jsfcomponents.jar

Yep, there're a bunch of class files that look useful in that there jar file.  Time to start decompiling.  

Note:  At this point I'm going to spare you the horror of walking through the next hour or so where I decompiled a ton of class files.  The upshot is that I ended up at a dead end.  The images loading from these tag libraries were the ones that were loading correctly all along.

WTFFFFFFFFFFFFFF@@!F!!!!!!!!!>>???!?!?!??????????111!!!!!!!!!!!!

<Take another break to tell friends on IM that I'm quitting my job to go pursue my lifelong dream of being a garbage man>

Back to troubleshooting now.  I notice in the xhtml files that there are also some calls that look like:

oc:someMethod

So let's see what the oc: tag library is all about.  ViewPresentationNormal.xhtml was nice enough to include the line:

xmlns:oc="http://bea.com/opencontrols"

Back to our old friend web.xml.

bpm_web_xml.png

Surprisingly, still useless.

Let's just go look for some jar file in the WEB-INF/lib directory that looks like it probably contains the opencontrols:  

jar -xvf opencontrols.jar

Yeah, there's a bunch of stuff there, but it's just the standard Plumtree open controls code...I know I don't want to look at that.  Meh, maybe there are some more interesting jar files in here that I can blindly look into:  fuego.workspace.jar you say?  OK, let's open it up.

jar -xvf fuego.workspace.jar

Hmm, there are a bunch of renderer classes in here.  Let's decompile one and have a little looksy.  

jad workspace/jsfcomponents/WorkspaceTableRender.class

Let's see if the decompiled source is doing anything with images:

grep -i image WorkspaceTableRender.jad

Nothing

IMG maybe?

grep -i img WorskpaceTableRender.jad

BINGO.  For reals this time.

table_renderer.png

Hey, that line that says:

String urlBase = "/plumtree/common/private/opencontrols/image/table";

Sure looks a lot like the problem URLs I was seeing back in Firebug.  Let's see how these URLs are getting built.  Looks like something's going on in XPResourceRequest.  I suppose we're going to have to decompile that file too.

jad com/bea/opencontrols/XPResourceRequest

The WorkspaceTableRender code is calling the GetReference method on XPResourceRequest, let's hone in there:

xpresource1.png

Hey, there's the "r=" that that I see on the bad image request URLs in Firebug.  I must be in the right place.  Let's look at some more code here:

xpresource2.png

AH-HA.  I OWN YOU BPM.  I AM SO THE BOSS OF YOU!

So I bet if we just add an initialization parameter to that useless web.xml file that tells BPM and Open Controls to use the image server for loading images, everything will work.

BACK ONE LAST TIME to web.xml to add:

<context-param>
<param-name>com.bea.opencontrols.IMAGESERVER_URI</param-name>
<param-value>http://your.imageserver.url/bpmContext</param-value>
</context-param>

web.xml - No Longer Useless!!!

Bounce the BPM Workspace.  Reload the page a few times.  Look at the images in Firebug, and, viola!  They're all being loaded from the imageserver, and they're all being cached.  And hey, the BPM workspace sure does seem to be chugging along faster than it was before.  


bpm_fixed.png


The end.



OK, not really the end.  A quick summary
Look, I know the whole previous section was just a bunch of rambling to 99.99% of you out there.  But I wrote it that way on purpose, because it's a pretty accurate account of how a lot of debugging/trouble-shooting gets done when you're dealing with COTS software.  You don't have the application source to definitively know what the code is doing.  So you have to look for clues and follow educated guesses.  Sometimes those clues are red herrings and lead to dead ends.  But if you unravel enough thread, you eventually get down to the crux of the problem.  It just takes time, patience, and a good understanding of how applications are built and put together.

Editors Note
You'll may have noticed that I referred to "we" several times in the text above.  No, I haven't started referring to myself in the royal third.  I actually had a partner in crime for some of this debugging exercise.  Some of you may know him as Howard, some of you might refer to him as Ross, but I just call him HRoss.  In any case, he's one of the best portal consultants still working directly for Oracle.  So if you're still shelling out the big bucks for an Oracle consultant (rather than a more reasonably priced alternative *cough* Function1 *cough*), ask for him by name.

Tech folks Only
Are you a non-techie trying to read this section?  Seriously?  Didn't you read the header?  Ugh, I'll wait...

....


...


...

OK, now that all the non-geeks are gone.  Remember that time two paragraphs ago when I said I wrote that whole stream of consciousness/rambling debugging section the way I did to make a point?  Well I did, it's just that the point was really that I hoped some of you guys could relate to the experience/thought process...I hope you did.  And hey, even if you didn't; the next time somebody asks you what you do for a living and you don't feel like getting into it, just point them to this post...I'm pretty sure they won't ask you again.

Import Content into Publisher

By
Hani Atalla
on April 22, 2009 Comments (7)

These are exciting times with Aqualogic (ALI) and its direction as a Portal technology after Oracle's acquisition of BEA Systems.  Some of our ALI clients have decided to migrate off ALI's Content Management System (CMS), Publisher, and adopt a different platform; e.g. Adobe Contribute. While others are embracing the new Portal CMS Web Center Interaction stack, more specifically, Universal Content Management (UCM) as a Publisher alternative as they migrate from their existing CMS; e.g. Dynamic Site Framework. Each organization has its unique set of requirements and IT governance that define its decision.  But, under any circumstances, the task of migrating content into Publisher or out of Publisher doesn't have to be a manual or laborious task. 

Since the Portal's inception during Plumtree days, a set of APIs were provided to programmatically interact with the underlying Portal objects.  The API's name might have changed through the product's evolution - Enterprise Development Kit 5.x (EDK) during Plumtree days, Interaction Development Kit (IDK) 6.x during the portal's short lived years with BEA and it seems that Oracle will retain the IDK name as it just prefixed it with "Oracle WebCenter" and just changed the version numbering to 10.x Yet, the concept remains unchanged: a set of interfaces for Portal objects - portlets, documents, projects, folders, communities, security groups, etc.)

With that said, we compiled a high level example of how to programmatically import content items from an external CMS to UCM/Publisher. In a subsequent example we will address how to export content items from Publisher/UCM to HTML and then load these to a target CMS while leveraging its intrinsic API set.

//initially we want to establish a remote session to the portal where soapConnectionURL is web service end point
IRemoteSession remoteSession = RemoteSessionFactory.getExplicitLoginContext(
new URL("http://YourPortalserver/ptapi/services/QueryInterfaceAPI"), yourUserName, yourPassword);
IContentFactory contentFactory = remoteSession.getContentFactory();


// get the required publisher object managers from IContentFactory
folderManager = contentFactory.getFolderManager();
contentItemManager = contentFactory.getContentItemManager();
propertyManager = contentFactory.getPropertyManager();
presentationTemplateManager = contentFactory.getPresentationTemplateManager();
dataEntryEntryTemplateManager = contentFactory.getDataEntryTemplateManager();

// create a text property to store HTML content
ITextBlockProperty textBlockProperty = propertyManager.createTextBlockProperty("htmlTextProperty", "htmlText");
IFolder folder = folderManager.getFolderByPath(targetFolderPath");

// create a presentation template that would use the html property
String templateText = "htmlTextProperty=<pcs:value expr=\"htmlTextProperty\">unset</pcs:value>\n";
IPresentationTemplate presentationTemplate = presentationTemplateManager.createPresentationTemplate(folder, "Presentation Template", templateText);
presentationTemplate.store();

// create a data entry template and attach the newly created presentation template
IDataEntryTemplate dataEntryTemplate = dataEntryTemplateManager.createDataEntryTemplate(folder, "Data Entry Template");
dataEntryTemplate.addProperty(textBlockProperty);
dataEntryTemplate.attachPresentationTemplate(presentationTemplate);
dataEntryTemplate.store();

//create a content item and set the rich/block text property with the HTML from the source CMS
IContentItem contentItem = contentItemManager.createContentItem(folder, "contentItemNameGoesHere", dataEntryTemplate);
textBlockProperty.setTextBlockProperty("Hello <strong><font color=\"#000000\">World</font></strong>");
contentItemManager.checkInItem(contentItem, "Initial checkin.");

// publish the content item
contentItemManager.publishContentItem(contentItem);

 

The above code sample is a draft for how you can upload an HTML string from a separete CMS into Publisher as a content item, some of these method calls should be refactored outside the main method since, more likely, you'll be looping through the source CMS content repository. Feel free to ping us if you have any questions.

 

Thanks.
 

PTSpy log messages linked to ... hair loss?

By
Vasanth Manikumar
on April 13, 2009 Comments (1)

For the past few years, researchers have been perplexed about the causes behind the increased rate of hair loss in ALUI portal administrators.  So, a team from Function1 took on the task of tracking these subjects for a few months and recorded the findings.  One of the interesting things discovered was that the cause was not genetic or gender-specific in most cases.  It was actually the simple explanation of the subjects repeatedly pulling on their hair while investigating problems with the portal.

 

pulling-out-hair_Full.jpg

For instance, the team observed one of the subjects being told that an issue with document refresh needs to be resolved right away.  For the sake of research confidentiality, we'll call this subject Jeb.  Immediately, Jeb went to work and used the handy PTSpy utility to gather more information on the problem.  After a few minutes, he had seemed to have found a clue in the log file:

CPTCardRefreshAgent::RefreshCard, caught exception (-2147203840) in refreshing card 4481.

Or on second thought, maybe not!... Jeb's mood quickly changed from being hopeful to being dejected, and he had slowly started to tug on his hair.  When questioned about his frustration, he simply kept repeating the phrase "negative 2 1 4 7 2 0 ....".  The research team noticed Jeb was losing it, so they quickly went to work and found a way to reach out to Jeb.

It took some time, but it turns out the answer lay in the Portal Server API library within the ALUI deployment.  For those not familiar with the Portal Server API (previously called Plumtree Server API), this is a "common" native programming interface used by the Portal, Automation Server, and API Service.  Even though, it's not as simple to use as the IDK, it provides additional capabilities which go beyond those provided by the IDK.

In implementation, the bulk of the interface is in one JAR called "plumtreeserver.jar", or in a DLL with the Windows version.  The interesting part of this API is that half of the definitions are for actual code interfaces and the other half is static constant definitions.  For addressing Jeb's problem, we're actually more interested in the static constants which provide the following types of information:

  • task result codes
  • object class IDs
  • card status codes
  • job status codes

Eventhough, they are all useful pieces of information, knowing what the result code values mean will allow Jeb to return to sanity.  It turns out that this error code value can be decoded by looking at the PT_RESULTCODES class in the plumtreeserver library (DLL or JAR).  Eventhough the class is provided in the JavaDocs and NDocs, these numeric error codes are not in the documentation.  So, the team decompiled the DLL, and examined the decompiled class file for PT_RESULTCODES:  PT_ResultCodes.txt

And voila!... the team was able to translate the numeric value seen in the log message to some more meaningful text.  In Jeb's case, "-2147203840" really meant that the "document was not found".  Just providing this translation to Jeb allowed him to return to sanity and continue to solve this issue.

 

Function1

Behavior Research Team

The New Kids On The Block

By
Brian Hak
on March 23, 2009 Comments (0)
Back when I was in 5th grade, my grandma gave me a New Kids on the Block folder to sport around school.  My immediate reaction of course, was to yell:  "You're sooo lame grandma...New Kids are a big bunch of lame, and I'm not lame."  Let's for a moment forget the fact that my first ever CD was the Milli Vanilli classic "Girl You Know it's True", because that's neither here nor there. 

In any case, I held my tongue and just told my grandma, "thanks" and gave her a hug.  She died not too long thereafter, and I still miss her, and I'm still glad that I didn't call her lame when she was trying to be hip and give her grandson a nice gift.

But I digress, this post wasn't meant for me to ramble on about memories of my grandmother, but rather to welcome Vasanth Manikumar and Allan Mai to the Function1 team.

new_kids_on_the_block.pngVasanth (AKA "The Mysterious One" AKA "V") joins us from a long tenure with Plumtree/BEA/Oracle.  V has been around the block in the tech industry with 15 years of experience.  For the past 5 years, he has helped Plumtree/ALUI/WCI customers around the world get the most out of the product stack. As for specifics, here's what the man himself highlighted when I asked for a few bullet points for this post:

  • Java and .NET development
  • Work with many clients across the public and private sector
  • Ground-up ALUI/WCI software development as part of the BEA Services Engineering team
  • Expertise in BPM and Service Bus technology
  • Proven track record of success in turning water into wine

Allan (AKA "The Fresh New Face" AKA "The Young One") has the distinct pleasure of joining a team of middle-aged, paunchy men in their quest to take over the world.  Allan comes to Function1 with over 5 years of industry experience, and spending the past 2+ years in the consulting world.  When asked what he'd like the internet to know about him, Allan had the following to say:

  • 5+ years IT experience
  • 2+ years IT consulting experience
  • Strong developer specializing in enterprise Java development
  • BS in Computer engineering from the University of Maryland (Go Terps)
  • Good partner for long walks on the beach

We're jazzed to have Allan and V on board.  Please join us in welcoming them to the Function1 team, and look for them working on your project soon :)



A Quick Comment About Comments...

By
Brian Hak
on March 19, 2009 Comments (2)
Howdy all.  It turns out that I may have been a little on the wrong side of correct for the past year that I've been telling people Function1 is perfect.  Shockingly, it turns out we're not:

Uncommonly good?  Yep.
Surprisingly refreshing?  Check.
Devilishly handsome?  You betcha'.
But perfect?  Sadly, no.

As I was toying around with our Movable Type installation tonight, I happened to notice that we had a huge backlog of un-published comments.  THE HORROR.  Here you are, a fine internet citizen, trying to make the most out of our blog by giving us feedback...and how do we repay you? With a loving embrace?  No, we just unintentionally told you to "talk to the hand".  Rest assured, the lack of comment publishing was an accidental oversight, which I fixed this evening. I also noticed that new users were unable to self-register for accounts...this is fixed too.

A million apologies friends, please accept the following as a token of our appreciation:


Oh CoreID, how I love to hate thee...

By
Brian Hak
on March 16, 2009 Comments (3)
Howdy all,

This probably impacts about 4 people world-wide, so I'm probably just documenting here for my notes more than anything else.  That said, I'm still working with a customer to finish up their coreID SSO upgrade from 7.x to the 10g release, and it's been pretty painful.  I'm more or less boiling over with hate for computers right now, so none of the witty prose you've come to know and love...just the facts.  If you find yourself in the market to perform this upgrade soon, here are a few things to keep in mind:

Setup
Several CoreID instances run behind a Big IP Load Balancer.  CoreID is the SSO product protecting SSL instances of portal and some other software.

Problem: Intermittent authentication failures
Symptoms:
Users authentication requests to the portal or other SSO protected resources intermittently fail.  If you look at the browser headers, you see that failed authentication requests are being incorrectly routed from https://my.portal.server.com to http://my.portal.server.com

Fix: Big IP needs to send a header downstream to the portal and authentication boxes.  Specifically, it should send the header:

ProxySSLHeaderVar  =  OblixSSL

Also, note that you need to configure CoreID to accept/process this parameter.  In the 7.x world, this was done in a webgate configuration file named, "webgateStatic.lst".  This file has been deprecated in 10.x, and you need to configure the setting though the Access Manager GUI.  Login to Access Manager and find the webgates that are protecting your authentication notes, and your resources.  Add a "User Defined Parameter" with the name "ProxySSLHeaderVar" and value "OblixSSL"


Problem: Users can download documents from portal
Symptoms: Users can't download any documents from the KD or from Collab projects.

Fix:  You need to set the cache values on the webgate protecting your portal to public.  Again, this used to be done in webgateStatic.lst, but has been moved to the Access Manager GUI in 10.x.  Login to Access Manager, find the webgate protecting your portal resource, and set the "CachePragmaHeader" and "CacheControlHeader" values to "public".

Problem: Notification links into portal don't work
Symptoms: Links with a query string into portal or other software are getting truncated, with the net result that clicking the links gives users an error.  This is only happening when users click link and don't already have a valid SSO token.  URLs are getting truncated like so:

Original
http://myportal.com/gateway/blah/collab?docid=1&projectid=2

Truncated
http://myportal.com/gateway/blah/collab

i.e., you're losing the whole query string.

Fix: This is a known bug in CoreID 10.x.  Call Oracle and get a patch.  I'm currently waiting for a callback from Oracle support in which I'll hopefully get said patch...will let you all know how it turns out.

That about does it for now.  Please excuse me while I go break a monitor and/or unleash a steady stream or profanities at my laptop.


wtf.png

This Page Contains Both Secure and Nonsecure Items: Say it ain't so!

By
Brian Hak
on March 13, 2009 Comments (0)
Oh, hi there, and welcome back to our corner of the internet boys and girls.  Today we're going to talk about ALBPM 6.0, SSL, and mixed content messages.  Can you say, "ALBPM 6.0, SSL, and mixed content messages"?  I knew you could.

Anyhow, if you're running portal + ALBPM over SSL, you're likely going to see the following annoying pop-up when you try to access the BPM Workspace community:


security_message.png

While allowing SSL and non-SSL content to both be displayed isn't the end of the world, those pesky users might get annoyed at having to click a pop-up dialog every time they try to access their workflows.  But never fear, your friends from Function1 are here to help you, and your users.

What's Going On
The root of the problem here is that the BPM workspace page is trying to load both SSL and non-SSL content, and your browser is warning you that somebody might be trying to do something malicious.  This might occur if a page being served over SSL has a link to a non-SSL image, i.e. <img src="http://myMaliciousSite.com/bad_news_for_you.gif">, or, as is the case with ALBPM, the page has some iframes that are pointing to a non-SSL source, i.e.: <iframe src="http://imGonnaGetchaSucka.com/lolz.html">

Great, But What's A Well-Intentioned Person Like Myself To Do?
Good question, with two answers:

  • Report the bug to Oracle support and wait for a fix or the next maintenance release
  • Fix it yourself
If you're still reading, I'm assuming that you're interested in fixing this problem yourself.  Good for you, you'll be up and running in no time.  Just do the following:

1) Find the following files and back them up:

$ALBPM6_HOME/enterprise/webapps/workspace/jsf/common/executionDialog.xhtml
$ALBPM6_HOME/enterprise/webapps/workspace/jsf/view/attachDetails.xhtml

2) Create a blank HTML page and put it out on your imageserver as something like:

$IMAGE_SERVER_HOME/plumtree/common/custom/foo.html

Again, you shouldn't have any content in your "foo.html", just a set of  "<HTML></HTML>" tags will do fine.

3) Open up the files I asked you to back up and search for "iframe".  You'll see that there are several iframes that have a source set to empty string, i.e. "<iframe src="">"; this is a problem.  Just update the files and set the source attribute of all iframes to your dummy html page like this:

<iframe src="pt://images/plumtree/custom/foo.html">

4) Bounce the BPM workspace container

5) Party like it's 1999.

Hope somebody out there finds this useful....

Until next time, cheers.



Hello World?

By
Brian Hak
on March 6, 2009 Comments (0)
Howdy all....anybody still out there?  No, we're not dead...we've just been hibernating.  Like the great Grizzly bear of the north, we slept the winter away.  Except, in this case, instead of sleeping, we've just been taking a blogging break.  But the weatherman tells me it's going to be 75 degrees this weekend in DC, and just like the nice weather....we've returned.  Be on the lookout in the up-coming weeks for useful BPM tips, our favorite new 3 letter acronym, the gospel according to Oracle (i.e. the direction of ALUI/WCI), thoughts on chasing squirrels,  the first ever Function1 great adventure, and information on the New Kids On the Block.  So stayed tuned, we'll be back soon.  

To tide you over until our return, here's a picture of a bear; enjoy:


bear.jpg

Archives

Recent Entries

Tag Cloud

Related Blogs

Categories

Monthly Archives

Useful Oracle Links