Tuesday, December 8, 2009

GoF Design Patterns with examples using Java and UML

written by:
Benneth Christiansson (Ed.)
Mattias Forss,
Ivar Hagen,
Kent Hansson,
Johan Jonasson,
Mattias Jonasson,
Fredrik Lott,
Sara Olsson, and
Thomas Rosevall

Gof Design patterns

A very nice recap of the design patterns.

Saturday, July 25, 2009

Notational Conventions

Notational Conventions explained for many specifications:-

Tuesday, July 7, 2009

Find Bugs

Find Bugs is an eclipse plugin which shows the common errors in Java. I use the eclipse plugin, and as a Best Practice for java developers this should be used while development. :)

For a piece of code the following error was received

When piece of code in given below:-
1. Long id = request.getId();
3. if(request == null || id == null) {
4. throw new RuntimeException("id cannot be null");
5. }
Find the error if you can... :)

The check for request == null is fruitless, since if request is null the line 1 will fail. Below is provided the corrected code and thus removes the bug.
1. if(request == null || request.getId() == null) {
2. throw new RuntimeException("id cannot be null");
3. }

Long id = request.getId();

A note of caution, the code inspection tools need to be used intelligently, it may sometimes flag code as bug that may have been done for some valid reason. Ignore them in this case.

Tuesday, June 30, 2009

Minimize memory footprint

An application to minimize memory footprint.


The application can optimize the memory used. Some applications when run over a long time start hogging a lot of memory, this tools optimizes the memory usage and free it.

Mozilla is a good example of such a process (at least I was facing the issue) but is irreplaceable. :)

Tuesday, June 23, 2009

Pitfalls of SOA adoption

An old link about pitfalls of SOA adoption.
Pitfalls of SOA adoption - Thomas Erl
Most of the points are still valid, specially the performance impact.

OWSM setup for signature verification

Setup OWSM to perform signature validation


Step 1: Getting the wsdl URL for the service to be secured.
  1. Login to the BPEL console. 
  2. Select the process to be secured and copy the wsdl url.
  3. Move to the WSDL tab.
  4. Remove the version from the wsdl location. http://server:port/orabpel/domain/BPELProcess1/1.1/BPELProcess1?wsdl to http://server:port/orabpel/domain/BPELProcess1/BPELProcess1?wsdl and copy the new wsdl url. This will ensure the OWSM is always pointing to the latest version of process deployed.
  5. Remove the version from the endpoint location. http://server:port/orabpel/domain/BPELProcess1/1.1 to http://server:port/orabpel/domain/BPELProcess1 and copy the new endpoint location. This will ensure the OWSM is always pointing to the latest version of process deployed.

To secure a java web service (or any other web service), get the correct web service wsdl URL.

Step 2: Register the web service in
  1. Login to OWSM.
  2. Go to PolicyManager --> Register Services. Click on Services.
  3. Click add new service.
  4. Insert the required details. Please note enter the correct wsdl URL from step 1.4 without the version and then click next.

    5.  Click Finish and then commit. 
    6.  Go back to RegisterSerices --> List Of Services, find the service created and click on edit.

Note the Service URL and the Service Endpoint URL. These will be provided to the client and also used for testing.
  7.  Click on Modify Policy
  8. In the Request pipeline, click on 'Add Step Below' in the Log step and click OK.

 9.  Click on configure in the VerifySignature step. Fill in the appropriate values. Use serverpass for the value while creating the keystore and the alias as the value while importing the client certificate.

  10.  Click OK and the commit the changes. The update to the signature are done.

Keystore Setup for OWSM

Set up the keystore to be used by Oracle Web Services Manager (OWSM) to perform digitial signature validation.

The client's public key (.cer file) should be provided.

Step 1: Creating server store.
Use the java keytool command to create a keystore.

keytool -v -genkey -keyalg RSA -keysize 1024 -keystore [keystore-name.jks] -storepass [serverpass]-alias server1 -keypass [server]

Example server output:-
keytool -v -genkey -keyalg RSA -keysize 1024 -keystore server-store-1jks -storepass serverpass -alias server1 -keypass server
What is your first and last name?
[Unknown]: SashCo
What is the name of your organizational unit?
[Unknown]: DPP
What is the name of your organization?
[Unknown]: SashWorld
What is the name of your City or Locality?
[Unknown]: Dubai
What is the name of your State or Province?
[Unknown]: Dubai
What is the two-letter country code for this unit?
[Unknown]: AE
Is CN= SashCo, OU=DPP, O= SashWorld, L=Dubai, ST=Dubai, C=AE correct?
[no]: Y
Generating 1,024 bit RSA key pair and self-signed certificate (MD5WithRSA)
for: CN= SashCo, OU=DPP, O= SashWorld, L=Dubai, ST=Dubai, C=AE
[Storing server-store-1jks]

Step 2
Add the provided public key to the java keystore.

keytool -import -noprompt -trustcacerts -keystore [keystore-file.jks] -storepass [serverpass] -alias [alias] -file [certificate-file.cer]

Example server output:-
keytool -import -noprompt -trustcacerts -keystore server-store-1.jks -storepass serverpass -alias sashwat -file sashwat.cer

Certificate was added to keystore

Step 3:
Use the following command to list the certificates in the .jks file
keytool -list -keystore -storepass

keytool -list -keystore [keystore-file.jks] -storepass [serverpass]

Acronym / Abbreviation
OWSM - Oracle Web Services Manager
keystore-name.jks - Name of the new java keystore
serverpass - password of the keystore
keypass - password of the private key
clientalias - alias for the client
certificate-file.cer - the certificate file provided by client

Helpful Links:-
Java keytool reference :-

Tuesday, June 16, 2009

A very nice regular expression tool

This a very useful regular expression verification tool.

Regex Coach

I haven't tried many but never needed to look further.

Thursday, April 30, 2009

Changing the title of instance in BPEL Console and searching in

Using the title,Index,Custom Key search in the BPEL console for effectively.

After installation of the SOA suite I saw new search facility available in BPEL console, but could not find any documentation regarding this. This is not even provided in the new features.

I could see some new searches in the BPEL console, and thought that it could be useful for tracking.
Login to BPELConsole
Go to instances tab
Search by Title, Index/Custom Key are the new searches that have been added. To use this feature just add a java code snippet in the bpel.
  <bpelx:exec name="setIndexAndCommit" language="java" version="1.5">  
<![CDATA[String ele =

This sets the title that appears in the BPEL console. This can be used to set to search using the added feature of the BPEL console and make use of the BPEL console better.

Setting the title could have been done in previous release also, but the search option integrated with the BPEL console makes it very good for the support.
The problem I faced was while using the setCustomKey(String) in the java snippet. The error recieved was that the method was not found. Still to find the solution. Will post in the Oracle forums.

Saturday, April 18, 2009

SOA suite upgrade - Duplicate instances

One of the new issues brought by the new version of SOA suite is the duplicate instances. If any asynchronous process is invoked from another process, in the tree finder sometimes even though a single call is made to the bpel process, the process can be seen multiple times.

This is a bug added :(

The cause of the bug is auto-recovery and impact can be minimised if auto recovery is turned off. This feature was introduced in SOA suite and added a new bug, please do not enable this feature in production.

Saturday, March 21, 2009

Bugs in Oracle SOA Suite

While testing our application on MLR5, two pieces of functionality broke. Both of them undocumented and still awaiting confirmation as bugs from Oracle.

1. We have a BPEL process that insets a message into a queue using AQ adapter. This fails, with an exception stating xsi not defined in the XML. I've encountered this error message while inserting message into the queue when the XML is invalid.

Strangely enough this xml was generated from a java client proxy, and the xsi definition (mapping xsi to its corresponding namespace) exists along with the soap header. xsi is usually used to denote nulls in xml. If the definition of xsi is moved into the body the error dissapears.

Strange. Very Strange.

2. Another BPEL process contains a task being created and then the same task updating the outcome of the task. No authentication information was passed since the credentials returned while creating the task were used to complete the task. It generates some sort of a token that does this, but this piece of functionality broker in the newer version. Authentication information is required to be passed, so needed to give the bpeladmin username/password. Not very nice.

Hoping no more undocumented isses arise. Will update this post based on the response provided by Oracle support regarding the issues.

Wednesday, March 4, 2009

SOA suite upgrade

I just upgraded my developer system (windows XP) to SOA suite upgrade MLR#5 running on OLite. Below are the special points from the release notes. I still need to test the stability and features of the new version.

Section 5.1.1, "Password Displays in Clear Text During Deinstallation"
Section 5.1.2, "Passwords Appear in Clear Text in /tmp Directory After Running IRCA.SH"

5.1.3 BPEL Process Instances Do Not Display in Oracle BPEL Control when Using Oracle Database Lite

“If you install Oracle BPEL Process Manager with the Basic Install option, Oracle Database Lite (Olite) is installed. If you then apply the patch to this installation, BPEL process instances under the Instances tab in Oracle BPEL Control do not display.
As a workaround, use the Advanced Install option, which enables you to install a database other than Olite.”
>>WTF? Was it never tested? Or they have stopped making the tool developer friendly.

5.5.11 Removing or Changing the Passwords of Default User Accounts
>>Finally clearly stated

5.7.3 Fault Policy Changes Do Not Require a Restart of Oracle BPEL Server
>> Nice

5.9.5 BPEL Test Suite OnMessage Event Does Not Support Synchronous Operations
When reading section "Asynchronous Event Emulation" of Chapter 20, "Testing BPEL Processes" of the Oracle BPEL Process Manager Developer's Guide, note that the onMessage event does not support synchronous (that is, two way) operations.
>> never knew this !!!

Tuesday, January 27, 2009

Reset the user password for SOA suite (using jazn)

To reset the password you need access to the server filesystem.

1. Open the file ORACLE_HOME\j2ee\home\config\system-jazn-data.xml
2. Look for the user you want to reset the password for.The below XML sample is for the user oc4jadmin

OC4J Administrator
OC4J Administrator

3. Change the credentials
The password now becomes welcome1.

4. Restart the server
5.Login using the user oc4jadmin and password welcome1.

Now you will notice that after the server has started the credentials again become hashed.