Tuesday, October 27, 2009

Enhance your career with CareerTiger's help

My high school friend, Abhijeet Khadilkar, started helping people in these recessionary times through a unique intiative - helping get a job using unconventional methodologies using the latest Web 2.0 tools and tips he provides through his recently launched company CareerTiger (www.careertiger.com).

Media has already started to notice the contribution he's making.

  • San Jose Mercury News ran a cover page story on them
  • Details magazine mentioned them in their career section
  • MSN and CareerBuilder featured CareerTiger as one of the premier firms that helps candidates find jobs through unconventional means
  • One of their candidates was featured on Anderson Cooper show on CNN

Abhijeet told that over 90% of people who attend his JobPounce sessions are interviewed in the first 30 days of them attending it. And over 25% of them find a real job in 90 days...numbers that look just ok. But put those in perspective of the current economic climate, and they are stunning.

They are running a special for a limited time - participants enter the code 'legacy' during registration get 60% OFF the regular price. These prices are valid for the next 3 sessions only.

And for those that are not in the SF Bay Area, can attend one of the virtual sessions. More details at http://www.careertiger.com/jobpounce/

Wednesday, October 21, 2009

Introduction to OWSM 11gR1 youtube video

Get introduced to Oracle Web Services Manager (OWSM) 11gR1 through this youtube video.

Monday, October 19, 2009

F5 BIG-IP integrates with Oracle Access Manager

Consumer Oriented Service Architecture (COSA)

We are all familiar with "Service Oriented Architecture" also called SOA. Few years back it brought agility in IT by reusing legacy code and providing service interfaces to call them in a standard manner. It enabled "reuse" and "rapid development" bringing in IT efficiency and cost savings.
Now, it has reached a maturity level, where customers are deploying services in hundreds and not just dozens, and vendors have tools available to manage and secure them.

While SOA concentrated on how to make the service architecture better, it left out on the consumer focus. The consumer focus becomes especially important when services are exposed to partners.

So, I decided to capture all requirements related to this area and coined the term Consumer Oriented Service Architecture (COSA) to represent a new area for innovation.
Here are some of the challenges that I see need solutions
  1. Consumer identification: A service consumer is a nebulous word. A consumer could be identified through a user identity(name/attributes, saml attributes), application identity, ip address, location, type of device (such as web, mobile, widget), etc.
    • Vendors need to come up with a specification to standardize on how consumers are identified in their tools.
  2. WSDL and other description languages: Today, WSDL describes the service interface only that is used by all consumers invoking it. How can I enhance this description language such that certain operations are available to some consumers, and certain operations are not available to other consumers?
    • The service description language would need to be enhanced to accommodate it.
    • Service registries and repositories would need to be able to understand and manage these new artifacts associated with consumers.
  3. Contracts: How can I define and mange contracts between service providers and service consumers, and ensure that they are being complied with?
    • Service repositories which manage contracts should be able to support it.

  4. Policies (security, reliability, etc.): How can I apply security policy differently for Consumer A vs. Consumer B. I may not be trusting Consumer B as much as Consumer A, and would like to apply enhanced security for Consumer B such as using strong authentication or requiring Consumer B to send messages over higher bit encryption algorithms? Or, Consumer B may not be as technology advanced as Consumer A, and I need to allow Consumer B interact with my service using a different token (for authentication) than Consumer A.
    • This would lead to enhancing WS-Policy, WS-SecurityPolicy and associated standards to bring in consumer focus to them, and vendors supporting it.
  5. Operations (availability, routing, SLAs): How can I route/process messages coming from Consumer A preferentially over Consumer B? I may have SLAs (such as avg response time, concurrency, etc.) set for Consumer A that are different for Consumer B. How can I manage and enforce these consumer centric SLAs?
    • Service Management tools need to include consumer identifier in all their metrics and have capability in alarms and rules to act upon this identifier.

  6. Throttling/Shaping: How can I throttle or shape requests on a per consumer basis based on the SLAs defined between service provider and consumer?
    • XML Gateways and service bus (ESB) should be able to perform throttling based on consumer identifier.

  7. E2E Tracing (root cause analysis): How can I trace messages end-to-end (from consumer to service infrastructure to application to database) coming from a particular consumer of the service?
    • Application and service infrastructure tools need to include the consumer identifier in all their diagnostic and audit logs.

  8. Audit and reporting: How can I run audit reports for a particular consumer-service interaction? Audit records need to include consumer identifier.
    • Audit and reporting tools need to be enhanced to include consumer identifier as one of the criteria for reports.

  9. Provisioning: How can my tools allow provisioning of a new consumer that would invoke my service? How can I use a workflow approval process to provision such a consumer for my service? How can I provision application identitiesand certificates that relate to a particular consumer through a well defined process?
    • Service provisioning and workflow tools need to include the concept of consumer provisioning (or consumer onboarding).

  10. Social apps: How can I enable service-consumer interactions using social apps? How can I notify availability of a new version of the service using Twitter like apps? Or, let consumers share their experience and learning in using the service?
    • Social tools such as wikis, discussion boards, etc. should be integrated into service infrastructure tools to provide service-consumer interaction.

If your company has similar needs, then pls share your use cases by commenting to this blog entry.

Web Application Description Language (WADL)

Sun has submitted "Web Application Description Language" (WADL) spec to W3C.
It's a desription language analogous to WSDL, but for REST/API services. It's also supposed to describe relationships between the resources.
See http://www.w3.org/Submission/wadl/

Implementation: There is a current implementation of it as part of Jersey JAX-RS.

An Amazon service in WADL is represented as

 1 <application xmlns="http://wadl.dev.java.net/2009/02" 
2 xmlns:aws="http://webservices.amazon.com/AWSECommerceService/2005-07-26"
3 xmlns:xsd="http://www.w3.org/2001/XMLSchema"
4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
5 xsi:schemaLocation="http://wadl.dev.java.net/2009/02 wadl.xsd">
7 <grammars>
8 <include href="AWSECommerceService.xsd"/>
9 </grammars>
11 <resources base="http://webservices.amazon.com/onca/">
12 <resource path="xml">
13 <method href="#ItemSearch"/>
14 </resource>
15 </resources>
17 <method name="GET" id="ItemSearch">
18 <request>
19 <param name="Service" style="query"
20 fixed="AWSECommerceService"> </param>
21 <param name="Version" style="query" fixed="2005-07-26"> </param>
22 <param name="Operation" style="query" fixed="ItemSearch"> </param>
23 <param name="SubscriptionId" style="query"
24 type="xsd:string" required="true"> </param>
25 <param name="SearchIndex" style="query"
26 type="aws:SearchIndexType" required="true"> </param>
27 <option value="Books"/>
28 <option value="DVD"/>
29 <option value="Music"/>
31 <param name="Keywords" style="query"
32 type="aws:KeywordList" required="true"> </param>
33 <param name="ResponseGroup" style="query"
34 type="aws:ResponseGroupType" repeating="true"> </param>
35 <option value="Small"/>
36 <option value="Medium"/>
37 <option value="Large"/>
38 <option value="Images"/>
40 </request>
41 <response>
42 <representation mediaType="text/xml"
43 element="aws:ItemSearchResponse"/>
44 </response>
45 </method>
46 </application>

Would like to hear your comments on whether you find this spec useful. Currently, it doesn't have a security profile. What would you like to see defined in such security profile?

Friday, October 16, 2009

Why are businesses caring about the Cloud?

Cloud computing is a buzzword these days. Every customer I meet have some pilot project going on that relates to the cloud. Here are some of the drivers for it's adoption that I see from my perspective.

Business Drivers:
  1. CFOs love it - The "public cloud and managed private clouds" model removes technology capital expenditure (capex) from the company balance sheets. So, CFOs love the pay-as-you-go monthly subscription model that this brings in.
  2. Reduce hardware costs: Even when companies don't want to go the public/managed cloud route yet, by adopting the private clouds, companies want to realize the benefits of eliminating unused computing power.
  3. Go to market faster - Since, this avoids the long hardware procurement cycles, businesses can bring a solution faster to market.
  4. Brings in new ways of interacting with customers - Cloud is bringing in new application programming models that makes it easy for companies to interact with customers using Web 2.0, mobile, widgets, social networking apps - such as Google App Engine, Google apps. A company wants to
Technical Drivers:
  1. Parallel development: Once the company procures the software license, they want to immediately start prototyping and developing the solution (in the cloud). Once, they get hardware for it, they want to move the solution from the cloud into the datacenter for test/stage and finally taking into production.
  2. Scales up and down to meet demand: IT doesn't have to plan for capacity and worry about expenditure on over capacity as cloud offers automatic up and down scaling based on demand.
  3. Leverage existing functionality provided by hosted solutions: Customers are embedding certain solutions from publicly hosted solutions such as Workday, Salesforce.com into their business processes to reduce the complexity, and get to market faster.
  4. Enables self-service: This model gives full control on how you want to manage and use resources available to you.
If you have inputs into these drivers or have others drivers that's leading to adoption in your company, pls comment to this blog entry.

Tuesday, October 6, 2009

OWSM presentation and demo pod at Oracle Open World (OOW) 2009 in San Francisco

I'll be doing following presentations at this year's Oracle Open World 2009 (OOW)in San Francisco.

S310006Leveraging Oracle Web Services Manager in Oracle Fusion Middleware 11g to Manage SecurityMarriott Hotel Golden Gate B3Tuesday 10/13/2009 13:00 - 14:00

Also, visit us at our Demo pod Oracle Fusion Middleware Security, Moscone West, W-111

Here are some focus on docs that might be helpful in navigating the jungle of presentations/demos.
And, all Focus On docs can be found here http://www.oracle.com/us/openworld/030606.htm