Feed aggregator

Legacy

Mary Ann Davidson - Thu, 2008-12-04 10:49

I have been rather silent on the blog front for some time. The reason has not been a happy one. I went through something very painful this summer that all of us inevitably experience: the death of a loved one. In my case, it was my best friend of 17 years – though Kerry was more than that, truly. As my sister says of him, echoing Alec Guinness in Star Wars, “there has been a disturbance in The Force.” Someone who was larger than life leaves a void in many lives, most especially mine. For awhile, I was tied up in his illness, then the funeral, and then I just could not pick up my virtual pen because it is hard to live through this much less write about it. The blog entry I really meant to write (about force multipliers) kept being crowded into the back of my mind, because I really needed to write about my friend Kerry and the meaning of legacy.

The occasion of death is a forced milestone in that it is a logical time to assess what matters in life. And what seems to matter to us during our lives is often not what matters after one’s course has run. There’s a story about a man reading that John D. Rockefeller had died and asking a companion, “How much money did he leave?” The answer was, “All of it.” All the things we think matter in terms of accomplishments, press clippings, portfolio, and so on, are dust in the wind once we are gone. Even having a building named after you is not all that permanent. The sages of Israel taught of Herod’s temple in Jerusalem: "Whoever has never seen the building constructed by Herod, has never seen a beautiful building in his life." Herod’s temple took over eighty years to build, yet the Romans utterly destroyed it in a matter of days. All we have left is a retaining wall of the temple structure and a holy day to mourn its destruction:Tisha B’Av.

No wonder that Jesus wept over Jerusalem and advised his disciples, "Do not store up for yourselves treasures on earth, where moth and rust destroy, and where thieves break in and steal. But store up for yourselves treasures in heaven, where moth and rust do not destroy, and where thieves do not break in and steal. For where your treasure is, there your heart will be also.”

Kerry did not leave a legacy in things the world values. He left no assets. No property. No portfolio. No bank account. No buildings named after him. No children. Yet he left a very rich legacy in many hearts. People who loved him. Lives he changed, mine in particular. To name two things near and dear to my heart, Kerry taught me to surf, and talked me into buying my house in Idaho. Oh, and committed me to buying a dog without asking (said dog, Thunder, is howling for a treat a I write this). How can you thank someone for giving you a life, or for helping make you who you are? I can’t really imagine what my life would have been like without him, except that it would have been so much poorer.

The number of calls, cards, emails, and so on I have gotten from people who knew him and cannot believe he is gone astonishes and humbles me. And the way they talk about him is a reminder of what really matters to people. One friend said that Kerry was the only person he could ever trust with money – after years of being burned by partners in business. Kerry not only made my friend good money, but was giving away his “trade secrets” by teaching my friend to do what he did in the markets. The financial institution he cleared paper through called up (to a person) to tell me how much Kerry had meant to them though none of them had met him personally: “We talked every day for four years and we didn’t just talk about the stock market; we talked about life.”

Particularly as we watch the recent economic meltdown caused – if I may be indulged here – by a number of people at all levels of society engaging in financial deception or delusion (such as buying a house one knows very well one cannot afford and that is bigger than one needs, or taking equity out to finance a lifestyle one cannot afford) – Kerry stood out. He always “paid cash or did without.” An old-fashioned value that the world needs more of.

He also had the most honest business model that I know of, one in which he took part of the risk that he assumed for his clients. I get lots of cold calls from money managers. I tell them if they are willing to work on the same basis as Kerry did, I will consider it Kerry made 25% of closed out net capital gains, which means if he lost clients money, he had to make it back for them and be in the black before he made any money for himself. None of these MMLs (money management leeches) take my offer, and typically stutter that my counter-offer is not reasonable. I reply that they want to get paid regardless of whether they earn me money or lose it all. The risk, in other words, is all mine, and none of it is theirs. What, one asks, is fair about that? Kerry only did well if his clients did well. A “square deal meal” kind of guy, an increasing rarity in a world where so many are without honor or integrity, and where many are happy to take the reward on the upside but want a bailout on the downside of risk (which economists rightly call a “moral hazard”).

Back to my point, a legacy of changed lives is all that we can really leave behind us that matters. Yet for some reason, in the software industry, “legacy” as a term seems to only be uttered with a sneer. “That is a legacy system” is almost always said with disdain. Why? What’s wrong with old code? Actual users (remember them?) think “legacy” means “something that works, that meets my business needs and is paid for and I am happy with it so I want to keep using it if possible.” Software kahunas think “legacy” is a pejorative term, and that new is always better, old is always bad, and we all need to upgrade “just because.” (The last software upgrade I went through required me to install all new client software with really poor instructions – uh, is there some reason I should have to magically know to rename a file to BLAHBLAH.exe?) and I absolutely lost it. It was the weekend Kerry died and the thing that caused me to break down and “lose it” was the software upgrade, not Kerry’s death. The three most dreaded words in the English language, as all parents learn to their dismay on Christmas Eve at 3AM, is “some assembly required.”)

Merriam Webster defines “legacy” as follows:

1 : a gift by will especially of money or other personal property : bequest 2 : something transmitted by or received from an ancestor or predecessor or from the past

I’ve talked about the first meaning of “legacy.” Now, to the second. Granted, not everything in the past is worth pulling forward and celebrating, but many things are. At the very least, the passage of time allows us to pan through historical dust to find nuggets of permanent value. The second meaning of legacy reminds us that not everything new is wonderful simply because it is new. In particular, the belief that “new and improved” equates to progress is almost a de facto religious belief among many technologists. Yet never has the half-life of technological progress been shorter. Who among us really remembers (or cares) who invented the FOOBAR protocol? Especially when the FOOBAR protocol will be overtaken by something else within a few short years.

Many of the things that historically matter to us now were not obvious to the citizenry of the time (does anybody remember the number one tentmaker in Jerusalem circa 30AD? Yet most of us have at least heard of an obscure carpenter/rabbi named Yeshua). Western civilization, for example, has percolated along quite happily on the strength of the ideas and writings of (if I may be forgiven) innumerable dead white males. Has anyone in the 21st century approached the stature of Rabbi Yeshua or other dead white males (Aristotle, Plato?) We may only know in hindsight. Despite the compressed lifecycle of so much we work with and work on, we should resist the temptation to engage in hagiography on the strength of anything short-lived or of recent occurrence, because we will probably be wrong about who and what really mattered.

An example of near religious ecstasy around technology is all the hoopla around cloud computing, if anyone can decide what it actually is. If by cloud computing, someone really means “software as a service,” that’s not actually a “new” idea at all. It’s been around for eons (remember Compuserve?). And many software vendors offer hosted applications and make a nice business out of it, too. Software as a service makes sense in some scenarios (is that alliterative, or what?). I personally outsource buying anything electronic to my brother-in-law, who does extensive market research and then tells me what to get. “Gizmo-buying-as-a-service” works for me.

If cloud computing is the idea that all your “stuff” will magically be “out there somewhere, in the cloud,” well, that is looney tunes for obvious reasons. Just think basics. I still have cookbooks if for no other reason than I can “fire them up” without waiting for software to load, and I would really hate to have to access recipes in the cloud. Open book, read recipe, book does not need rebooting, ever. Sometimes I do look for recipes online when I realize (in Idaho) that the cookbook I had with my pecan bar recipes is in San Francisco. So, “recipes as a service” might be useful sometimes – but I sure do not want the recipe server to be down when I am in the middle of cooking Thanksgiving dinner.

More to the point, the “it’s stored wherever, and you don’t need to know where” hype around “everything will be in the cloud” is technogobbledygook. There are many things you aren’t going to want to store “somewhere out there,” for good reasons, especially if you have no idea how secure it is and it is something you find valuable. Imagine someone saying, “Mrs. Smith, we can’t actually tell you where your daughter Janie – who you dropped off at day care this morning - will be during the day, she is out there in the daycare cloud someplace, running around, we are not really sure where. But trust us, when you stop by at 5 to pick her up, we’ll have her at the right place.” Yeah, right. Not surprisingly, security people are not buying “somewhere, out there” model of cloud computing. Nobody should. At the very least, instead of having somewhat defensible enclaves of security, you’d have to make everything secure, which is simply not possible.

I was reminded in a frightening way recently that people worship new technology without in many cases either analyzing what problem it solves or whether the benefits are worth the risks. Specifically, I recently heard a highly placed official in the Department of Defense opine about the fact that DoD wants to embrace Web 2.0 because (to paraphrase), “We need to attract and keep all these young people and they won’t work here if we don’t let them use Facebook in the workplace.” What are people going to use Facebook for in the Defense Department, one wants to know? <”Hi, my name is Achmed and I am an Al Qaeda operative. I like long walks on the beach and IEDs. Will you be my friend?” I don’t think so.>

The official went on to say that industry really needed to secure all these Web 2.0 technologies. At that point, I could not contain myself. I asked the gentleman if the Department of Defense was planning on taking container ships and retrofitting them to be aircraft carriers, or buying Lear jets and making them into F-22 Raptors? No, he said. Then why, I offered, does DoD think that the IT industry can take technologies that were never designed with security in mind and “secure them?” Why is IT somehow different that we can, ex post facto, make things secure that were never designed for the threat environment in which they are now deployed? People don’t use a road bike to mountain bike, I don’t use my short board to surf big waves (if I surfed big waves, that is, which I don’t. But if I did I’d get a really expensive blank and get someone to shape me a Big Wave Board, aka “rhino chaser”).

Your “tools” need to be designed for the environment in which they are going to operate. If they aren’t, you are going to have trouble my friend, right here in River City (with apologies to Meredith Willson). To put it even more succinctly (more apologies to Meredith Willson): “You gotta know the territory.” Meredith Willson was not writing about security when he wrote The Music Man, but “you gotta know the territory” is as succinct a description of a security weenie’s responsibilities as ever there was.

Mind you, I understand that the idea of collaboration is a powerful one and, if it is appropriately secure, can be a powerful construct. We read, for example, that the intelligence community has created an internal Web 2.0 construct called Intellipedia (along the same lines as Wikipedia). It makes sense that, instead of having one expert on, say, Syrian antiaircraft defense, that that person’s knowledge can be written down and accessed by others. In a way, that kind of collaboration facilitates “legacy” because someone who knows something valuable can share it with others far more easily than through one-on-one oral transmission. But there is a big difference between “let’s embrace collaborative constructs” and “let’s allow insecure and unsecurable Web 2.0 technologies into a classified environment.”

The key to the new is remembering the universal truths of old – legacies. This is particular true in security in that, while the attack vectors may change as the technology does, there are principles of security that do not change (“trust, but verify” works just as well for IT security as for arms control). Remembering and applying “legacy truths” will help us to avoid getting wrapped up in the latest technical fads as something “new and different” when really, it is just the same security issues wrapped in shiny new code.

There’s a great story from Jewish lore about King Solomon challenging a servant to find a magic ring for him, magic in that a happy man wearing it would become sad, and a sad man would become happy. After a long search, the servant brought to King Solomon a ring engraved, “This, too shall pass.” Technologists would do well to remember that story.

I admit to being more backward looking than forward looking. But this much I know: the “old legacy” values that Kerry lived by are still timeless ones. “Honor thy father and mother.” “I am the Lord thy God, you will have no other gods before me.” “For where your treasure is, there your heart will be also.” Kerry died penniless, but richer than anybody else I know. That he gave of himself to so many people is the legacy he leaves us, and I for one feel so blessed to have known him and to have been cherished by him. As for grief, “this too, shall pass,” and someday I will only remember the happy memories.

The only accolade – the only legacy - that matters at the end of your life is the one that I know Kerry heard from his Creator in the early hours of August 17: “Well done, thou good and faithful servant.”

E Keli, ‘o ku’u pu’uwai ‘oe, mau loa.

Remembering Kerry:

http://www.mtexpress.com/index2.php?ID=2005122267

Ua lawa.


Book of the Month: Tried By War: Abraham Lincoln as Commander in Chief by James M. McPherson

A really fascinating look at how Abraham Lincoln influence the military course of the Civil War, devising strategies that (once he could find generals who would adopt them) made a critical difference, such as attacking the Confederate lines at two different places at the same point in time. You also have a new appreciation (and frustration) of what Lincoln went through to find generals who understood how to win. And lastly, I have a new appreciation for the element of moral courage Lincoln displayed in prevailing against long odds. In 1862, the Democratic controlled Congress was whining that the war was taking too long, costing too many lives, and the North should sue for peace at any price, including taking the issue of slavery off the table. Had it not been for Lincoln’s moral courage in staying the course, the world would look very different indeed. Leadership is, among other things, taking the long moral view and not merely the expedient political one.

McPherson also wrote the Pulitzer Prize-winning Battle Cry of Freedom.

http://www.amazon.com/Tried-War-Abraham-Lincoln-Commander/dp/1594201919

It’s that time of the year again. A really lovely album of Christmas music (not all of which is in Hawaiian) is:

http://www.mele.com/music/artist/brothers+cazimero/cazimero+christmas+favorites/

Herod’s temple:

http://en.wikipedia.org/wiki/Herod's_Temple

About Meredith Willson:

http://en.wikipedia.org/wiki/Meredith_Willson

This, too, shall pass:

http://en.wikipedia.org/wiki/This_too_shall_pass

Switched from Oracle BEA BPM Enterprise Version (on Weblogic) to the Standalone Version for Evaluation Purposes.

Arvind Jain - Wed, 2008-12-03 19:03
Last week was a very short week during which I tried to install an Enterprise BEA BPM on Weblogic. There were a lot of configurations needed for Enterprise WebLogic Edition (Directory Server, Database, Deployment within the WebLogic JVM etc). I have listed the steps below.
It was taking too much time and was not very straightforward. I had to ensure that I have installed and configured the BEA WebLogic application server properly even before I could debug & play with the BPM engine.
<?xml:namespace prefix = o />

At end of last Tuesday I made a call to switch to Enterprise Standalone but the efforts put in were good learning and useful for Standalone Installation as well. So for the purpose of proceeding with evaluation going forward I have shifted to Enterprise Standalone Version as my focus is BPM.

Some learnings or observations .... On the Oracle website they refer to downloading Oracle BPM <?xml:namespace prefix = st1 />Enterprise Administration Guide.pdf but in real scenario there was no such file name. I realized that it was same as Oracle BPM Admin Guide.pdf and the same goes for configuration guide as well. So will not get confused in future :)

Ok so with the ultimate aim being to Deploying and Publishing a New BPM Project I had to go through a series of steps. (For standalone I needed a much smaller set but the practice and drill was worthwhile learning in terms of infrastructure and operationalization of product.

The whole list of steps:

  1. Creating Directory Service ( need to configure Directory Database Schema)
  2. Creating a Process Execution Engine ( need to configure a separate Execution Engine Database Schema)
  3. Configuring Weblogic Server
  4. Creating Weblogic Server Domain
  5. Create Oracle BPM Deploy User
  6. Installing Oracle BPM Deployer
  7. Creating JDBC Data Sources on BEA Weblogic Server
  8. Creating JMS Server, Module & Resources
  9. Configuring the Deployer and Deployment Targets
  10. Enabling Clustering
  11. Building and Deploying Application EAR Files
  12. Deploying and Publishing a New BPM Project

As of now I have Standalone Enterprise BEA BPM configured with Directory (Oracle 10g DB). Engine DB configuration has some issues due to privileges. Make sure you have a friendly DBA to help out.

I am trying to come up with a set of use cases to test out different features.

More next week as I try to put together a list of features .. dully prioritized that I will like to test out.

If you have a challenge for me ...Bring it ON :)

Oracle Approved Training Centers and Certification Test Sites & Address - Kingdom of Saudi Arabia

Sabdar Syed - Wed, 2008-12-03 02:40
Hello All,

Here is the list of Oracle University Approved Educational Training Partners/Centers, and the certification test taking sites in Saudi Arabia.

Oracle University Approved Education Partners - Kingdom of Saudi Arabia

New Horizons Jeddah - Oracle Approved Education Center

P.O. Box : 52171
Telephone : 026642277
Fax : 026642454
Address : Al Rawda St, Jeddah ,KSA

New Horizons Khobar - Oracle Approved Education Center

P.O. Box : 2060
Telephone : 038588882
Fax : 038584014
Address : AL Khaleej Blg, Khobar, KSA

Al-Khaleej Training and Education Co.(New Horizons Computer Learning Center,KSA)

Al Wallan Building,
Takhasusi Street,
Riyadh,Kingdom of Saudi Arabia

Contact: Louai Al-Amir Salem, PMP
Title: Platinum Center Manager
Tel: 009661 416 0123 Ext. 400

Prometric Test Sites and Address for taking Oracle Certifications OCA/OCP/OCE

Riyadh:
=======


NEW HORIZONS COMPUTER LEARNING

ABOVE AL WALAN SHOW ROOM
AL KHURAIS ROAD NEAR AL AZIZA
PANDA TAKAHASSUI PO 295300
RIYADH 11351
Phone: 14160123 Site Code: SU7

NEW HORIZONS COMPUTER LEARNING

Olya Main Street
Behind Jareer Bookstore
Al Khaleej Ladies Center
Newhorizons P O Box 295300
RIYADH 11351
Phone: 1462 8393 Site Code: SU7M1

ALFAISAL INTERNATIONAL ACADEMY

IMAM SAUD BIN ABDULAZIZ ROAD
KING FAHED DISTRICT
PO BOX 10202
RIYADH 11433
Phone: 14552444 Site Code: SU60

ExecuTrain of Riyadh

Zero Floor, South Bldg.
Khaledyah Business Centre ,
Olaya St .
Riyadh 11351
Phone: 14621118 Site Code: SU74

Jiddah:
======


NEW HORIZONS COMPUTER LEARNING CENTRE

AMIR ABDULLAH STREET
AL RAWDAH DISTRICT 1ST FLOOR
PO BOX 52171
JEDDAH 21563
Phone: 966 2 6642277 Site Code: SU5

ARABIAN COMPUTER PROJECTS CO.

Ibrahim Juffali Road
(P.O.Box 14730)
Jeddah 21434
Phone: 966 26678411 Site Code: SU59

Others Cities:
==========


New Horizons Computer Learning Centre

Al-Khaleej Training & Education Company
AL-FAYHA, NEAR CENTRAL MARKET
PO Box 10968
JUBAIL INDUSTRIAL CITY 31961
Phone: 966 3 348 1166 Site Code: SU52


New Horizons Computer Learning Center

Al Khaleej Training and Education
Dhahran Street
Mubaraz
Al Ahsa 31982
Phone: 966 3 5305007 Site Code: SU55

New Horizons Computer Learning Center

Khalid Bin Walid Street
Circle Masjid Qiblatein
Madinah 1875
Phone: 48223333 Site Code: SU48


Philippine International School Ruraydah

PISB
Information Technology Dept.
Faiziyah District
P.O. Box 27089
Buraydah, Al Qasim 51331
Phone: 966 63841975 Site Code: su120


Al-Khaleej Training and Edu. Mens Branch

New Horizons CLC
KSA - King Saud Street
Buridah, Al Qasim 51432
Phone: 966 6 3827999 Site Code: SU54


NEW HORIZONS

AL-AHSA 31982
DHARAN STREET MUBARAZ
PO BOX 5822
HOFUF
Phone: 966 530 5007 444 Site Code: SU17


AL-KHALEEJ TRAINING AND EDUCATION

NEW HORIZONS CLC
AL-DIYAFAH STREET
P.O BOX 50991
ETWID
KHAMIS MUSHAIT 61311
Phone: 72375051 Site Code: SU57

NEW HORIZONS TABUK BRANCH

50 STREET NEW HORIZONS BLD
TABUK
Phone: 966 4424 8613 Site Code: SU39

Note: Check the below URLs, if the details given above are found incorrect.

http://www.oracle.com/
http://www.prometric.com/

Regards,
Sabdar Syed.

http://sabdarsyed.blogspot.com/

NTLM Windows domain authentication for Rails application

Raimonds Simanovskis - Mon, 2008-12-01 16:00
Introduction

RailsPlusWindows.pngIn one “enterprise” Ruby on Rails project we had an idea to integrate Windows domain user authentication with Rails application — as majority of users were using Windows and Internet Explorer and always were logged in Windows domain then it would be very good if they could log in automatically to the new Rails application without entering their username and password.

Windows is using NTLM protocol to provide such functionality — basically it uses additional HTTP headers to negotiate authentication information between web server and browser. It is tightly integrated into Microsoft Internet Information Server and if you live in pure Windows world then implementation of NTLM authentication is just a checkbox in IIS.

But if you are using Ruby on Rails with Apache web server in front of it and running everything on Linux or other Unix then this is not so simple. Therefore I wanted to share my solution how I solved this problem.

mod_ntlm Apache module installation

The first step is that we need NTLM protocol support for Apache web server so that it could handle Windows domain user authentication with web browser.

The first thing I found was mod_ntlm, but unfortunately this project is inactive for many years and do not have support for Apache 2.2 that I am using.

The other option I found was mod_auth_ntlm_winbind from Samba project but this solution requires Samba’s winbind daemon on the same server which makes the whole configuration more complex and therefore I was not eager to do that.

Then finally I found that someone has patched mod_ntlm to work with Apache 2.2 and this looked promising. I took this version of mod_ntlm but in addition I needed to make some additional patches to it and as a result I published my final mod_ntlm version in my GitHub repository.

If you would like to install mod_ntlm module on Linux then at first ensure that you have Apache 2.2 installed together with Apache development utilities (check that you have either apxs or apxs2 utility in your path). Then from the source directory of mod_ntlm (that you downloaded from my GitHub repository) do:

apxs -i -a -c mod_ntlm.c

If everything goes well then it should install mod_ntlm.so module in the directory where all other Apache modules is installed. It also tries to add module load directive in Apache configuration file httpd.conf but please check by yourself that you have

LoadModule ntlm_module ...directory.path.../mod_ntlm.so

line in your configuration file and directory path is the same as for other Apache modules. Try to restart Apache server to see if the module will be successfully loaded.

I also managed to install mod_ntlm on my Mac OS X Leopard so that I could later test NTLM authentication locally. Installation on Mac OS X was a little bit more tricky as I needed to compile 64-bit architecture module to be able to load it with preinstalled Apache:

sudo ln -s /usr/include/malloc/malloc.h /usr/include/malloc.h
sudo ln -s /usr/include/sys/statvfs.h /usr/include/sys/vfs.h
apxs -c -o mod_ntlm.so -Wc,"-shared -arch i386 -arch x86_64" -Wl,"-arch i386 -arch x86_64" mod_ntlm.c
sudo apxs -i -a -n 'ntlm' mod_ntlm.so

After this check /etc/apache2/httpd.conf file that it includes:

LoadModule ntlm_module        libexec/apache2/mod_ntlm.so

and try to restart Apache with

sudo apachectl -k restart
mod_ntlm Apache module configuration

The next thing is that you need to configure mod_ntlm. Put these configuration directories in the same place where you have your virtual host configuration directives related to your Rails application. Let’s assume that we have domain “domain.com” with domain controllers “dc01.domain.com” and “dc02.domain.com”. And let’s use /winlogin as a URL which will be used for Windows domain authentication.

RewriteEngine On
<Location /winlogin>
  AuthName "My Application"
  AuthType NTLM
  NTLMAuth on
  NTLMAuthoritative on
  NTLMDomain domain.com
  NTLMServer dc01.domain.com
  NTLMBackup dc02.domain.com
  require valid-user
</Location>

mod_ntlm will set REMOTE_USER environment variable with authenticated Windows username. If we are using Mongrel servers cluster behind Apache web server then we need to add the following configuration lines to put REMOTE_USER in HTTP header X-Forwarded-User of forwarded request to Mongrel cluster.

RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader add X-Forwarded-User %{RU}e

Please remember to put all previous configuration lines before any other URL rewriting directives. In my case I have the following configuration lines which will forward all non-static requests to my Mongrel servers cluster (which in my case have HAproxy on port 3000 before them):

# Redirect all non-static requests to haproxy
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ http://127.0.0.1:3000%{REQUEST_URI} [L,P,QSA]
Rails sessions controller

Now the final part is to handle authenticated Windows users in Rails sessions controller. Here are examples how I am doing this.

routes.rb:

map.winlogin 'winlogin', :controller => 'sessions', :action => 'create_from_windows_login'

sessions_controller.rb:

def create_from_windows_login
  if !(login = forwarded_user)
    flash[:error] = "Browser did not provide Windows domain user name"
    user = nil
  elsif user = User.authenticated_by_windows_domain(login)
    # user has access rights to system
  else
    flash[:error] = "User has no access rights to application"
  end
  self.current_user = user
  if logged_in?
    # store that next time automatic login should be made
    cookies[:windows_domain] = {:value => 'true', :expires => Time.now + 1.month}
    # Because of IE NTLM strange behavior need to give 401 response with Javascript redirect
    @redirect_to = redirect_back_or_default_url(root_path)
    render :status => 401, :layout => 'redirect'
  else
    render :action => 'new'
  end
end
private
  def forwarded_user
    return nil unless x_forwarded_user = request.headers['X-Forwarded-User']
    users = x_forwarded_user.split(',')
    users.delete('(null)')
    users.first
  end

User.authenticated_by_windows_domain is model method that either find existing or creates new user based on authenticated Windows username in parameter and checks that user has access rights. Private method forwarded_user extracts Windows username from HTTP header — in my case it always was formatted as “(null),username” therefore I needed to remove unnecessary “(null)” from it.

In addition I am storing browser cookie that user used Windows domain authentication — it means that next time we can forward this user directly to /winlogin instead of showing login page if user has this cookie. We cannot forward all users to /winlogin as then for all users browser will prompt for Windows username and password (and probably we are also using other authentication methods).

The last thing is that we need to do a little hack as a workaround for strange Internet Explorer behavior. If Internet Explorer has authenticated with some web server using NTLM protocol then IE will think that this web server will require NTLM authentication for all POST requests. And therefore it does “performance optimization” when doing POST requests to this web server — the first POST request from browser will have no POST data in it, just header with NTLM authentication message. In Rails application case we do not need these NTLM authentications for all POST requests as we are maintaining Rails session to identify logged in users. Therefore we are making this trick that after successful authentication we return HTTP 401 code which makes IE think that it is not authenticated anymore with this web server. But together with HTTP 401 code we return HTML page which forces client side redirect to home page either using JavaScript or

create_from_windows_login.html.erb:

<% content_for :head do %>
  <script language="javascript">
    <!--
      location.replace("<%= @redirect_to %>");
    //-->
  </script>
  <noscript>
    <meta http-equiv="Refresh" content="0; URL=<%= @redirect_to %>" />
  </noscript>
<% end %>
<%= link_to 'Redirecting...', @redirect_to %>

content_for :head is used to specify which additional content should be put in <header> part of layout.

As a result you now have basic Windows domain NTLM authentication working. Please let me know in comments if you have any issues with this solution or if you have other suggestions how to use Windows domain NTLM authentication in Rails applications.

Additional hints

NTLM authentication can be used also in Firefox. Enter about:config in location field and then search for network.automatic-ntlm-auth.trusted-uris. There you can enter servers for which you would like to use automatic NTLM authentication.

Categories: Development

Old tech you'd like to see updated and rereleased

Stephen Booth - Mon, 2008-12-01 02:33
Note an Oracle post, but I know a lot of DBAs and into tech as well.Yesterday I found my old Psion3 mx (which I used before having to switch to Palm handhelds due to work). I had a play and was reminded why I liked it so much. The key advantage it had, and still has over many more modern devices, is the size. It's small enough to fit in a suit jacket or coat pocket whilst being large enough toStephen Boothhttps://plus.google.com/107526053475064059763noreply@blogger.com0

Its Been a While

Padraig O'Sullivan - Sun, 2008-11-30 18:46
I had removed this blog but kept getting some emails asking for links to certain posts so I just posted some old posts again so that they are available to anyone who is interested in them.As an update for what I'm doing, I'm currently in my second year of graduate school. I plan on taking a grad class in database systems next semester so that should be interesting. I'll get to learn a lot about Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com0

Configuring Oracle as a Service in SMF

Padraig O'Sullivan - Sun, 2008-11-30 15:33
In Solaris 10, Sun introduced the Service Management Facility (SMF) to simplify management of system services. It is a component of the so called Predictive Self Healing technology available in Solaris 10. The other component is the Fault Management Architecture.In this post, I will demonstrate how to configure an Oracle database and listener as services managed by SMF. This entails that Oracle Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com2

Parallel Rollback

Fairlie Rego - Sun, 2008-11-30 03:13
I had a user call up and ask to kill a session which was causing him grief and hence I killed it without much thought since it was not a Production system

A few hours later I noticed that SMON was doing parallel txn recovery. This was validated by the view
select * from x$ktprxrt;

Unfortunately I have lost the output but it did show that it would take eons

But this was also confirmed from the pstack of smon which included the function ktprbeg which I believe begins parallel rollback. (Snippet below)

[syd0904:oracle:OSTA1]/u01/app/oracle => pstack 11905
11905: ora_smon_OSTA1

0000000100d80868 kturax (fffffffffffffffe, 380017150, b, 380017, 105ebe510, 5) + 928
0000000100e15620 ktprbeg (106502000, 0, 1065033c8, 105400, 1056b5, 1065033c8) + 1a0 ===> Begin parallel rollback
00000001007e9238 ktmmon (ffffffffffffffff, ffffffff7fffdda8, 0, 1056b5000, 1, 106502000) + f58
000000010106e0dc ksbrdp (105f1b000, 38000e, 106505ce0, 105f1b000, 105f1b, 1007e8260) + 39c
00000001024efed8 opirip (106510000, 106400, 106518, 380007000, 106510, 1066a5650) + 338
000000010033f7b4 opidrv (106512a90, 0, 32, 10650f7c8, 32, 0) + 4b4
0000000100339c50 sou2o (ffffffff7ffff3e8, 32, 4, ffffffff7ffff410, 105de9000, 105de9) + 50
00000001002fc00c opimai_real (3, ffffffff7ffff4e8, 0, 0, 247e09c, 14800) + 10c
00000001002fbe38 main (1, ffffffff7ffff5f8, 0, ffffffff7ffff4f0, ffffffff7ffff600, ffffffff79d00140) + 98
00000001002fbd5c _start (0, 0, 0, 0, 0, 0) + 17c
----------------- lwp# 2 / thread# 2 --------------------

and also confirmed from the SMON trace file

*** 2008-11-28 12:03:16.828
Parallel Transaction recovery caught exception 30319
Parallel Transaction recovery caught error 30319
*** 2008-11-28 12:07:17.163
Parallel Transaction recovery caught exception 30319
Parallel Transaction recovery caught error 30319

So the first thing I did was to disable parallel recovery because of the issue documented in Metalink
using

SQL> ALTER SYSTEM SET fast_start_parallel_rollback='FALSE';

System altered.

IMHO (atleast from past experience) serial recovery is faster than parallel recovery atleast in the case where the transaction causes a lot of index block splits.

After this the row from x$ktprxrt disappeared and the following appeared in the SMON trace file

*** 2008-11-28 12:08:32.763
SMON: parallel recovery restart with degree=0 (!=16)
Parallel Transaction recovery caught exception 30312
Parallel Transaction recovery caught error 30312
*** 2008-11-28 12:08:33.039
SMON: parallel recovery restart with degree=0 (!=16)
Parallel Transaction recovery caught exception 30312
Parallel Transaction recovery caught error 30312

The following views agree on how much time it is going to take to complete the rollback

SQL> select * from x$ktuxe where KTUXECFL='DEAD' and KTUXESTA='ACTIVE';

ADDR INDX INST_ID KTUXEUSN KTUXESLT KTUXESQN KTUXERDBF KTUXERDBB KTUXESCNB KTUXESCNW KTUXESTA
---------------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ---------- ----------------
KTUXECFL KTUXEUEL KTUXEDDBF KTUXEDDBB KTUXEPUSN KTUXEPSLT KTUXEPSQN KTUXESIZ
------------------------ ---------- ---------- ---------- ---------- ---------- ---------- ----------
FFFFFFFF79969D78 114 1 1 16 174276 2 36154 1113256061 1021 ACTIVE
DEAD 13 0 0 0 0 0 639787


SQL> select * from GV$FAST_START_TRANSACTIONS ;

INST_ID USN SLT SEQ STATE UNDOBLOCKSDONE UNDOBLOCKSTOTAL PID CPUTIME PARENTUSN PARENTSLT
---------- ---------- ---------- ---------- ---------------- -------------- --------------- ---------- ---------- ---------- ----------
PARENTSEQ XID PXID RCVSERVERS
---------- ---------------- ---------------- ----------
1 1 16 174276 RECOVERING 122712 762423 6312
000100100002A8C4 0

As you can see the value of
KTUXESIZ matches (UNDOBLOCKSTOTAL - UNDOBLOCKSDONE)

So rollback will complete when KTUXESIZ in x$ktuxe drops down to 0 which looks like alot of time !!!
Dumping the redo confirmed that it was the same transaction which was killed

Surprisingly the value of "rollback changes - undo records applied" in v$sysstat was not increasing during this timeline. I have tested this again (kill a long running job and watch the rollback) and can confirm that the stat does get incremented.

srvctl Error in Solaris 10 RAC Environment

Padraig O'Sullivan - Sat, 2008-11-29 21:48
If you install a RAC environment on Solaris 10 and set kernel parameters using resource control projects (which is the recommended method in Solaris 10), then you will likely encounter issues when trying to start the cluster database or an individual instance using the srvctl utility. As an example, this is likely what you will encounter:$ srvctl start instance -d orclrac -i orclrac2PRKP-1001 : Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com0

Building a Modified cp Binary on Solaris 10

Padraig O'Sullivan - Sat, 2008-11-29 21:48
I thought I would write a post on how I setup my Solaris 10 system to build an improved version of the stock cp(1) utility that comes with Solaris 10 in case anyone arrives here from Kevin Closson's blog. If you are looking for more background information on why I am performing this modification, have a look at this post by Kevin Closson.GNU Core UtilitiesWe need to download the source code for Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com0

Oracle 10gR2 RAC with Solaris 10 and NFS

Padraig O'Sullivan - Sat, 2008-11-29 21:46
Recently, I setup a 2 node RAC environment for testing using Solaris 10 and NFS. This environment consisted of 2 RAC nodes running Solaris 10 and a Solaris 10 server which served as my NFS filer.I thought it might prove useful to create a post on how this is achieved as I found it to be a relatively quick way to setup a cheap test RAC environment. Obviously, this setup is not supported by Oracle Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com1

Creating a UFS File System on an External Hard Drive with Solaris 10

Padraig O'Sullivan - Sat, 2008-11-29 21:45
Recently, I wanted to create a UFS file system on a Maxtor OneTouch II external hard drive I have. I wanted to use the external hard drive for storing some large files and I was going to use the drive exclusively with one of my Solaris systems. Now, I didn't find much information on the web about how to perform this with Solaris (maybe I wasn't searching very well or something) so I thought I Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com0

Unexpectedly honest job posting

Nigel Thomas - Fri, 2008-11-28 12:58
I recently joined the Oracle Connections group on Linked-In and I'm getting regular daily mails with job postings and searches for work. Mostly harmless, but I've just seen a great one:

(You may need to be a member of Linked-In and/or the Oracle Connections group to follow the link).

I think we've all been there, confRigurating away to our heart's content, haven't we? It certainly explains a lot of the problems we see in production.

The Cluster said: &quot;I forbid you to migrate SYSTEM tablespace to local&quot;

Gaurav Verma - Wed, 2008-11-26 10:27

Introducing Nitin Ramesh

NitinR

In this article, I would like to introduce Nitin Ramesh, an associate consultant with Oracle GSD India, Bangalore. This is the first time that I am having another Oracle Employee and co-worker publish articles on this blog, and I am excited. We solve many problems every for our ~35 customers on a 24x7 basis, but not many of them make it to articles to help others in need. If only we decided to this is on a regular basis, a lot of problems could be solved by a mere "google".

Coming back to Nitin, he is a pretty creative person and likes to solve intriguing problems. I haven't seen many people do that with sincerity. It is hoped that with this publication, he will come forth with more interesting articles and end up having his own blog.

Credit: The following article has been written by him and edited later on for presentation purposes.

Preface

In this article, we will talk about a scenario in which we were required to migrate the SYSTEM tablespace to local. What did you say? Piece of cake? We thought so too!

This process seemed to be simple to be first tried out in the test environment. But it was not all that simple. The first attempt ended with an error.

SQL> EXECUTE DBMS_SPACE_ADMIN.TABLESPACE_MIGRATE_TO_LOCAL('SYSTEM');

BEGIN DBMS_SPACE_ADMIN.TABLESPACE_MIGRATE_TO_LOCAL('SYSTEM'); END;
*
ERROR at line 1:
ORA-06550: line 1, column 7:
PLS-00201: identifier 'DBMS_SPACE_ADMIN.TABLESPACE_MIGRATE_TO_LOCAL' must be
declared
ORA-06550: line 1, column 7:
PL/SQL: Statement ignored

Huh?

The issue was suspected to be the database not being in the proper mount mode to run the command.

The command was rerun with the following options again..

SQL> startup mount restrict exclusive

and

SQL> startup restrict

But, the results were not positive.

The next suspicion was on the package itself. So that angle had to be cleared...

SQL> select object_name, object_type, status from dba_objects where object_name = 'DBMS_SPACE_ADMIN';

OBJECT_NAME          OBJECT_TYPE         STATUS
-------------------- ------------------- -------
DBMS_SPACE_ADMIN     PACKAGE             VALID
DBMS_SPACE_ADMIN     PACKAGE BODY        VALID
DBMS_SPACE_ADMIN     SYNONYM             VALID

Hmm, no problem there too.

Maybe the problem was with invoker rights, so we tried giving explicit grant to execute the procedure to sys, but we got the same (lack of) results:

SQL> grant execute any procedure to sys;

What else can we check?

The issue was retested after setting the event '201 trace name errorstack, level 3' at the session level. This was tried with the both startup options – “startup restrict and “startup mount restrict exclusive”, but that did not seem to help.

SQL> show parameter event;
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
event string 10298 trace name context forever, level 32
SQL> EXECUTE DBMS_SPACE_ADMIN.TABLESPACE_MIGRATE_TO_LOCAL('SYSTEM');
BEGIN DBMS_SPACE_ADMIN.TABLESPACE_MIGRATE_TO_LOCAL('SYSTEM'); END;
*
ERROR at line 1:
ORA-10643: Database should be mounted in restricted mode and Exclusive mode
ORA-06512: at "SYS.DBMS_SPACE_ADMIN", line 227
ORA-06512: at line 1


How about checking if all the DB options in DBA_REGISTRY were valid?

SQL> select comp_name, version, status from dba_registry;

COMP_NAME                              VERSION                        STATUS
-------------------------------------- ------------------------------ ---------------------------------
Oracle Enterprise Manager              10.2.0.3.0                     VALID
Oracle XML Database                    10.2.0.3.0                     VALID
Oracle Text                            10.2.0.3.0                     VALID
Spatial                                10.2.0.3.0                     VALID
Oracle interMedia                      10.2.0.3.0                     VALID
Oracle Database Catalog Views          10.2.0.3.0                     VALID
Oracle Database Packages and Types     10.2.0.3.0                     VALID
JServer JAVA Virtual Machine           10.2.0.3.0                     VALID
Oracle Database Java Packages          10.2.0.3.0                     VALID
Oracle XDK                             10.2.0.3.0                     VALID
Oracle Real Application Clusters       10.2.0.3.0                     VALID

All right, no problems there. How about if this were a compatibility issue?

SQL> show parameter compatible;
NAME                                 TYPE        VALUE
------------------------------------ ----------- -----------
compatible                           string      10.2.0

How about any freak triggers during startup:

SQL> select * from dba_triggers where TRIGGERING_EVENT='STARTUP';

no rows selected

Enter Oracle Support

Since we had checked all we could, it was time to get an opinion from Product support. The matter was referred to Kevin Cook from the Advanced Resolution Team (AR). He suggested to retry using the STARTUP UPGRADE option, but before doing so, we tried setting the parameter o7_dictionary_accessibility to FALSE. Yet, the result was undesired. Finally, the STARTUP UPGRADE option had to be used to make it work, BUT with a different twist to it.

When nothing works, we should use the most simplistic case. Oh, did we forget to mention that this was a RAC instance? The catch was that the cluster had to be disabled and the UNDO tablespace for the other instance had to be dropped.

How was it done?

All the tablespaces were made ‘read only’ other than SYSTEM, TEMP, SYSAUX and UNDO tablespaces.

SQL> ALTER TABLESPACE <tablespace_name> READ ONLY;

Lets verify it..

SQL> select t.tablespace_name, EXTENT_MANAGEMENT, ENABLED

from dba_tablespaces t, v$datafile d, dba_data_files f

where t.tablespace_name = f.tablespace_name

and f.file_id = d.file#;

Determined the undo tablespace used for the current instance.

SQL> sho parameter UNDO_TABLESPACE;

NAME                                 TYPE        VALUE

------------------------------------ ----------- ------------------------------

undo_tablespace                      string      UNDO1

As you cannot put UNDO_TS_B or UNDO_TS_C into READ ONLY mode since they are UNDO tablespaces, you must therefore drop these tablespaces, convert the SYSTEM tablespace, then re-create UNDO_TS_B and UNDO_TS_C tablespaces. So, we dropped the UNDO tablespace used by the other instance [UNDO2].

Now, the database was started with the STARTUP UPGRADE option, BUT the cluster_database parameter was set to false in this temp init.ora file:

SQL> startup upgrade pfile='initDUAT1.ora_tmp_oct17';

ORACLE instance started.

Total System Global Area 1.0754E+10 bytes

Fixed Size 2174464 bytes

Variable Size 2889634304 bytes

Database Buffers 7851737088 bytes

Redo Buffers 10649600 bytes

Database mounted.

Database opened.

Take the SYSAUX tablespace offline..

SQL> ALTER TABLESPACE sysaux OFFLINE;

Conversion starts…

Execute the DBMS_SPACE_ADMIN.TABLESPACE_MIGRATE_TO_LOCAL procedure specifying the SYSTEM tablespace:

SQL> EXECUTE DBMS_SPACE_ADMIN.TABLESPACE_MIGRATE_TO_LOCAL('SYSTEM');

PL/SQL procedure successfully completed.

Verify your change by querying DBA_TABLESPACES:

SQL> SELECT tablespace_name, extent_management FROM dba_tablespaces WHERE tablespace_name = 'SYSTEM';

TABLESPACE_NAME                EXTENT_MAN

------------------------------ -------------------

SYSTEM                         LOCAL

Once all tablespaces are locally managed within a database, the SYS.FET$ table does not contain any rows:

SQL> select * from sys.fet$;

no rows selected

Issue the following command to disable RESTRICTED mode:

SQL> ALTER SYSTEM DISABLE RESTRICTED SESSION;

System altered.

Issue the following command for each tablespace you placed in READ ONLY mode to return it to READ WRITE:

SQL> ALTER TABLESPACE <tablespace_name> READ WRITE;

Make the SYSAUX tablespace online:

SQL> ALTER TABLESPACE sysaux ONLINE;

Conclusion

A simple exercise turned out to be a learning experience, because the API had a possible dependence or conflicts with some internal RAC views. When RAC was disabled and the UNDO tablespace for the other RAC instances were dropped, then the migration API completed successfully. The moral of the story is, when in doubt, use single instance mode.

 

 

UKOUG 2008 Conference

Oracle Apex Notebook - Wed, 2008-11-26 05:15
This year I'll attend to the UKOUG 2008 Conference in Birmingham from 1st to 5th December. The conference agenda looks interesting, although not having so many APEX related sessions.It seems that there are some nice bars in Birmingham :) and Dimitri is planning an informal APEX Meetup on Monday after the Opening Party. It's a good opportunity to meet people from the APEX community. You can follow
Categories: Development

Miracle's fight for intellectual property rights in China

Moans Nogood - Wed, 2008-11-26 05:07
Here's a conversation I've been having over the last several weeks. Hope you enjoy it... Debra Lilley told me to put it on this blog. I always do what she tells me to do. Mogens.

Dear CEO,

We are EUWIN Network Service Co., Ltd in China, which is responsible for the registration of internet trademark and domain name of global enterprises overseas. Today we received an formal application that an international company named "Robe GmbH" wants to apply to register "miracleas" as its own Internet Trademark and Asia domain name in China. According to registration process, we will do a check to their application, and during the process, our computer database displays that the name is being used by you.
Because the final registration relates to the copyright of the name, to avoid unnecessary disputes of intellectual property rights, so we want to confirm your opinion. Looking forward to your quick reply. If you have any questions, please contact us by telephone or email as soon as possible.

Karen Feng
Principal of Checking Department
Overseas Registration Organization
Tel:+(86)731-8187 719
Fax:+(86)731-8187 739

Mobile:+(86)158 7339 0351
Skype:internetbrand
web:www.euwin.com.cn

==============================================
Hello China-business-girl,

How much for Miracle.China.Com? Very interesting CEO happy day.

Moans Longballs Nogood.

==============================================

Dear CEO,

Thank you for your reply. In order to deal the matter better, I will tell you the price now:the com.cn domain name is 30EUR per year, the aisa domain name is 40EUR per year, and the internet trademark is 100EUR per year.

During our checking period, the owner of the name has the priority to register "miracleas" internet trademark and com.cn domain name. If you want to register it, according to our dispute registration principle, please provide written document(business licence or trademark certificate registered in the local place)to prove you are the owner of "miracleas". We will keep the priority for you during the checking period.

Look forward your early reply. Thank you for your cooperation.

==============================================
But how much for Miracle.China.Com??? Please email in written statement for good happyness here and everywhere for you!

Also, with respect to your irrevocable demands and undisputed popularity will we pay in Icelandic Kroner cheap cheap?
==============================================

Dear Moans Longballs Nogood,

Thank you for your reply. The Miracle.China.Com is 20EUR per year. Meanwhile as the procedure of register:

.I will send a application form to you, please find the attachment.

2.Please choose the domain name and internet trademark whice you wan t to register, then fill in and fax to me as soon as possible.

Please contact with me if you have any problem, It my pleasure to help you. Look forward your early reply!

==============================================

Dear Karen Fang-SAN,

Thank you much. This also will good for Miracle Japan, no?

I have question 100 Euro for Miracle China and 20 Euro for Miracle China is good, yes?

My pleasure your pleasure. It is very early in Dinamarca now, so very early reply! You should go home and eat your children, no?

Happy eating!

Moans Longballes Nogood.

==============================================

Dear Moans Longballes Nogood,

Thank you for your reply, I am terribly sorry to bother you so early. In fact: register the internet trademark and china.com is very good and necessary for your company. You can protect your intellectul property right by it!

I hope you can fax the application to me early, so I can help you to deal the matter better. Wish you have a good rest. And now it is 9:40a.m in China. Ask a question:what the means of "eat your children"? My English is not very good, sorry!

Thank you for your cooperation. Look forward your reply.

==============================================
Dear Karen Euwin Feng,

My Mother's name was Longballs, not Longballes. But OK. I am very tired now, but register is very important, so I must not sheep. I know I must protect intelletual property night and day, no!

You are very helpful and good with deal the matter. Thank you so much! It is now 03.42 in Denmark and I am sleepy. We do not eat children here, what it means is that we must protect children in Darfour, yes! They get killed by Chinese weapons, but guns don't kill bullets do. I understand. We all friends.

Chinese love.

Moans.
==============================================

Dear Moans Longballs Nogood,

Thank you for your reply. I am sorry for my mistake. Register is very important, but the rest is important too. Rest good in order to work well, yes? You can raply me when you in the office, and you can have a rest now.

About the children get killed by chinese weapons, I do not know the matter at all, and I feel very sorry about it, sorry!!! Of course we all friends.

Thank you for your cooperation. Look forward your reply.

==============================================

Dear Karen-SAN,

Rest is neccessary to work good, you are right. Thank you for letting me sheep.

We must both rest now with the children. I have big time thank you for your help.

==============================================

Dear Moans Longballs Nogood,

In order to deal the matter better, could you tell me whether yo have received the application form from me?

If you have received it, please fill in and fax to me as soon as possible, and I ca help you to register the domian name and internet trademark better.

Thank you for your cooperation, look forward your early reply!
==============================================

Dear Karin Feng -

Yes, many applications here in Danmark. CRM, ERP, backend, frontend, office, retail - MANY MANY applications! They must all protected for property now?! This is very serious. I will contact rest of Danmark NOW.

It is now 06.20 here, so early reply.

PS: My real name is Magnus Ling Ming. My father big King Ling Ming Chinese come from Greenland 42 years ago. You know him?

Moans.

Also sell mail and femail stones if interest. You have MANY stones in China, no?
==============================================

Dear Moans,

Thank you for your early reply. I am sorry I do not know how to call you. I think the property's protect is become more and more important,

and we should strengthen our awareness of protecting our right, otherwise it will effect the development. I hope you can make decision early,

so I can help you to deal the matter better. Do you received the application form?

I am sorry I don't know your father, maybe I'm too ignorant, but if you tell more details maybe I can know better. Stones? yes, there are many

stones in China.

Look forward your early decision. Thank you for your time. Wish you have a good weekend!

PS:I'm sorry to bother your so early many times.

Karen Feng
==============================================


My very dear happy Karen,

I am much pleased. My father was belonged to Muslim minority in China (the Han Muslim Minority in Beijing Province he told me many times over and over again when he talked about his home country China).

He is famous! I have photo of my father in front of BIG BIG unhappy tank in Tianenmen Square! That was my father! Reason for my middlename Longballs when the tank hit him!

I think he died later, but not sure. My mother is no big talker.

But I am very proud and happy of him and I smile with happiness when I visit his unknown grave. It has good karma. Big man! I think some things on my body are big because of him, so very very happy.

So how much money for the intellectual rights again? I have not received any papers! Must be very urgent now. Can you fax them? Or send a letter? My country blocks all emails with documents from China. Why I don't know yet.

Just send letter to:

Moans Longballs Nogood
C/O Miracle ASS
Borupvang 2C
2750 Ballerup
Dänemark

and I think I will receive it. Can you send it hurry hurry urgent with jetplane, no?

Love,

Moans

PS: I am in love with you! You are very clever!
==============================================

Dear Moans,

Thank you for your reply. I'm very you can tell me so many details about your father, thanks! The Miracle.China.Com is 20EUR per year, the internet trademark is 100EUR per year. I have send a application form to you, but very pity you didn't receive it. I'll send it again, I hope you can receive it this time. If you can't receive, or I will fax to you later, please give me a early reply! Thank you!

Best regards!

Karen

==============================================
Dear Karen-san,

It is with love I finally write you and your all family (I hope for happiness for all and good luck for the rest! Always!).

I have been very busy in these days. I have a goat that was ill, so I have slept with it for three nights now, and it is better now (love is good healer, no?). I cannot afford to lose goat again. My father always told me to be careful with goats and chicks and not have too many babies. Hahaha. But he is not here anymore, so I do what I must do many more times.

So sorry for not talking to your many four or five emails to me so kind and so loveful.

My mother is a small talker. She say I MUST check on http://www.cnnic.cn/en/index/index.htm to find you and so you are not fake and trying to steal fortune and luck from me!

My mother not understand that I trust and love you, Karen-san, so I must ask you to tell her that it is OK that you are not offical company for me and my many wives?!

My mother's name Karin Ming, just like yours! But she is OK just not big talker. Very very secret woman.

I must protect my company!

I love you more and more and much.

Moans.
==============================================

Dear Moans,

How are you? We have keep the priority for you for a long time, but I don't get any reply from you about the registration.

And today our management give us the last notice, after we tell you once again five days, if we

don't get your any reply, then we will consider that you give up the owner of name "milanplast", meanwhile, we

will obey the registration principles:first application, first possession to accept the Robe company's application,
I hope you can understand our position. In our auditing period, if you have any suspect about their application,

please contact us directly both by email and by phone. Thank you.
Wish you have a nice day.

Karen Feng

==============================================

My Loving Dearest Karen,

I have been very very very busy digging big holes, so no answer you in long days and nights. Sorry, sorry. You forgive me?

My love goat died suddenly. Perhaps the pressure from sleeping with many of my friends? So BIG hole for it in my garden. Big hole! It is Winter here, so ground is frozen. Very very hard work to put goat to the ground.

But also my dear mother died! Same day! She never was big talker, but now she never talks again. She small woman! So not so big hole in frozen garden this time. I decide to let her stand up in hole instead of lying flat on stomach. Much better. And smaller hole.

I am very sorry about ownership MilanPlast. I think perhaps only Miracle register, yes? Now also MilanPlast and Robe company? I'm do not like this. Can I why not just register everything in China and we can all sleep together? Not cheap-cheap, perhaps, but very easy and good for future business, yes no?

Your Moans, My Moans

PS: I travel to Taiwan with my mother and make big hole for her there so we can meet and have dinner-sleep?
==============================================

Dear Moans,
Thank you for your reply. I'm very sorry I have make a mistake, I means the ownership of Miracle but not MilanPlast,
sorry about it. If you want to register domain name and internet trademark, please fill in and fax the application form
to me as soon as possible, so I can help you to register it timely.
Look forward your early reply, thank you for your cooperation.
I'm sorry to hear that your mother was dead, don't be too sad.
Best regards!
Karen Feng
==============================================
Dear Moans Longballs Nogood,
Hope you enjoy your day. I'm very sorry to bother you again, because my management hasten me to deal with the matter earlier. I'm afraid I can't keep the priority for you for any more. So if you want to register the domain name and internet trademark, please give me a reply as soon as possible. Otherwise we'll obey the registration principle to accept the third party's application, help they to register the domain name and internet trademark. Please understand.
Thank you for your cooperation!
Wish you have a good weekend!
Karen Feng
==============================================

Picture of Yes We Can shirt....

Moans Nogood - Wed, 2008-11-26 03:15

I just transferred the picture from my digital camera. I have no idea how to turn it. But if you put your screen/laptop on its right-hand side you should be able to get a rough idea of the shirt layout.

Let me know if anyone wants one. I'll take care of it. I think they were about 15 dollars for a normal T-shirt. Viktors shirt was bought in haste by his mother in a near-by shop because the shirt guy didn't have very small sizes.

Mine is just a plain T-shirt in black with the YWC motif.

Playing with Swingbench

Padraig O'Sullivan - Tue, 2008-11-25 16:35
Swingbench is a free load generator (and benchmarks generator) designed by Dominic Giles to stress test an Oracle database. In this post, I will be playing with Swingbench and showing how it can be used. This article will focus on comparing the performance of buffered I/O versus un-buffered I/O (i.e. direct I/O) using the Swingbench tool. Since this article is not about direct I/O (I encourage Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com0

Observing Oracle I/O Access Patterns with DTrace

Padraig O'Sullivan - Tue, 2008-11-25 16:35
In this post, I will use the seeks.d and iopattern DTrace scripts, which are available as part of the DTraceToolKit (This toolkit is an extremely useful collection of scripts created by Brendan Gregg), to view the I/O access patterns typical of Oracle. DTrace is able to capture data throughout the kernel and so the job of finding access patterns has been greatly simplified.The system on which Padraighttp://www.blogger.com/profile/17562327461254304451noreply@blogger.com0

Pages

Subscribe to Oracle FAQ aggregator