What does er stand for in ISIM classes? - tivoli-identity-manager

We have these classes in ISIM like erRole, erPersonItem. What does er stand for? Just used as prefix or does it mean entity relation or something?

The er in the class names is a reference to the old Access 360 enRole product that IBM purchased and rebranded Tivoli Identity Manager (now of course Security Identity Manager). It was used to identity classes that were used by the enRole product years ago.
There is a tiny bit of that history documented here if you are interested: https://ldapwiki.com/wiki/IBM%20IDM

Related

Architecture definition: MVC 3 (Sharp architecture) + Multi-Tenancy

I would like to share my thoughts with you and try to get some advice. I would like to
define my application with the best architecture as possible. Any comment would be highly appreciated. Here we go...
My technologies: Sharp Architecture 1.9 (MVC3, NHibernate, Castle Windsor, etc...) and SQLServer database
My busniess case: SaaS application. Many customers with many users each one, one database per customer and the same code (just one instance)
of our code
Problem: I need to allow multiple users to connect to different databases at the same time
with the same code (just one installation). As far as I know Sharp Architecture doesn't support this stuff by default
After some research I found a new concept for me: Multi-Tenancy. I guess that is the proper way to do it.
So question is:
Is my assumption correct? Is multi tenancy the best way to reach my goal?
On the other hand I found a couple of interesting links:
http://weblogs.asp.net/zowens/archive/tags/Multi-tenancy/default.aspx (MVC approach)
http://msdn.microsoft.com/en-us/library/aa479086.aspx
Someone could provide me aditional info?
Thanks for your time
Best regards
Multi-tenancy is your right way to opt for solving your requirement. With multi-tenancy [Single database per tenant and single codebase] we identify the tenant and then use his database to either authenticate his users or use his tenant id to identify his application database and these can be achieved only in a multi-tenant enabled codebase.
If you are interested in delving deep further, please leave your comments so that we can take forward this discussion and involve the community from the architectural perspective.

What is the difference b/w Oracle Business Rules and IBM ILOG JRules

What is the difference b/w Oracle Business Rules and ILOG JRULES
First point would be that almost all rule engines are identical, except the software stack they integrate into. Most are Java, which means they work great in Java environments. However in some cases you may want to integrate into other environments. I.E. SAP, Oracle, etc.
One big thing I want to see in a rule engine is a solid user interface. ILOG uses the Eclipse IDE for it's interface, whereas Oracle uses Word/Excel.
Points on UI go to Oracle because every business user in the world is familar with MS Office, which is very simple when you compare it to the Eclipse IDE which is very confusing.
As for integration, I don't know what each vendor offers, but I know they definitely both support Java environments easily.
Lee
IBM ILOG also has an interface for excel called
WebSphere ILOG Rule Solutions for Office
It all depends on your activity, what the business want and on the budget.
And, more importantly on who will author the rules. if it is DEV guys then any will do
If it is Business guys then JRules is the best from far.
JRules is the most mature product with a good developer interface because it is a well integrated plugin for eclipse
Business user (non-technical) interface is fantastic and allows proper human language for rule edition.Plus you have auto-completion and nice features like that.
One can write a rule in English, one can review it in French or German (depending on which language have been "verbalized").
If you want a powerfull business user interface then give it a try.
JRules also include RSO meaning the ability to edit decision table in Excel and rules in Word.You can have a plugin for scorecard as well
It is available in COBOL, JAVA and .NET
Uses CEP (Complex Event Processing from version 7.5 which integrates IBM Event something) and the new name of the product is now Decision Manager, if I am correct.
JBoss rules (drools) is a very good approach as well but as it is free the business user interface is not that great. (compared to JRules)
I used it and liked it - as a developper
Best quality/price in my point of you
It uses Eclipse as well
Blaze advizor - if your envirnment is retail, finance or banking.
It uses Eclipse as well (version 7+) but it is a bit crappy because there is almost no auto-completion and is not fully using all the nice feature of Eclipse (like Ctrl+Click to jump to another file)
It dedicated for the business domains I mentioned and there is side product specific for Fraud, Predicitive analytics and so on...
Tibco Business Events - uses CEP (Complex Event Processing) but there is no business user interface at all.
Hope it helps.
To sum up, if you want the best approach for non technical user to author rules then JRules. If you have low budget then JBoss rules.

Architecture For C#/.NET 4.0 Custom SessionState Provider/ Module /SessionItems Collection Class Lib?

This question pertains to writing a massively scalable & efficient customer sessionstate class library in C# and I am in desperate need of sage counsel.
Original thread that has been guiding me based upon:
I just discovered why all ASP.Net websites are slow, and I am trying to work out what to do about it
Hope this thread can be called back from the netherworld as I have been spending the past 48 hours (with a few power naps) trying to implement the ideas elucidated here and I must admit I am somewhat lost in the solution space and would be grateful for some clarity.
Allow me to explain where I am at & what is confusing me & what I am trying to accomplish. The back & forth here with James & Joel raises great points but concrete implementations beyond the links leave me somewhat in the dark.
I'm trying to create a class library/dll I can use in several of my projects to bypass the default sessionstate options of inproc, sql & stateserver. This is somewhat new to me so please excuse my ignorance. Further I am somewhat of a down & dirty asp.net / C# coder and some of the more subtle nuances of generics, thread safety, locking, and serialization do tend to hurt my little head :))
I had started by creating a custom sesion state provider based upon a sample I found on MSDN that writes to access. Then I had found this page and Pandora's box was wide open and now I cannot get the genie back in the bottle. I dug more and I found a template for a custom sessionstate module and I added that too to my class library. SO nowwwww... I have both a provider and module of my own and then after reading Joel's many tips I ended up creating a custom session state items collection based upon yet another sample I found on MSDN.
That was originally based upon a hashlist, somehow I ended up turning it into a sortedlist, and then I seem to have followed Joel's steps one by one as pertains to the following:
lock(typeOf) rewritten in all .cs files to use lock(thisLock) where thisLock is a private static object as per the Rico article mentioned here ... I do understand the "concept" of deadlocks but this is my first attempt to scale an asp.net site and I am not feeling like Joe Architect quite yet. I cannot afford to be lazy here because I do not wish to build upon a shaky foundation only to get a bunch of hard to figure out bugs further on up the road.
Then I followed Joel's advice about the "slim" version of the locks and got that working in my classlib as well. And yet still my spider-sense is tingling telling me I basically still am in obedience mode rather than enlightenment mode, i.e. I don't have the NEO style vision of 1s & 0s dancing in my perceptual field.
So I keep coming back to this page like a refugee from a Dan Brown novel and now I am looking at the final admonition by Joel advising that until the sessionstateitem collection is made threadsafe no good can be assured in the multiverse. So I figure it is time to start brushing up on threadsafe collections.
That's when I start reading an article by MSFT on http://msdn.microsoft.com/en-us/library/dd997305.aspx SortedLists & other oldies but apparently not so goodies being deprecated in favor of generics. Now I have actually created entire business layers and linq layers that are serializable and are used for shopping carts and stored in an offline database.
But the truth is sessionstate, threadsafety, using BOTH module & provider, and the lack of any samples here to debug has my cerebral drive continuously redlining and the heat sink is faltering.
MSFT says in above link, "The collection classes introduced in the .NET Framework 2.0 are found in the System.Collections.Generic namespace. These include List, Dictionary, and so on. These classes provide improved type safety and performance compared to the .NET Framework 1.0 classes. However, the .NET Framework 2.0 collection classes do not provide any thread synchronization; user code must provide all synchronization when items are added or removed on multiple threads concurrently.
We recommend the concurrent collections classes in the .NET Framework 4 because they provide not only the type safety of the .NET Framework 2.0 collection classes, but also more efficient and more complete thread safety than the .NET Framework 1.0 collections provide.."
So James sorta bolted thru the exit saying I got it, and that's the end of the thread but I have experienced some very peculiar behavior while debugging.
I am using a harness website to test my session lib. If I specify BOTH the httpmodule and the custom provider only the module runs in the harness/testing site I whipped up. BUT- if I modify the web.config of a real mature codebase it opts for the provider.
I did realize I could use one at a time to get the harness site pointing to the provider by not using the module.
That is fine for now but then I found myself saying to myself, "self.... you have a custom collection but is it threadsafe, are we still locking it, should we be locking it from outside the collection, i.e. in module or provider? My brain is saying is "thread-safety" encapsulated in the collection itself.
And how do I really know that all these slow page.aspx/longpage.aspx samples where one must hang out waiting for a thread to finish, even if user has click another link in frustration (what frustration? on a web site? perish de thought!)...
So basically, like Bugs Bunny, hangin' from the smithereen remnants of la bella luna I beseech thee, "GET ME OUTTA HERE..."
I thank you in advance for your timely consideration in this matter & others of monumental importance.
Best,
Cary Abramoff, MCSD.NET (Ten years of .net & I still wish it were all JQUERY baby!)
Sounds like what you really need to do next is create a testing program that calls multiple pages in your harness site simultaneously. This will simulate the situation that locking is meant to benefit and it will also help you determine if your implementation is logically correct. Without that I think you're sort of working at this blindly.
Hope that helps.
On a side note: I am currently working on a custom session state provider backed by Redis. My plan is to have an implementation that allows the locking to be turned off. I will likely get open sourced on Github once it is stable.

How do the different services in Oracle SOA relate to each other?

I'm am trying to figure out how the Oracle "Layered Architecture Model" works, and I am very confused about what the business, data, and presentation do, and how they relate to each other. I have seen many diagrams showing how this should work, but some real world examples would be useful?
For example I am guessing that web applications are what Oracle calls "Composite applications" and that these web applications are built up of what Oracle calls "Presentation Services".
Let me try to answer to the best of my knowledge:
The OSB is BEA's ALSB overhauled. The main purpose of this is the job of ESB. It sits between your presentation layer and rest of the application. It defines the boundaries of your application, and supports mediation between various units.
Your components and various subsystems that contain business logic (think of different departments in an organization) are termed Composites. For instance, these composites could internally use BPELs to represent business logic, and use JCA for reaching out services (database, ejbs, etc.,) local to them.
These Composites, if need to reach out to services outside their jurisdiction (sorry, could not think of a better word,) they need to contact the OSB.
Any internal requirements for a service mediation is satisfied by a Mediator (unfortunately, this is OESB overhauled)
As you can see, this is sort of a pathetic attempt by Oracle to sell both their original ESB solution, along with the products they bought from BEA. Let me tell you, nothing stops you from wiring your internal services in OSB itself (probably the ultimate direction of Oracle)
I am sure you will be able to find out more after rereading, and working hands on. Request to please update your question with your findings.

.NET Membership with Repository Pattern

My team is in the process of designing a domain model which will hide various different data sources behind a unified repository abstraction. One of the main drivers for this approach is the very high probability that these data sources will undergo significant change in the near future and we don't want to be re-writing business logic when this happens. One data source will be our membership database which was originally implemented using the default ASP.Net Membership Provider. The membership provider is tied to the System.Web.Security namespace but we have a design guideline requiring that our domain model layer is not dependent upon System.Web (or any other implementation/environment dependency) as it will be consumed in different environments - nor do we want our websites directly communicating with databases.
I am considering what would be a good approach to reconciling the MembershipProvider approach with our abstracted n-tier architecture. My initial feeling is that we could create a "DomainMembershipProvider" which interacts with the domain model and then implement objects in the model which deal with the repository and handle validation/business logic. The repository would then implement data access using our (as-yet undecided) ORM/data access tool.
Are there are any glaring holes in this approach - I haven't worked closely with the MembershipProvider class so may well be missing something. Alternatively, is there an approach that you think will better serve the requirements I described above?
Thanks in advance for your thoughts and advice.
Regards,
Zac
It's been 6 months since the question was asked and no one seems to have been able to provide an answer so I thought I'd explain the solution we eventually chose.
Basically, we have decided not to use any implementation of the MembershipProvider - instead we use our own custom Membership Service sitting atop a repository. It was important for us to maintain the existing aspnet_Membership database so our repository has basically duplicated the built-in SQLMembershipProvider functionality (at least, the aspects we need of it) - initially via Linq-to-SQL but now we're transitioning to NHibernate. The plan is to replace the membership database in a year or so when all of our websites are upgraded to use the new model.
It was possible to use a custom membership provider but in the end it became apparent that it was simpler, more consistent, and more maintainable to use a custom implementation. We are still using the built-in forms authentication functionality for verifying that a user is logged in and for redirecting users who try to access secure areas of our site without first being authenticated - but we have overridden the functionality that is tied to the profile provider.
Ultimately, our feelings on this are that while the membership provider is a powerful and easy-to-use tool within ASP.Net, if it doesn't fit with the wider approach used in your application, it is worth considering an alternative approach.
Interesting, thanks for posting your final solution. I am in a similar situation, but writing a custom Membershipprovider. I don't know where to put the provider because it needs access to the DB as well as System.Web namespace. It seems like it's the one class that violates this whole separation of concerns design.

Resources