All posts by Raoul

With a fairly unusual first name, this is where I have to stress VERY STRONGLY that these posts are my personal opinions and in no way reflect anything at all to do with my employer. For employer-approved content, take a look at my work blog.

WebCenter on Exalogic and Exadata

There’s currently a lot of interest in moving virtualized environments to Oracle’s engineered systems.  This is partly because they are good systems and, for organizations that can use their capabilities, provide good value for money and high performance. Partly because Oracle licensing makes it tough to virtualize cost-effectively on other platforms (looking at you, VMware). And partly because Oracle sales people are extremely motivated to sell hardware along with software.

Unfortunately, though, there is still a lot of confusion about how this might impact deployment of WebCenter on these engineered systems.  Here are a few scenarios you may come across and how to deal with them.

  • Exadata (or Database Appliance) – no impact at all from an installation point of view.  The database is still just a database from the application’s point of view and will continue to connect via jdbc.
  • Exalogic with native OEL – this is a rare configuration, but Exalogic does support install of OEL natively on compute nodes.  In this case there is no difference to installing on any other Linux OS.  Assume (and ensure) networking is handled by the Exalogic administrator because that is where the issues may arise.
  • Exalogic with virtualized compute nodes – the most common deployment.  Thestandard/supported approach is to install all the WebCenter components on virtual OEL servers as usual.  Installation of WebLogic and WebCenter on Elastic Cloud (Exalogic) is exactly the same as on a regular server. Networking can be challenging when configuring virtual environments on Exalogic, so be sure that is all worked out ahead of time. Domain configuration and data stores should be on the ZFS storage appliance.

A major value add for Exalogic is the optimization for WebLogic that is designed into the system.  All of these optimizations have to be configured on a domain or server basis, though, they are not OOTB. This is a good resource for working through the optimizations.

Two factor security challenges

<Updated> Clarification of specific issues with 2-factor authentication by vendor:

Apple – two factor authentication becomes three factor when Apple disables your password and refuses to re-enable or change it. The Recovery Key then becomes the only factor in single factor auth.

Microsoft – two factor authentication with your MS Account (live? not sure what they brand it as this week) is not supported for Office365 accounts – so you have to generate a new one time application password each time you reboot your computer.

Ebay/PayPal – handoff from Ebay to Paypal (with 2 factor auth) doesn’t work on iPad. Prompts for password and then redirects prompting for SecureID token.  Does appear to work on Safari for Mac.

Dropbox – does appear to work, but I’m sure I’ll find flaws

Google – do they even have two factor? I don’t use their spying stuff.

 

Those of you who follow me on twitter will know that earlier in the year Apple’s poor excuse for two-factor security and support frustrated me for months (literally) and ended with me losing everything I had ever paid for with that account and having to create another account from scratch.

I’m now finding out that Microsoft has implemented two factor security in a similarly half-assed way.  I just switched to a personal MS365 subscription for Office 2011. Since installing Office 2011 I had been annoyed by the 365 login screen each time I rebooted my computer.  But now I’m using my own account with 2 factor auth, it’s even worse. I get prompted for a login, but my password doesn’t work – I then have to login to account.live.com, authenticate, generate an app password, copy that and then paste it into the prompt screen.  After talking to 9 different MS support people, none of whom even understood the issue, I have to assume it’s working as designed.  Their only advice was to turn off two factor authentication.

Add to that my experience last week where the handoff between eBay and PayPal (also with 2 factor auth) was completely broken on the iPad and my conclusion is that for normal users the overhead and annoyance associated with security is untenable.

We are surrounded by news of security breaches on a daily basis and yet the largest software companies in the world can’t implement two-factor security properly. Password management is a mess because web pages prevent you from copying passwords into the login screens or because apps on your mobile devices forget the password at every update and again don’t support pasting of username and passwords.

I’m a technical person that has been using these systems since the mid 1980s. I understand the importance of password management, secure authentication, etc. and I’ve even experienced the outcome of hacked passwords and lost accounts. But to expect “normal” users to manage these broken and difficult to use tools is ridiculous.  People will just throw up their hands and go back to 1234 or password because trying to do the right thing is too hard and ends up with you locked out of your account.

I’m not sure how this is going to improve.  The burden for these insecure systems is still placed fairly and squarely on the shoulders of people with lithe to no interest or training in technology. There’s no clear competitive advantage in more secure and easy to use logins because nobody at the companies pays any price for their failures.

  • Two-factor authentication (as it is implanted by almost every tech company) is broken.
  • Username / password is broken.
  • There is no clear alternative currently out there.
  • We will continue to get daily reports of “hacking”, “cracking”, and online theft.

 

Larry stepping aside at Oracle?

A shock announcement from Oracle yesterday that Larry Ellison will be stepping aside as CEO to a new position as CTO, with Safra Catz and Mark Hurd stepping into the new co-CEO roles.  BUT, Larry was also named executive chairman of the board – so Larry will report to Mark and Safra who report to the board of which Larry is chair.

As a former Oracle employee, Larry’s presence always loomed large at the company in a way that Safra or Charles Philips  did not (I pre-dated Mark).  I’ve always respected the guy because I admire someone who grew up  poor as the child of a single mother and had the vision and tenacity to grow such a huge company from nothing.  I have never met him face to face, but people I know who have reported that he is very, very sharp technically and had a grasp of detail even when he was running this behemoth of a company.

Mark Hurd, on the other hand, is almost universally described as a spreadsheet-driven bean counter and was widely loathed at HP when he was there. A friend of mine was in an HP office in London when the news came via email that Hurd had resigned and described the celebration and joy that greeted that news.  I don’t know much about Safra Catz other than she is seen to be efficient and somewhat scary (although there may be some sexism colouring that viewpoint).

Over a few beers with friends earlier in the year, we came up with the idea that Oracle would merge with Salesforce at some point and put Marc Benioff in the CEO seat of the combined company.  I see more  charismatic leadership style from Marc than from Safra or Mark – but maybe the latter will grow into their roles as Tim Cook has at Apple.  And there’s still time for Oracle and SFDC to merge – seems like almost everyone at SFDC used to work at Oracle anyway.

FWIW – here is what Marc Benioff had to say:

beniioff copy

Oracle buys Front Porch Digital

The news to start the week was that Oracle had agreed to buy Front Porch Digital – “a provider of content storage management solutions”.  It’s an interesting and valuable acquisition because it plugs the only remaining gap in Oracle’s content portfolio – broadcast and media asset management – an area that IBM, HP, and OpenText have covered along with a host of specialized vendors.

As an interesting aside, Stellent owned Ancept (which plays in this space) for a while, but sold it to IBM shortly before Stellent’s acquisition by Oracle. Actually, it was sold to an IBM reseller rather than IBM proper but Ancept was always strongly associated with big blue. Later Ancept was sold to ViewCast, a hardware vendor.

Front Porch’s products are also mainly hardware and there is little information publicly available about their software and workflow standards.  Their “secret sauce” is optimized storage hardware and integration with broadcast and editing systems.  One easy win for Oracle sales people, though, is that there is pre-existing integration with StorageTek tape systems (another company with a tangled acquisition history).

I don’t know enough about the broadcast media space to know whether this is a good acquisition in terms of “best of breed” but it does help plug that gap in the offering portfolio – a real requirement that we often see in RFPs and in the past have had to address with integrations to third parties.  It also fits with Oracle’s expansion strategy into hardware and engineered solutions. I can definitely see value in getting these acquired products to work with the SOA suite for Healthcare, for instance, as storage for DICOM and other medical images.

I think the real challenges will come with the transition for customers from a smaller vendor (FPD is a small, privately held company with less than 200 employees) to the hard-selling behemoth that is Oracle, and also in retention of key technical people.  Oracle’s acquisitions of Stellent, BEA, and FatWire have all resulted in almost total turnover of the technical architects, developers, and product managers from those companies leaving major gaps in internal resourcing to sell and support those products.

Oracle BPM 12c launch webcast

Oracle just launched their BPM 12c suite and Andy Kershaw presented a webcast on it this lunchtime (EST).  This was mostly a business and marketing-driven event, so very lacking in the detail and architecture that I would have liked to see, but I imagine those types of presentation will be coming along later.

I was also able to review the Oracle white paper on “What’s New in Oracle BPM 12c”  and the updated data sheet which gave some more detail on subjects Andy didn’t have time to cover.

From these two sources there are a few new areas of functionality that I will be interested in digging into a little more deeply:

  • Ability to define business rules verbally in Process Composer sounds interesting and useful, but the devil will be in the details
  • Better support for mobile – absolutely crucial these days.
  • “Adaptive Case Management” – which I really hope isn’t just marketing fluff.  If it truly delivers on the closer integration of BPM, Content, Data, and BAM it will be a great thing for clients who have previously had to cobble this together themselves.
  • Better integration with cloud-based and 3rd-party applications – obviously Eloqua and Fusion Apps, but also Salesforce, SAP and others.  Strangely, I can’t find info on this on the Oracle web site, but obviously this is a big advantage for the majority of businesses that are diverse in their vendor choices.

A lot of other interesting aspects of KPI tracking, better analytics, integration with Oracle R, etc.  I wonder if a limited use license for this will still be bundled with WebCenter Content?  It certainly looks like WCC is bundled with the BPM suite for use in Case Management.

Branching out to a dedicated Tech blog

I’ve been meaning to set up this expanded WordPress site to allow me to explore technical subjects in more depth than twitter allows and with more freedom than my company’s blog allows.  So here we are – finally – after wrestling with my hosting partner, naming convention issues, WordPress configuration, and plugin challenges.

Needless to say – all opinions in here are 100% my own and do not reflect the views of my company, my colleagues, my former employers, or anyone else.  All mistakes are my own and all incorrect conclusions, laughable assertions, and illogical conclusions would reflect only on me.