InterSystems Caché database

The IT landscape at my work – the Academic Medical Center (AMC) in Amsterdam – is about to change dramatically in the next couple of years. We are migrating away from a best-of-breed strategy combined with alot of custom, and mostly inhouse, build software systems, towards the integrated suite of health care software from Epic. Epic’s suite is centered on the Caché database from InterSystems. So when I learned about a free one-day introductory course on Caché I didn’t hesitate to sign up.

So earlier today I attended the workshop at InterSystems Benelux together with a couple of colleagues from the AMC. The day was well organised and provided me with a nice overview and introduction on InterSystems and their products and the Caché database in particular.

I always assumed that the database was an object database but it appears I was mistaken. At its core is something called “globals”. These key-value datastructures are stored internally in multidimensional hierarchical sparse arrays. The globals find their origin in MUMPS, which takes the origin of Caché back to the late sixties! Caché provides SQL and Object API’s built on top of the “Globals”, so you can also use Caché just as if it were a RDBMS or object database, although in essence it’s really more of a NoSQL datastore.

Supposedly, the internals of Caché provide for extremely high performance data access and extremely high transaction data processing. So I’m really curious to find out if – once we’ll have rolled out the Epic system – this claim holds true, and how it compares to the relational databases from the traditional competitors like Oracle and Microsoft.

Gotcha: preserving the ordering in collections when using JPA

This week I was faced with the requirement to store the ordering of a collection from a Java web application to a database. In plain Java, retaining the ordering within a collection is a no-brainer: you just use one of the java.util.List implementations. And saving the order into a database table should be as easy as a couple of INSERT statements in the correct order, right? Well, if you’re using JPA for ORM then it really isn’t that straightforward. As it turns out JPA does not take the ordering of a List into consideration, which imho is a serious design flaw. Forunately, as of version 2.0 a workaround was added to the spec: you can annotate relationships with @OrderColumn.

A very simple RSS reader with AngularJS and Google Feed API

Last year I’ve written a few lines about aggregating feeds with SimplePlie. SimplePie is a nice PHP library but the version I used broke when my hosting provider decided to upgrade the servers to a new PHP version. Although a new version was quickly installed, I found the broken pages to be the perfect motivation to finally do some coding with AngularJS.So after having attended a few workshops about AngularJS, and having read the excellent book by Brad Green and Shyam Seshadri, I finally got around to do some actual work with the framework.

Continue reading “A very simple RSS reader with AngularJS and Google Feed API”

Testing a Wicket application with Selenium IDE

Wicket and Selenium IDE

In development mode, Wicket generates id’s with the wicket namespace prefix. These id’s are dynamic and change everytime a page is rendered. This works fine until you try to record test scripts with Selenium IDE.

What Selenium basically does is use XPath queries against the wicket:id‘s, recording the value of those id’s. But next time around, when you try to playback the test script, it will fail beacuse the values of all of the wicket:id’s have changed.

One possible workaround would be to just use normal HTML id attributes. But this is very laborious and poses limitations on your HTML, CSS, and Javascript code, and also polutes the production code with a lot of unnecessary id attributes.

A more useful solution would be to make use of Wicket’s wicketpath attribute. Continue reading “Testing a Wicket application with Selenium IDE”

Encrypting passwords in Tomcat

Apache TomcatApache Tomcat is by far the most popular (open source) web server and Java servlet container. It has been around for a long time and – at the time of writing this post – has reached version 7.0.29. As Apache rightfully claims on its web site, Tomcat powers numerous large-scale, mission-critical web applications across a diverse range of industries and organizations. Therefore, one might imagine that such a widely used server would out-of-the-box already prove to be very secure .

However, alot of weaknesses in Apache Tomcat stem from incorrect or inappropriate configuration – as is the case not only for Tomcat but for the majority of software products, I would imagine. The OWASP organization has written up a nice document with a lot of best practices and recommendations on how to make Tomcat more secure than the default out-of-the-box installation.

The OWASP document rightfully states that best practices advice us never to store clear text passwords, but that in the case of the server.xml it is very difficult to avoid. In this post, I will try to look into ways to avoid storing clear text password in Tomcat’s files that hopefully will make it less difficult to avoid.
Continue reading “Encrypting passwords in Tomcat”

Integrating Wicket with Wicket Auth/Roles and Spring Security

In this tutorial I describe how you can setup Wicket 1.5 to use Spring Security 3.1 for authentication and Wicket Auth/Roles for authorization.

Spring Security is a very complete and flexible solution for all kinds of security needs. It offers a lot of functionality out-of-the-box and it is quite easy to extend to fit your own custom needs. Visit the Spring Security website (http://static.springsource.org/spring-security/site/index.html) for more information.

Wicket Auth/Roles makes it easy to annotate components with authorization information. E.g., the @AuthorizeInstantiation configures what roles are allowed to instantiate the annotated component or package, and the @AuthorizeAction annotation controls wether the component is rendered or not based on the roles.

At the and of this tutorial you will have a sample Wicket project that uses Spring Security to look up the user – including roles, full name, etc. -, validate the password, and manage the current user session. Wicket Auth/Roles validates whether the current user has access to a particular page, or even a particular component. Continue reading “Integrating Wicket with Wicket Auth/Roles and Spring Security”

Feeds aggregeren met SimplePie

Om een beetje bij te blijven op mijn vak- en interessegebieden ben ik een (bijna) dagelijkse bezoeker van een groot aantal websites. Omdat hier toch vrij veel tijd in gaat zitten, had ik het idee opgevat om de RSS-feeds van deze sites samen te laten komen in één enkele pagina.

Als Java-ontwikkelaar zou ik zo’n pagina snel in elkaar geknutseld kunnen hebben, maar omdat deze website leunt op PHP ben ik toch even gaan Google’n naar kant-en-klare oplossingen. Daarbij stuitte ik al vrij snel op SimplePie. Continue reading “Feeds aggregeren met SimplePie”