Information Storage for Dummies (and how to make it secure)

Doing a lot of database work for a client right now so now it’s a good time to recap on where you can store your information. This might be basic stuff , but it’s essential basic stuff.

  • Spreadsheets, of which Microsoft Excel is the most popular. How the PC and Microsoft began their 25 year reign. Ironically their availability online (care of Google Docs and Google Spreadsheets) threatens to end the PC era and usher in the Web 2.0 one.Spreadsheets are never secure. If I can get a copy of them (and letting me read one means that I have a copy) then I can read everything. Everything. Most Excel passwords can be cracked within seconds.
  • Take a couple of spreadsheets, glue them together and put links between the sheets. Now you’ve more of less got an entry level database, such as Microsoft Access. It’s aimed at people who need more power than Excel, but are not developers.

    The trouble is that Access is not secure (see problem above) and that it doesn’t scale very well (for more than a couple of people using it at once). Both Access and Excel come with versions of Microsoft Office.

Access Splash Screen

  • So you have your information, and now you want to stick it on the web. MySql is the database of choice. Free, lightweight and with excellent tool support (e.g. phpMyAdmin), MySql is what powers this website. If you know what you’re doing (e.g. Google or Amazon) it will scale very very well.
  • For most people , the next step up is to a serious Enterprise database. Oracle, MS Sql-Server and it’s cousin Sybase are the main contenders in this area. DB2 from IBM is a distant fourth place while Sybase is strong in financial institutions. While MySql is catching up in features, most companies chose one of the main three because of their track record, a long list of people and vendors that support them, and because of ‘lock-in’. Once you choose a database it’s very hard to change.

So there you have it. Don’t let me see you trying to run a company on Excel or Access again. Or at least, don’t complain to me when it falls over!

Advertisements

Free Struts 2 Training (Outline)

Every company now has a web site. Struts is the most widely used Java framework for building these websites. Struts 2 is a radical overhaul, making it easier to use, yet more powerful at the same time.

In January, I will start delivering a course on Struts 2 for IACT – the Irish Academy of Computer Training.

Struts 2 Logo

This course is an overview to programming for the Web using Struts 2 and Java (free course outline here), including an introduction to the language for people already programming in other languages like Visual Basic. It covers what is different about developing web applications, the problems the Struts 2 framework solves, and how to develop applications within it using the Eclipse IDE. Optional components include JUnit, Ant, Log4J and building Web-Database applications.

If you’re a Struts 1 Developer looking for more than the free outline then I do plan to blog about upgrading your skills over the coming weeks. If that isn’t quick enough, you can always hire me for a 1-2-1 mentoring session 🙂

Update: The Course notes are now also available on the wiki / knowledgebase.

SQL programs are the cockroaches of the IT world.

Back in the dark days when World War III threatened us with imminent nuclear oblivion, we were told that cockroaches and other insects were the highest form of life that would survive. I’ve recently come to the conclusion that SQL programs, like cockroaches, will surive anything that the IT world can throw at them.

Oracle Ireland Logo

SQL is a way of getting useful information from databases ,like ‘get me all Bank Customers with an account balances greater than 10,000 Euro’. It’s been around since the stone age and it is strongly suspected that the ancient Egyptians were familar with it’s earlier forms. Given that at least part of most systems talk to a database, it is probably the most widely used programming language in the world. It’s the most widely used because it’s the most useful : do one thing and do one thing well.

However, you get into trouble when you use SQL in ways nature never intended. Once you step beyond the ‘get me this’ or ‘update that’ you’re in trouble. Like a 12m high cockroach from a 1950’s Horror Movie, your code is out of control. Even Oracle are migrating to a Java stack to implement business logic outside of the core database engine.

By way of apology to any Oracle or SQL-Server progammers offended by this post, I’ll share the news that I’m my way to getting Oracle certified. It’s Oracle Exam SQL-007 [pdf] and if you understand that , you’ll know that while it’s not bad for a Java person, guys like Donal Daly , Mark Rittman and Scott Spendolini aren’t under threat from me just yet.

Enterprise Java Presentation at DCU

On Wednesday, I’m presenting on the topic of Enterprise Java at DCU (Dublin City University) , in conjunction with Trigraph.

Trigraph Logo


I’ll blog later about bits and pieces of the slides (for commercial reasons I can’t publish the full set here), but the overview is below.

Description: Success or failure in your business depends on dealing with information faster and better than your competitors. This briefing shows you how Enterprise Java tools can do this and how to apply them to your organisation. Crucially, the briefing shows you when not to use Enterprise Java and details the alternative approaches.The briefing will give delegates an overview of the Java Web development environment, how to architect and distribute multi-tier applications and how to link these components with existing sources of information using Enterprise Application Integration (EAI). Most business have substantial investments in existing and legacy IT systems and the briefing will show how to integrate these with techniques such as JMS Messaging/ MQ Series, SOAP / XML or using the Java Connector Architecture (JCA).

As well as examining the main Java Application Server vendors (including Sun , IBM , Oracle , BEA and JBoss) the briefing will detail the technology stack that they offer. This stack includes Web presentation frameworks and SOA – Service Orientated Architecture at the Front end. In the middle (Business) layer this covers the capture of Business knowledge using Business Rule Engines and workflow (BPEL). At the back (Service) layer, this includes database integration using JDBC, and the Enterprise Service Bus (ESB).

What Problem are we trying to solve?Where Java Fits in Enterprise Computing.
Enterprise Application Integration (EAI).
A Componentised & Connected Enterprise.
Enterprise Java Architecture Overview.
Enterprise Java Platform Roles.
Benefits to the Enterprise.
Alternatives (.Net , PHP , Oracle , Lightweight Java Frameworks , scripting)
Scripting Languages and Enterprise Java (Ruby, Python, Groovy)
Vendors (IBM, Oracle, Sun , Bea , JBoss and SAP)
Vendor Specific Solutions (e.g. Oracle Fusion / ADF , IBM MQ )
Market Trends – Resource availability (can we get the people to do this?)

Foundation Technologies & Techniques.

Enterprise Web 2.0 and Service Orientated Aritecture (SOA).
Integrating with other Systems ( Legacy Systems, Oracle etc)
Enterprise Java Beans 3
Middleware (MOM, Rule Engines, Workflow)
Java on the (Enterprise) Desktop
Web Services / Enterprise Service Bus
Best practices (Code standards, Build standards, Version Control / Iterative Development / Junit)
UI Layer: HTML, Servlets, JSP, XML/XSLT.
XML’s Role in the Enterprise.
Application Tier: EJB, JNDI, JDBC, JDO.
Integration Technologies.
Java Connector Architecture- JCA
RMI, CORBA/IIOP, SOAP.
Security – Application and Server Level
Java Access & Authorization Service (JAAS).
Object-Orientation & UML.
Design Patterns.
Frameworks (Struts , JSF, ADF, DWR, Spring, Hibernate)
.Net interoperability

Enterprise Java Application Architectures.

Overview of Enterprise Application Servers.
Commercial Application Servers.
Distributed Application Models with Enterprise Java.
Enterprise Java Application Server Basics.
How to Choose a Enterprise Java Application Server.
Enterprise Java Application Architecture.
Building a Enterprise Java Application.
Deploying the Application.

Enterprise Java & Your Business.

Planning for Migration.
First Steps.
The Implementation Plan.
Organisational Challenges.
What’s next for Enterprise Java?

Close.

Ask Tom – Oracle is from Mars, Java is from Venus

Sometimes Java people (who do the pretty websites, as well as the ‘ugly bits’) and Oracle people (who hang round in server rooms storing the data) exist on two paralell worlds. The normal conversation goes like this:

Java Person

Where do I get the information from?

Oracle Person

That Table there.

Java Person

Thanks

And that’s it , until the next month or so. And that’s before we get into words such as ADF , Oracle Forms, Fusion , 10g or OAS, all of which appear on a regular basis on JobServe, but to most Java people may as well be an exotic plant just discovered in the Jungles of Indonesia.


The solution? Ask Tom. More Oracle stuff than our caffine-addled little brains can handle.

Tom Kyte (the Tom above that works for Oracle) , also has his own blog for Oracle related stuff.

The 2nd most useful Java-Oracle tool this year

The 2nd most useful Java-Oracle Tool that I’ve used this year is schema spy.

How often have you taken over a project without any documenation? Even worse , there is a database involved, and everybody just ‘knows’ (or pretends to know) where things are. What if all the orginal developers are gone and nobody is left to explain things? I can find my way around most legacy Java code , but databases leave me cold.

Still not convinced – take a look on the Schema Spy website. The level of information that this tool gives you takes you from knowing nothing about the database to knowing almost everything.

Interested in trying it out? Follow these simple steps
– Download it from http://schemaspy.sourceforge.net/
– Change the configuration to point to your database
– Install the Graphviz component (available here)
– Run the tool and await your fully documented database.

Just to shame the commercial competition , as well as Oracle , Schema Spy supports  DB2, hsqldb    ,    Microsoft SQL Server,     MySQL, PostgreSQL and Sybase. It’s written by John Currier and is well worth a donation.

In case you’re wondering, the most useful Java-Oracle tool for 2006 is Oracle’s project raptor. Schema spy runs it a very close second. Considering that it’s a Billion dollar company Vs one man , I’d chalk that up as a victory for the little guy!

So you want to make it on your own?

It seems like yesterday that I went independent , and now I turn around to find that it will be five years next month. Time flies eh? Even though I’m proud of lasting this long (especially in the Dublin market) and am probably enjoying it more than ever , there’s always a lot to learn – both on the technology and business side of things.

Perhaps one of the best articles I’ve see about the process of going independent is at angrycoder.com
He’s dot-net focussed , but a lot of what he says still holds true for Java/J2EE people. He’s especially good at describing the marketing side of things , where is where a believe a lot of IT people still fall down.