Monday, September 27, 2010
WebSphere Technical Journal available for the Kindle
I have a Kindle and am quite fond of it. I find it easy to devour books and my reading has certainly picked up since I got it for my birthday this summer. I've put several IBM Redbooks on it for reference whenever I go to a client site. Its nice to be able to pull it up on a separate device, but not have to lug around a book. That said, I'm not terribly fond of reading PDF's on the Kindle. The page does not scale like a native Kindle format, and navigation is also not the same. I'm hoping that the Redbooks will soon be offered in Kindle format, but in the interim, I've discovered that the WebSphere Technical Journal is available in Kindle format. Check it out! Very handy if you crave some technical reading during a flight, or train ride.
Tuesday, September 21, 2010
Scanning Web Services with IBM Rational AppScan Standard
Web services can be hacked and information exploited against your company. If your organization has made the move towards a services oriented architecture, then security testing of your web services should be part of your repertoire. This YouTube video shows how AppScan can do exactly that with customizable reporting.
Thursday, September 16, 2010
Installing Lotus Quickr 8.5 on OpenSuse 11.3 Linux under VMWare
This will be a bit of a long blog entry, but this is a demonstration of getting Lotus Quickr 8.5 for Domino up and running on Linux. Lotus recently released this version, and those of us in the community have long awaited a Linux version. Many of our customers who use Quickr are small companies and budget is a concern. A small shop of 10-20 people can get Quickr for less than $800. When you have to fork over money to Microsoft for an OS, it more than doubles the cost. You can install on Linux and avoid additional OS costs or optionally pay for support later when you need it. Linux also is often a more stable and secure platform. I've never had a 'Blue Screen of Death' on Linux.
I am a fan of OpenSuse for most of my development/test/demo environments for IBM software. WebSphere App Server, Team Concert, Quality Manager, Domino, all run perfectly out of the box with only an occasional warning message that the OS is not officially supported (which is fine for a demo environment). For a production environment I recommend going with a full SUSE Linux Enterprise Server (SLES) license. For this experiment, I'll use OpenSuse 11.3.
I'm installing this into a VMWare environment. I created a 30GB virtual disk drive, and most of the basics. For the desktop environment, I chose XFCE rather than Gnome or KDE. XFCE is requires less system resources to run, and less binaries in the file system. Since I'll be managing the server primarily via Domino Administrator, a browser, and putty, I don't need all the visual bling of the other two desktop environments.
After you install and get to the XFCE desktop, you should disable the firewall for the time being (or at least open up the proper ports). Do this in YaST.
Once Linux is up and running, next stop is to download Lotus Domino and Quickr. Domino of course must be installed first as Quickr for Domino runs on top of .... yes ... Domino. Go to Passport Advantage (customers) or IBM Partnerworld (business partners) to download. Note: you do not need to install Java before downloading with OpenSuse 11.3. OpenJDK will launch the Download Director applet fine without it.
Once downloaded, you will have two files:
Untar Domino with the command tar -xvf lotus_domino852_xlinux_en.tar. Then cd into the directory linux/domino/
Untar Domino with the command tar -xvf lotus_domino851_xlinux_CZ5WREN.tar. Then cd into the directory linux/domino/
Now switch to root an run the install (su to switch to root). You must first create the user and group for the Domino server to run under. Issue the two following commands (the latter to set the password).
Next, you must increase the file handler limit.
Now, we can install the server. Run the install executable with ./install (note the ./)
This will launch the graphical installer (yes, you can install graphically on Linux .. don't be afraid). Click 'Next' in the next window, and then read and accept the license agreement.
You don't need to worry about partitioning, so click next.
Install the binaries in the default directory (/opt/ibm/lotus). This is analogous to the program files directory on Windoze.
Then, click 'Next' again.
The data directory is where all the information we will create is stored. These will be our blogs, wiki's, and team spaces.
Accept the default user and group names. This is the user that will be executing the binaries. You do NOT want to change this to root. It will cause you nothing but grief later if you do.
On the next screen, select 'Remote Server Setup'. The option for Remote Server Setup is available on all Linux/Unix variants and is used with the Windows based Remote Server Setup tool that comes with the Domino Administrator client.
On the next screen select "Enterprise Server". No, you do not need to purchase a separate Domino Enterprise server license, but you will need the features under Enterprise.
Select Next on the next few screens. You'll get a pop up that says this system is not supported. Don't worry, it will continue installing. Just don't put in a PMR if you need support. Remember, this is a demo. You'll then see the progress bar as it installs the binaries and base files.
Once Domino is installed, you should see the following message:
Now you need to setup the server. You will connect with the Remove Server Setup tool in Windows. Enter the hostname or IP address of the server in the first box. I'm not going to detail the remote server setup here, but if anyone requests it, I can update this blog entry later. For now, its safe to assume I've setup the server as an additional server in my Domino domain. Once you have set the server up, you'll want to shut the Remote server setup down when prompted.
Next install the fixpack. Unless you put the fixpack in another diretory you'll be extracting it into the same Domino directory as the installation. Move it to its own folder.
Untar the fixpack as you did the server tar file:
Now, run the fixpack installation with ./install
Follow through the prompts accordingly. Nothing to really note about it, but you do need to install the fixpack before you install Quickr.
You will now need to make some changes to the Domino directory. You must enable the Domino servlet engine:
While you are in the server, create a Web Single Sign On configuration document. We are going to enable form based authentication.
Click on 'Create Web .. SSO Configuration'. On the Web SSO document, create Domino LTPA keys. Set the domain to your DNS domain (i.e. strongbackconsulting.com). On the Web SSO document, leave the 'Organization' field blank.
Set the Session Authentication to 'Multiple Servers SSO'. NOTE: Single Server is NOT supported for Quickr (school of hard knocks talking here).
Now, its time to install the Quickr binaries on top of Domino. First untar the Quickr binaries:
Then CD to the server directory and run the install with ./install
Note that you'll need to expand the terminal to full screen first. This install will be text based only.
For the installation, you need to know who your Quickr admin is going to be. You'll set a preliminary ID for that person and with a default password. We will change the directory settings later. During the install, accept the default settings for the program and data directories as well as the Domino user and group names (notes).
On the user admin screen enter your admin name. Note you need to use TAB and ENTER to accept and edit the values.
Once you've answered the basic questionnaire you should see the screen above. Press TAB to start installing all the binaries.
Finally, you should be aware that Domino will not automagically start unless you create your own init script. This is the one note where Windows beats Linux. Follow my advice on my previous blog entry on how to do that.
Another post-install task to do is to set the default homepage to "/LotusQuickr/lotusquicker/main.nsf"
Start your server, and your QuickrD is ready to run. I'll cover setup and features in another blog post, but for now you should have the basics installed on Linux.
I am a fan of OpenSuse for most of my development/test/demo environments for IBM software. WebSphere App Server, Team Concert, Quality Manager, Domino, all run perfectly out of the box with only an occasional warning message that the OS is not officially supported (which is fine for a demo environment). For a production environment I recommend going with a full SUSE Linux Enterprise Server (SLES) license. For this experiment, I'll use OpenSuse 11.3.
I'm installing this into a VMWare environment. I created a 30GB virtual disk drive, and most of the basics. For the desktop environment, I chose XFCE rather than Gnome or KDE. XFCE is requires less system resources to run, and less binaries in the file system. Since I'll be managing the server primarily via Domino Administrator, a browser, and putty, I don't need all the visual bling of the other two desktop environments.
After you install and get to the XFCE desktop, you should disable the firewall for the time being (or at least open up the proper ports). Do this in YaST.
Once Linux is up and running, next stop is to download Lotus Domino and Quickr. Domino of course must be installed first as Quickr for Domino runs on top of .... yes ... Domino. Go to Passport Advantage (customers) or IBM Partnerworld (business partners) to download. Note: you do not need to install Java before downloading with OpenSuse 11.3. OpenJDK will launch the Download Director applet fine without it.
Once downloaded, you will have two files:
- CZM8JML.tar
lotus_domino852_xlinux_en.tar- lotus_domino851FP3_linux_x86.tar
- lotus_domino851_xlinux_CZ5WREN.tar
UPDATED: I originally wrote this using the Domino 8.5.2, but as LotusRockStar pointed out in the comments below, Quickr will not run on Domino 8.5.2. You must use Domino 8.5.1, fix pack 3.
Now switch to root an run the install (su to switch to root). You must first create the user and group for the Domino server to run under. Issue the two following commands (the latter to set the password).
groupadd notes
useradd -g notes notes
passwd notes
You can also create the accounts in Yast under 'Users and Groups'. Yast is similar to Control Panel in Windows. Set the password before you go much further also. 
Next, you must increase the file handler limit.
ulimit -n 20000
Now, we can install the server. Run the install executable with ./install (note the ./)
You don't need to worry about partitioning, so click next.
The data directory is where all the information we will create is stored. These will be our blogs, wiki's, and team spaces.
Accept the default user and group names. This is the user that will be executing the binaries. You do NOT want to change this to root. It will cause you nothing but grief later if you do.
On the next screen, select 'Remote Server Setup'. The option for Remote Server Setup is available on all Linux/Unix variants and is used with the Windows based Remote Server Setup tool that comes with the Domino Administrator client.
On the next screen select "Enterprise Server". No, you do not need to purchase a separate Domino Enterprise server license, but you will need the features under Enterprise.
Select Next on the next few screens. You'll get a pop up that says this system is not supported. Don't worry, it will continue installing. Just don't put in a PMR if you need support. Remember, this is a demo. You'll then see the progress bar as it installs the binaries and base files.
Once Domino is installed, you should see the following message:
Now you need to setup the server. You will connect with the Remove Server Setup tool in Windows. Enter the hostname or IP address of the server in the first box. I'm not going to detail the remote server setup here, but if anyone requests it, I can update this blog entry later. For now, its safe to assume I've setup the server as an additional server in my Domino domain. Once you have set the server up, you'll want to shut the Remote server setup down when prompted.
Next install the fixpack. Unless you put the fixpack in another diretory you'll be extracting it into the same Domino directory as the installation. Move it to its own folder.
Untar the fixpack as you did the server tar file:
tar -xvf lotus_domino851FP3_linux_x86.tar
Now, run the fixpack installation with ./install
Follow through the prompts accordingly. Nothing to really note about it, but you do need to install the fixpack before you install Quickr.
You will now need to make some changes to the Domino directory. You must enable the Domino servlet engine:
- From IBM Lotus Notes or the Lotus Domino Administrator, open the Lotus Domino directory (names.nsf) on the server.
- Open the server document in Edit mode.
- Click Internet Protocols -> Domino Web Engine.
- Under Java Servlets, select Domino Servlet Manager in the Java servlet support field.
- Save & Close the document.
While you are in the server, create a Web Single Sign On configuration document. We are going to enable form based authentication.
Click on 'Create Web .. SSO Configuration'. On the Web SSO document, create Domino LTPA keys. Set the domain to your DNS domain (i.e. strongbackconsulting.com). On the Web SSO document, leave the 'Organization' field blank.
Now, its time to install the Quickr binaries on top of Domino. First untar the Quickr binaries:
tar -xvf CZM8JML.tar
Then CD to the server directory and run the install with ./install
Note that you'll need to expand the terminal to full screen first. This install will be text based only.
For the installation, you need to know who your Quickr admin is going to be. You'll set a preliminary ID for that person and with a default password. We will change the directory settings later. During the install, accept the default settings for the program and data directories as well as the Domino user and group names (notes).
On the user admin screen enter your admin name. Note you need to use TAB and ENTER to accept and edit the values.
Once you've answered the basic questionnaire you should see the screen above. Press TAB to start installing all the binaries.
Finally, you should be aware that Domino will not automagically start unless you create your own init script. This is the one note where Windows beats Linux. Follow my advice on my previous blog entry on how to do that.
Another post-install task to do is to set the default homepage to "/LotusQuickr/lotusquicker/main.nsf"
Start your server, and your QuickrD is ready to run. I'll cover setup and features in another blog post, but for now you should have the basics installed on Linux.
Friday, September 10, 2010
Lotus Notes immune to "Here you have" virus
Yet another $h17#3@0 virus maker has spawned his evil on the world with this recent "Here you have" virus. This is a version of the old Anna Kournikova virus from 2001, which in turn was a similar variant of the "Love Bug" virus in 2000. I was working at marchFIRST (USWeb ) when the love bug virus hit, and remember well I was cursing the fact I was using Outlook at the time. These viruses use Visual Basic to target the Windows MAPI interface.
Lotus Notes does not use the MAPI interface. It has a completely different and self contained security model called the Execution Control List (ECL). The ECL is managed centrally by the Domino Administrator and can prevent such a virus from even launching.
All this said, it is important to note that although Lotus Notes will not execute the virus, and the virus will not transport via Lotus API's, if the user has MS Outlook, Outlook Express, or any other MAPI tool installed, this virus can spread from this PC. Also, a Lotus Notes user may receive a virus email and the user might be foolish enough to open it. However the ECL should block the code and give the user a warning. Only if the user ignores the warning (by explicitly allowing it to run), it will only spread if the user has a MAPI client.
In the article where I first read this, the companies mentioned are Microsoft Exchange sites. You'll notice the Outlook client displayed promptly in the video of the news article.
Lotus Notes does not use the MAPI interface. It has a completely different and self contained security model called the Execution Control List (ECL). The ECL is managed centrally by the Domino Administrator and can prevent such a virus from even launching.
All this said, it is important to note that although Lotus Notes will not execute the virus, and the virus will not transport via Lotus API's, if the user has MS Outlook, Outlook Express, or any other MAPI tool installed, this virus can spread from this PC. Also, a Lotus Notes user may receive a virus email and the user might be foolish enough to open it. However the ECL should block the code and give the user a warning. Only if the user ignores the warning (by explicitly allowing it to run), it will only spread if the user has a MAPI client.
In the article where I first read this, the companies mentioned are Microsoft Exchange sites. You'll notice the Outlook client displayed promptly in the video of the news article.
Wednesday, September 08, 2010
Have you played with the free Lotus Domino Designer?
Earlier this year IBM announced that their development environment for Lotus Notes, the Lotus Domino Designer is now free for download. Although it does require a fee to connect to a Domino server, it costs nothing to run local homemade applications. The rapid application development ability of Lotus Notes (yes, it is a development platform), has long been IBM's best kept secret. They do a very good job of keeping it secret, along with the FUD marketing of Microsoft and Google.
I have created countless apps in Lotus Notes, from CRM apps, employee Intranets, corporate web sites, team sites, sys admin apps, and more. I do development in about a dozen languages, and Notes is by far the fastest development environment out there. Many who follow this blog are already Lotus gurus and evangelists, so I know I'm preaching to the choir for many on this, but this post is for the neophyte - the uninitiated to the realm of Domino apps.
Download a copy at http://www-01.ibm.com/software/lotus/products/dominodesigner/. Then get started developing an application. Visit the LND App Dev Wiki to help you get started and create a home grown app. Or, walk on over to OpenNTF.org and pull down some pre-built open source templates. Many of these are great right out of the box, but they are also great for dissecting and learning from the inside out. Another good resource is the XPages tutorial. XPages brings in Java Server Faces like development. If you have experience with JSF, this should help you feel at ease. I've shared other helpful links here.
If you are a neophyte, I do hope you give it a whirl and try out one of the tutorials. I think you will be quite impressed with its abilities and speed at which you can develop a high quality application.
I have created countless apps in Lotus Notes, from CRM apps, employee Intranets, corporate web sites, team sites, sys admin apps, and more. I do development in about a dozen languages, and Notes is by far the fastest development environment out there. Many who follow this blog are already Lotus gurus and evangelists, so I know I'm preaching to the choir for many on this, but this post is for the neophyte - the uninitiated to the realm of Domino apps.
Download a copy at http://www-01.ibm.com/software/lotus/products/dominodesigner/. Then get started developing an application. Visit the LND App Dev Wiki to help you get started and create a home grown app. Or, walk on over to OpenNTF.org and pull down some pre-built open source templates. Many of these are great right out of the box, but they are also great for dissecting and learning from the inside out. Another good resource is the XPages tutorial. XPages brings in Java Server Faces like development. If you have experience with JSF, this should help you feel at ease. I've shared other helpful links here.
If you are a neophyte, I do hope you give it a whirl and try out one of the tutorials. I think you will be quite impressed with its abilities and speed at which you can develop a high quality application.
Subscribe to:
Posts (Atom)
Posts
