Preparing a Portal/IAM-presentation for the Heimore Identity 2.0-day on Wednesday, http://www.heimore.com/Nyheter/Arets-event-Identitet-20--Identity-Management-i-verksamheten-nu-och-i-framtiden/
© Copyright 2009, Tomas Elfving
Monday, November 23, 2009
Heimore Identity 2.0
Thursday, November 19, 2009
Google has launched Go
Google has launched Go, a new programming language focusing on concurrency, simplicity, and performance.
Go is open source. It uses an expressive C/C++-similar language with pointer but no pointer arithmetic. It is type safe and memory safe. However, one of its main goals is to offer the speed and safety of a static language but with the advantages offered by modern dynamic languages. Go also offers methods for any type, closures and run-time reflection. The syntax is pretty clean and it is garbage collected. It is intended to compete with C and C++ as a systems programming language.
It features mulitcore programming by providing lightweight concurrency allowing developers to create sets of lightweight communicating processes, called "goroutines". You can run many concurrent goroutines and you don't need to worry about stack overflows. Goroutines aren't threads, they are functions running in parallel with other goroutines in the same address space. It is very easy to launch parallel functions using the goroutines. This is one of the most interesting features offered by the language. It really simplifies concurrency for systems programming.
© Copyright 2009, Tomas Elfving
Wednesday, November 18, 2009
A Web service layer versioning strategy using deprecated methods
Question: How to manage development, bugfixing and all type of both backward- and nonbackward compatible changes to a web service layer without suffering from escalating maintenance costs of having to manage lots of old versions?
Suggested solution: Do not allow different version of the WS interface. Never change namespace. Handle change by introducing replacement methods and mark the "old" method as deprecated. Leave the deprecated method in production for a grace period, giving all consumers sufficient time to move over to the new version. When all consumers have moved over, remove the deprecaded method altogether.
This strategy works for both WS and EJB interfaces.
See also http://java.sun.com/j2se/1.5.0/docs/guide/javadoc/deprecation/deprecation.html
© Copyright 2009, Tomas Elfving
Monday, September 21, 2009
Visio stencil with SOA-symbols
As a compliment to his excellent book "SOA Design Pattrens", Thomas Erl also offers a Visio stencil with SOA symbols. Very useful!
Sunday, September 20, 2009
MOSS Audience Targeting & Audience Rules
To scope content in MOSS 2007 using audience targeting, You have three options:
Monday, July 6, 2009
Consumer power on the Internet
After filing support issues to IBM for ten months to not much avail, it took IBM only a few weeks after I blogged about it to get a version out addressing the problems with the Clearcase for Visual Studio 2008 plugin that we have reported (http://blog.tomaselfving.com/2009/05/clearcase-for-visual-studio-problems.html, comments). Coincidence? Great news anyhow, only that we have already moved to VisualSVN and are happy now, maybe we look at the new Clearcase version at some later point in time.
Sunday, June 14, 2009
ROSS for multi-stage deployment and multi-farm replication for SharePoint
When searching for an enterprise deployment solution for a large external MOSS platform, I've come across ROSS. RepliWeb Operational Synchronization for SharePoint (ROSS) claims to provide one thing that is missing in the MOSS box, namely support for multi-stage deployment and multi-farm replication.
Saturday, May 2, 2009
Clearcase for Visual Studio problems
I'm working with a large corp customer that have standardized on IBM Clearcase. It works great with all the Java development tools, but when starting up large scale Visual Studio development we have experienced lots of problems, especially with the Clearcase plugin for Visual Studio 2008. For instance:
MOSS sp 2 now available
The MOSS sp 2 is now available for download at http://blogs.msdn.com/sharepoint/archive/2009/04/28/announcing-service-pack-2-for-office-sharepoint-server-2007-and-windows-sharepoint-services-3-0.aspx.
Friday, April 3, 2009
SIEM and logging/tracking event by Heimore
Focusing on SIEM (Security Information and Event Management), traceability, log management and regulatory requirements Heimore Group is on the 13th of May arranging a full day of presentations, case studies, and meetings round these topics. The leading software vendors are coming as well as a number of leading experts in these fields.
Monday, March 23, 2009
Sharepoint proprietary specs out
Thursday, March 19, 2009
Skype staus field in Sharepoint
Tuesday, March 10, 2009
An architecture of base-system-independent web services

One of the most common mistakes of SOA implementation is to leave out the common data model. Without that, the web service layer is no more than a function-mapping layer between clients and base systems. By letting the ESB manage a common data model, the web services published to clients are independent of various base system definitions of common objects, and also independent of change in theses base system definitions.
Saturday, March 7, 2009
SharePoint 2007 Backup/Restore options and things to consider
Going through the native Sharepoint backup, I've found some limitations I'd like to shed some light on. The backup:
- does not Provide Scheduling Functionality. You must use the command line with Windows Task Scheduler for scheduled backups
- does not Backup any Configurations/Customizations to any files in the “12 Hive” or Web.config files. You must manually back up front end files.
- does not Backup IIS Settings/Configurations
- does not Backup Alternate Access Mappings (AAM)
- dannot Backup Directly to Tape (only to UNC)
- high restore time means low availability
- it does not backup any WFE configurations or solutions
- it requires Admin to manually reattach content databases to the web applications after a recovery
- you'll need to manually backup/restore all customizations on WFE Servers (.Net Assemblies, Features, IIS Metabase, etc. – batch file can help automate this process)
- no need to backup Search database (as it can’t be synchronized with Search Index)
- backup/restore of SSP separately via SharePoint native backup/restore
Friday, March 6, 2009
Sunday, March 1, 2009
Version management of web services
You basically have 2 choices: Either use separate URI's or use the "target namespace# for version numbering. Target namespace can also be used for multilanguage support.
Using the tagret namespace way together with a proxy or ESB, you can reduce client dependence on URI's. Say you have:
/Customer
/Customer/v1
/Customer/v2
/Customer/vX
/Customer always gives the client the latest version. The ESB acts here to sort out what WS is the latest version and supplies that WS to the client. Clients call /Customer for services they know is backwardcompatible.
/Customer/vX is for non-backwardcompatible services where the client needs to be sure exactly what version of the service he gets.
The "target namespace" solution follows the Amazon’s recommendation form publication of services (http://docs.amazonwebservices.com/AWSEcommerceService/2005-03-23/ApiReference/ServiceVersioningArticle.html)
© Copyright 2009, Tomas Elfving
What capabilities can a proxy in a SOA service layer handle?
When implementing a SOA web service layer, a number of issues keeps reappearing in service after service. They should, in other words, be taken care of in a separate service proxy layer on top of the services. The proxy layer could be implemented as a custom developed layer or with an ESB (Enterprise Service Bus).
Contrary to the more classical enterprise application integration (EAI) approach of a monolithic stack in a hub and spoke architecture, the foundation of an enterprise service bus is built of base functions broken up into their constituent parts, with distributed deployment where needed, working in harmony as necessary. An ESB does not implement a service-oriented architecture (SOA) but provides the features with which one may be implemented. The ESB tries to remove the coupling between the service called and the transport medium.
The following capabilities a proxy/ESB can handle:
- Invocation - Support for synchronous and asynchronous transport protocols, service mapping (locating and binding)
- Ruoting - Addressability, static/deterministic routing, content-based routing, rules-based routing, policy-based routing
- Mediation and integration - Adapters, protocol transformation, service mapping
- Messaging - Message processing, message transformation and message enhancement
- Process Choreography - Implementation of complex business processes(think twice before getting into that as it ties you heavily to the ESB product)
- Service Orchestration - Coordination of multiple implementation services exposed as a single, aggregate service
- Quality of Service - Security (encryption and signing), reliable delivery, transaction management, SLA controls
- Management - Monitoring, audit, logging, metering, admin console, BAM
- Thread management - i.e limit number of concurrent calls to a base system
© Copyright 2009, Tomas Elfving
Friday, February 27, 2009
Sharepoint memory leaks, anyone?
The SPDisposeCheck tool will help improve the quality of your SharePoint assemblies. It will inspect your SharePoint assemblies and check that you are correctly disposing of certain SharePoint objects (IDisposable objects which includes SPSite and SPWeb). The tool is based upon the guidance published in this MSDN article, Best Practices: Using Disposable Windows SharePoint Services Objects
This tool is not supported by Microsoft and is recommended to be used on Developer workstations and not on production SharePoint Server installations.
© Copyright 2009, Tomas Elfving
FAST Search for SharePoint available in beta 2nd half of 2009
Microsoft have released a roadmap for the FAST search engine aquired by the norwegian search specialists some time ago. The new search server that will add the high-end search capabilities of FAST ESP into Microsoft Office SharePoint Portal Server, will be available as a part of the next release of MOSS.
For customers who are interested in the product, Microsoft also announced ESP for SharePoint, a special offering that allows customers to purchase high-end search capabilities today, with a defined licensing path to FAST Search for SharePoint when it becomes available.
The full name is "FAST Search for Internet Business". It will extend FAST ESP and provide a flexible platform for building engaging, search-driven Web site experiences. The product will be available in beta in the second half of this year and will feature new capabilities for content integration and interaction management, helping enable more complete and interactive search experiences.
© Copyright 2009, Tomas Elfving
Saturday, January 31, 2009
What is a Claim?
See also previous post on Claims-based authentification in next SharePoint
So, what is this claim and claims-based model that generates so much fuzz?
The claims-based model has three components:
1. the relying party, which needs the claim in order to decide what it is going to do
2. the identity provider, which provides the claim
3. the user, who decides what if any information he wants to provide.
Claims can contain static information such as birth date or credit card info, relationship-based information such as group membership or derived claims that make general assertions such as the user is over 21 years of age. There are also metaclaims about how information was verified, such as in-person registration, or how it was issued.
Claims can be used in three ways:
1. to securely transmit the requesting user’s identity across machines
2. provide application-specific concepts, such as roles, so applications can augment claims about the user and allow applications to reason about those claims in the context of authorization decisions
3. interoperate with multiple authentication providers in a consistent manner.
© Copyright 2009, Tomas Elfving


