Thursday, March 29, 2012

Fixing SqlDeveloper MSVCR71.DLL or MSVCR100.DLL not found error

Today I installed 64bit sqldeveloper on new Windows Server 2008 instance and oops ... I had strange error:

MSVCR100.DLL not found error - ok, I assumed it is JDK issue (i had only Java7 JDK installed which is not supported for SqlDeveloper 3.0.x).

After installing JDK6.x wasn't no changes.

Ok, I assumed the problem lies in non accessible MSVCR100.DLL. This dll is a part of Microsoft Visual C++ redistributable package, so I installed it. And again no changes.

I gave up and installed old 32bit version of sqldeveloper with bundled JDK. And surprise: error changes to MSVCR71.DLL not found.

After some googling I found the prompt. The problem lies in the erroneous registry entries. You sholud have entries visible like on image below:

The first (Default) string value is a path to sqldeveloper (with executable file), the second (Path) value is the path to JRE bin directory in used JDK.

Below reg file content you can use to fix similar problem:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\sqldeveloper.exe]

Saturday, March 24, 2012

Nice post about strings literals from JVM point of view

I came across an article about string literals "from JVM point ow view".If you are interested in topics of string literal pools, rules of string garbage collection  or issues of string immutability, this article will be for you:

Error BEA-090477 Certificate chain received from - was not trusted causing SSL handshake failure.

How to solve BEA-090477 certificate error which was thrown by Weblogic? To get rid of the problem, the remote server certificate needs to be imported by following below instructions:
  1. Access the https URL from web browser and export the certificate (by example with .cer extension). Eventually, if you can't access remote server via https, export server certificate in another way, by example from Microsoft Certification Authority in Windows AD Domain environment.
  2. Import cerrtificate *.cer file into Weblogic keystore (usually default Weblogic keystore is default JVM keystore), by example
    keytool -import -keystore ..\lib\security\cacerts -alias myCertAlias -file c:/Oracle/client.cer
    Remember! Default java ceacerts password is "changeit"

Wednesday, March 21, 2012

Cloning and compacting VirtualBox VDI

Today I had to prepare new VirtualBox Virtual Machine by copying old one. To clone VDI file I used VBoxManage utility:

C:\Users\mariusz\VirtualBox VMs\machines>"C:\Program Files\Oracle\VirtualBox"\VBoxManage clonevdi ide.vdi orclstd11g2.vdi

After clone you can only assing new VDI file to new virtual machine.

But what to do if we need compact new machine after uninstalling few applications? We can do this in 4 simple steps:
  • uninstall / remove unneeded files
  • defragment virtual disk space
  • nullify free disk space (in Windows you can use this app:
  • use VBoxManage to compact VDI file: C:\Users\mariusz\VirtualBox VMs\machines>"C:\Program Files\Oracle\VirtualBox"\VBoxManage modifyhd orclstd11g2.vdi -compact

Review of opensource SSO solutions

The definition of Single sign-on is: SSO is mechanism whereby a single action of user authentication and authorization can permit a user to access all computers and systems where he has access permission, without the need to enter multiple passwords. But there is a problem with SSO because of this term is used sometimes to mean several different things. In my current project I needed to choose open source SSO solution, which best fits our needs. After some experiences with SSO implementations, I can write few words about this.

There exists only few open SSO solutions I could consider. Only three was functionally sufficient, and I focused my research on these systems.

This should be our native choose, cause OpenSSO was informal Java standard, cause it was developed by Sun. Oracle afrer taking over Sun, actually abandoned project, but next it was revitalized by ForgeRock as OpenAM. The problem with OpenSSO is only one. I don't like it :)

Regarding functionality: OpenAM offers open source authentication, authorization, entitlement and federation software. OpenAM gives you core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.

Enterprices Single sign-on is Apache 2 licensed solution developed by University of Quensland. ESOE has been built utilizing open standards from OASIS such as SAML 2.0 and XACML 2.0 and provides core java security services like: integrated identity management, single sign on, authorization, federation and accountability for resource access across multiple platforms and technology stacks.

The solution looks very interesting, but some inactive in last two years.

CAS is a part of Jasig project. The solution provides own, specific single sign-on protocol. Till now CAS don't support SAML and from my perspective this is big defect of this system. But it has also one big advantage, built in integration with Java, ,NET, PHP, and Apache clients. Next advantage for me is documented integration path with Apache Shiro.

Additional option to consider
Preparing this review I consider Apache Shiro as SSO solution. In my opinion this security framework is't ready to fit SSO needs, but other Shito functionalities are worth the prevalence. Cause of this I wrote few words about this framework.

Apache Shiro
The first was Apache Shiro ( former JSecurity) project. Shiro is a comprehensive java web security framework, which focuses on: authentication across one or more pluggable data sources, authorization based on roles or fine-grained permissions, also using pluggable data sources, and built-in POJO-based Enterprise Session Management. And this last element can be interesting for me.
Shiro session's are POJO based, they are easily stored in any data source, and they can be "shared"across applications if needed. This can be used to provide a simple sign-on experience since the shared session can retain authentication state.

Shiro provides one very nice function: Heterogeneous client session access. You are no longer forced to use only the HttpSession or Stateful Session Beans, which often unnecessarily tied applications to specific environments. Flash applets, C# applications, Java Web Start, and Web Applications, etc. can share session state regardless of deployment environment.

After this short review I need some testing and coding to check cited solution in real work.

Thursday, March 1, 2012

How-to: Find row in ADF Iterator and remove row from Iterator

To find row in ADF Iterator by key  you can use below code:

DCBindingContainer bc = (DCBindingContainer)BindingContext.getCurrent().getCurrentBindingsEntry();
DCIteratorBinding iter =
String keyValue="123"; 
Key key = new Key(new Object[] { keyValue });
RowSetIterator rsi = iter.getRowSetIterator();
Row row = rsi.findByKey(key, 1)[0];

Next you can set the found row as the current row:

and remove row from Iterator: