The Kitchen Sink Weblog: Tales from Sun's internet facing edge

Driving in India is a daunting experience.

Lanes are just a suggestion and stop signs and lights are ignored if they exist at all.

Traffic often comes to halt and vehicles of all sizes and shapes press forward into any available space jockeying for the most advantageous position.

An horn is an essential part of any vehicle, used more than than the brakes and indispensable for crossing intersections where it's every man, motorcycle, SUV and tuk-tuks (auto rickshaws) for itself.

India's cities are filled with a cheerful cacophony of beeps that can be heard inside of buildings or in the distance while walking Chennai's Marina Beach.

Pedestrians take their lives in their hands to cross the streets and many die.

Many just don't drive, rental cars come with drivers and are cheap. Ravi said it took him a month to get used to the driving. His Mahindra Scorpio is "specially designed for India" and an even better choice than it first appears, as it is a favored vehicles for ranking government officials.

After a few days of driving around Chennai, we came to an intersection where all the cars were stopped and the pedestrians were safely crossing the street. It was so odd and out of place how everyone was obeying the light and letting the pedestrians cross. The reason? There was a traffic cop.

Many hours later, sitting in a snarl of traffic to cross the Bay Bridge, I caught myself wanting to nose my car between the lanes of traffic Indian style.

By far the most enjoyable and creative part of developing technology is when you can have a free flowing brainstorming session where no idea is too crazy and emerging technologies provide fodder for new approaches.

It was late but everyone was energized by our "futures" session, the conversation touched on new projects such as 'oauth' and revisited one we had discarded a few years back due to security concerns, 'openID'.

At the heart of it was our need to expand our identity management infrastructure to serve more than just the sun.com domain. Clearly CDSSO (cross domain single sign on) was at the heart of it, but was that all business wanted, or did we need provide federation using SAML with multiple IDPs? CDSSO is provided out of the box with the Access Manager Policy Agents, but it is a closed solution and would not be available with our custom built SOAP based webservice which comprises 85% of our clients. So do we reimplement CDSSO for our WS clients or just provide full federation capabilities?

Fearing that we would miss our chance for some dinner as it was already past 11 PM, we shutdown our laptops and coiled up our cords. "I don't think it is clear what the business requirement is regarding federation," remarked Kathy.

We walked downstairs to the next level and peered into the windows set into the locked doors. On one side a server room appeared close to completion with servers in the racks, but the other room was still bare with some construction materials to one side. Kathy wanted to take a picture but Nagendra pointed to the watchman inside, "He may not like it". Kathy wondered how they would handle the power outages that frequently occur in India.

We walked down to the next level. The watchman that was supposed to take the little piece of paper that would document our leaving was slumped over his station, sleeping.

Outside, off to the side, on the lawn that was regularly watered and cared for, some people were still about, a cigarette tip glowed red against their dark shapes gathered in the warm Chennai night.

"Technologies such as OpenID are popular because they are so easy for the user" stated Ravi, "it's just a few point and clicks in the browser. It won't matter that the technology has limitations or isn't secure, users will use it anyway".

"Compare that with SAML federation, users will not understand what we mean when we ask them whether to 'link' their accounts", said Bob. "The messaging will be tricky", Kathy agreed. "And I'm not sure what our clients' appetite will be for doing the work on their side"

We walked down to the dirt road, watching the rocky uneven footing. A ghostly shape on the dark road materialized into a white cow as it walked closer. Two more cows, their darker coats harder to see in the night, followed.

"Are these cows owned by someone or do they wander freely?" asked Bob. "They have owners, and they do keep an eye on them, if you watch long enough you will see people come by and check up on them" answered Ravi. "It's amazing how they can keep track of them".

"So the cows are known and they have owners they trust" commented Kathy. "We could support OpenID in this way too", said Ravi, "only trust certain OpenID providers".

We climbed into Ravi's SUV and headed towards the main street to the "Great Kebob Factory" to have an excellent, if overly carnivorous, late night dinner.

Due to my delayed luggage I had to find something to wear. Ravi was kind enough to come and get me at the hotel and take me shopping and to visit a few other sights. I found some clothes in this pleasant mall. Available was a mix of "normal" and traditional Indian styles. While India is known for the sari, salwars etc. are gaining popularity as more practical.

Chennai is on the Bay of Bengal and known for having very long beaches. Don't let the picture fool you, it is very hot on the beach at mid-day, and fairly deserted. At night the beach comes alive as a social gathering point. There are even playground style structures for the kids to play with. Per Ravi there is ongoing tension between the economic development forces that want to bring more tourists to the area and the fisherman whose rows of boats are not far from this picture.

A Christian church is not the first thing to come to mind as an Indian tourist attraction, however India has a diverse background of many religions and St. Thomas, the one and the same "Doubting Thomas, spent much time here and was dubbed the Aposole of India. This church was built in the 1500s and the original tomb for his body. Legend has it that he died not far from this church on a small hillhock, known as St. Thomas Mount.

Every so often it's good to take a trip to somewhere completely different, where you have never been before. For me, this year, a work trip to southern India fit the bill quite nicely.

Sun has several teams based in India, and a campus in Bangalore, the Indian IT mecca of the south. Like many companies we have outsourced some of our work to Indian companies, and for the identity management of Sun's web sites we work with a team in Chennai.

It is unlikely that I will be able to do justice to India in these collection of posts. India is a diverse, multi-cultural country of many religions and languages that can't be put into a convenient box.

Indian expatriates well know the rigors of traveling here. Many undertake the trip every year, or every other year, bringing their families on 20 hour plus journeys so that the kids will know their extended family. After back to back 10 hour flights with lots of such families (yes, it is summer holiday time) interspersed with a mad dash between Heathrow gates due to a delayed first flight, I arrived in Bangalore having lost my mobile phone and my luggage still in London which took over 30 minutes to report. The lines to get through immigration were slow due to a check of everyone's temperature to screen for swine flu. Everyone working in immigration wore a mask.

Not getting the chance to change my clothes like I would have liked, my next leg was a domestic one hour flight at 7:25 AM IST. Security queues divide into two lines, one for "ladies" and the other for men, apparently this is so the women can be screened in a little curtained room for privacy. I then queued up on the jetway with a collection of business Indian travelers (and the one token Brit), all wearing business slacks, long sleeved dress shirt and carrying laptop case. An hour later I was in Chennai with my scare belongings.

India's challenge has always been infrastructure and Chennai like many Asian cities, struggles with choking traffic. My driver, opted for a unpaved "shortcut" that we bounced over underneath a uncompleted overpass, but that quite handily led us straight to the hotel. The fallout from Mumbai's terrorist attacks was front and center at the gate to the hotel. Every vehicle undercarriage was examined with a rolling mirror and I had to walk through a metal detector.

Despite all this, everyone here has been quite nice. The security screener even asked if I was Ok, must have been due to the scowl on my face over my lost luggage.

Next, a trip around the city to find some clothes.

As I did last year, I visited the Web 2.0 expo conference in San Francisco. This year I had very limited time, having a major release to launch and people to hire, so I only spent a partial day there. However I blogged about it last year and felt compelled to share my impression of this year's event.

Since I recently moved into Sun's Cloud Computing Division I caught part of IBM's BlueCloud presentation. And I saw all of Lew Moorman's (from Rackspace) presentation "Cloud Computing and the Paradigm Shift that's coming in IT". Lew's presentation was one of the better ones I have seen, a good introduction to the topic of Cloud Computing, with clear definitions (eg. good explanation of iSaaS - infrastructure as a service), some eye catching slides to keep the audience awake, and natural feeling introduction of his company's services without that icky "being sold to" feeling. Unfortunately his slides don't appear to be posted on the Web2.0 expo site.

There was less energy this year, and Thursday's booth crawl showed the toll the poor economy has taken. A dinner of appetizers was not to be found, and lines for beer were long. We found the best beer, Anchorsteam, at the Safari Books Online booth, so they get a special mention.

An entertaining touch was the tags you could attach to your badge, such as "Social Media Freak", "Hacker" or "Stealth Mode". I put a "We're Hiring" tag on my badge but it didn't attract any interest (maybe because no one wants to do "WebOps" these days). However I talked to another attendee who was looking for an Information Architect, and he didn't get any bites either. Surprisingly given how many resumes I've gotten for the contract positions I have.

Last year I got a lot out of the keynotes, but this year, they were a little flat. Maybe because I caught the wrong day, but for me the highlight of Thursday's keynotes was a video shown by Anssi Vanjoki of Nokia, a nice conceptual piece showing the mobile phone as a configurable device, that could be worn as a bracelet and take on surrounding colors. The future of mobile computing where a phone will be a "sensor" that can merge physical location information with digital information was a nice glimpse of a future that is really here now. Rushkoff's "How the Web Ate the Economy and why this is good for everyone" was rushed and was way too full of itself, although he had some nice zingers as in "The banks are in trouble because they bought shares of their own Ponzi schemes". Will Wright of Electronic Arts is well spoken and has thoughtful insights that even a non-gamer will appreciate, but I had heard him before, and Spore doesn't really excite me too much.

As always, the best part of these events is the networking, and the step back from the everyday job to gain larger perspective. And you can't beat a free ticket.

How did users browsing an external web site originate from a private IP address?[Read More]

A sneak peek into getting Duke ready backstage for his fans and photo shoot[Read More]

Hits and Misses of the recent Web 2.0 expo conference that took place in San Francisco at Moscone Center.[Read More]

With the advent of social bookmarking and the new wave of telecommuting, it's no wonder we have begun to change the way we work inside organizations and our perception of the long-standing "Intranet" has been altered.

Sun has long led the way in telecommuting and collaboration it takes the intranet to the next level and beyond the “firewall” - covering the web, the stuff you can see through your browser (whether it’s hosted internally or externally) and one of the organizations leading this effort is the Learning Organization.

Sun's Learning Services On Demand Portal has been re-tooled to allow Sun Employees to access training ANYWHERE, ANYTIME. This affects ANY employees throughout Sun. The Portal aggregates information from various different sources. Their mission statement is "to train all audiences, not just Sun Employees."

The team is led by Mike DeLoia, Learning Technology Program Manager. In January of 2008, The LMS portal was only accessible by internal Sun employees, and piggy-backed off of the MyHR Portal, authenticating using Federation Manager, and was only accessible via SWAN. Mike drove the effort to "push the portal to the edge" and allow secure access from the 'Net.

Sun's New Hire portal is also a project that was done last year for on-boarding new Sun Employees and is based on the Confluence platform for wikis currently used at Sun. The new hire portal aggregates information from several sources and provides a one-stop page for all information you would need as a new Sun Employee, with everything from new hire documentation to online orientation, to helpful links. It even allows you to play the action game "The Rise of the Shadow Specters" - where you can protect Sol City's network from malicious evil-doer hackers! Perfect for the overachievers not getting enough satisfaction with their 9-to-5 routine.

The Sun Partner Advantage Program (SPA) is a client of Learning Management Center . Currently, partners have to register themselves in two places, CWP (for a Sun Online account), then in MySun (an ECR/Sams application). This should be merged once we decouple SaMS from CWP (scheduled for late sumer 2008) and be extinct once we have fully EOL'ed SaMS with IBIS in January of 2009.

Before 1752, the Americans and British started the new year on March 25th. We aren't quite to that day yet, but in honor of the old new year date, we have decided to relaunch this blog with a new look and number of tales of all the interesting internet facing websites that Sun has.

BTW, check out what the cal command returns for Sept. 1752. Leave a comment if you want to know why.

Sun has something like over 200 websites. Yes, many are in the sun.com domain and over the years we have made great progress in making them all look alike, but the reality is that there are many, many separate sites running on different servers in different locations and managed by different groups. Lots of these sites tend to be focused on a different audience segment. Our group, .Sun, as providers of core web platform infrastructure, work with a variety of these groups within Sun, and we see a broad spectrum of strategies and approaches.

One interesting development recently is how sites geared towards Sun employees have migrated from within the firewall to the edge. With Sun's mobile workforce, it's easier to have essential tools and content on the edge .. but with that trend comes new challenges.

The San Francisco bay area had quite a storm yesterday. Gusts of 70MPH were clocked on the Golden Gate bridge, and the San Rafael bridge was closed. I live on a hill near Lone Mountain and the wind gusts were very strong. There were times that the building shook. One wind gust blew my patio furniture against the far railing of the deck.



It's lightweight plastic .. but still.

With no power for seven hours, I finally got bored (not to mention I wanted a hot meal) and went walking towards the panhandle and the Lower Haight. The power outages were in pockets, some blocks had power, some didn't. The trees in the neighborhood got a serious pruning. There were branches all over the sidewalks and one downed tree. Should have brought my camera.

Check out this picture of the San Rafael/Richmond bridge from sfgate.com.

An vignette of the court system[Read More]

In Corpus Christi rush hour is when you have to change lanes to maintain your speed.[Read More]

I've been using my yahoo account too long, it's getting way too much spam. Some of it is beginning to slip by their filters (which are pretty good).

In my yahoo inbox today:

Sir/Madam,

Your specific case has been considered to the obligatory peoples, and upon meticulous weighing up, we are able to tender to you the subsequent offer.

Based upon meticulous weighing up you are eligible to obtain a considerable gain on your primary property investment.

By completing the subsequent attached form in a timely manner we will be able to settle our review, and we feel firm you will obtain not only a decreased rate of interest, but also a cash return that will execute all your holiday needs and more!

Please go here to settle this stage of the agreement.

Wishing you all the best over the holiday period,
Lois Arias

So I guess these people want to refinance my mortgage?

Note: This is another entry in the series of blogs I've written about Gartner's ITxpo event. I've captured thoughts and notes from selected sessions I attended. The below is from the "The Evolution of Taxonomies and Search Information Access"

Most people love Google. It's simple, uncluttered page appeals to many, and the results make it as the search engine of choice. But there is dark side to this success. Because the expectation it has set in the minds of millions is a curse, according to Gartner's Dr. Rita Knox.

What is the curse? The first is the expectation that everything is searchable. The more saavy of us know that Google doesn't index everything. For example it can have a tough time with dynamic data locked up a database. The second part is that expectation that search results should be 1-10 of N. If your search is narrowly targeted, this works. But for general searches it returns too much information to sift through.

In the CEO Mastermind Interview at the event, Steve Ballmer asked why couldn't search learn about him (the user) as he used it? I'm sure the reader will come up with better examples, but here's one to illustrate: if I search for "rye" do I mean rye bread or rye whiskey? If google knew I was a enthusiast of different types of whiskey, it would know. It would have that context about me. Of course that would mean that it would know my identity/profile .. which is a whole other conversation.

Rita agrues that for search to be more useful, you need to allow the user to provide context for the search ... or at least organize the results into verticals. We aren't fulfilling her version, but here at Sun, we have taken some steps towards this. If you now use sun.com's search you will see that the results are organized in tabs. Recently we rolled out this feature for the developer sites. Has it been useful to you? I'm curious.