Skip to content, navigation.
Last week, Agnieszka and Julien, the Sun Campus Ambassadors at INSA LYON presented Glashfish.
They covered Glashfish, Java aEE 5 and 6 with a demo using Netbeans.
Very good audience (about 50 people attended that session) , very good feedbacks and... very good presentation. Keep on the good work.
This week, 4 GEC (Sun Grenoble Engineering Center) engineers and I conducted a LDAP Workshop at INSA LYON. We organized 4 labs of 2 hours each. Global audience was about 120 students.
Labs and hand-ons were based on OpenDS, the best-in-class opensource java directory server. We also integrated LDAP and GlashFish to secure a Web Service deployment. More details available here.
The workshop went well, we had very interesting discussions and follow-up with students and teachers.
This workshop was organized as part of the actions Sun put in place to promote open source adoption and complements the work of the Sun Campus Ambassadors.
Many DPS users reported the following problem: Bind requests as cn=Directory Manager fails when the proxy is deployed.
DPS analyses the bind dn to route the request to the data view holding the target dn. In many configuration, there is no data view candidate configured to hold the cn=directory manager suffix.
There are 2 ways to address the problem: Either create a additional data view with view base set to "cn=directory manager" or use "implicit" routing with a data view with an empty ("") view base. The latter solution is simple and also user-friendly in the sense the proxy does not need to know about the list of suffixes exposed by the directory. Note that a "root data view" with empty dn is created by default when a DPS instance is created, but the data source pool associated with it is left empty, so if you plan to use it, don't forget to add at least one data source to that pool.
Last week, Agnieszka and Julien, the Sun Campus Ambassadors for INSA Lyon presented Hibernate (HQL, Transactional APIs) with demo based on Netbeans and Glassfish.
About 25 students attended the conference. These technos raised lots of interest, so they may organize a new session targeting the "5IF" audience (eng. students in final year) soon.
If you have been wishing to own a sundial; instead of buying an industrial sundial, design it and build your customized sundial using the Shadows software.
All you have to do is to measure the orientation of the wall on which the sundial will be
placed. Then, install the software, locate your place using GoogleEarth or GoogleMap, copy the location URL, paste it into the software then customize your sundial and print out a hard-copy to be drawn/engraved/etc on the surface of your choice.
SunDial in Aiguilles, Queyras, France
If you have some questions about Sun Directory Server Edition, Directory Proxy and Virtual Directory or you want to share best practices, don't hesitate to use the Sun Developer Forum dedicated to these products.
See you there!
DPS 6.x load-balancing / fail-over can be configured to stop sending traffic to a specific directory server instance in maintenance, even when that instance is up and running. For instance, you may want to remove a directory server instance from the mesh while an import or re index is in progress.
DPS 6.x periodically checks each ds server for availability by issuing (amongst others) a search request. A directory server instance is considered unreachable when that search fails or does not return any entry. By default, the search request hits the rootDSE entry. It can be configured to hit an entry in cn=config or cn=monitor to take into account the directory server operation state.
For more info, look at dpconf properties monitoring-search-filter and monitoring-entry-dn
in the ldap data source object.
The list of DPS 63 config changes that require a restart is part of Admin guide. Chapter 18: Directory Proxy Server Instances / Configuring Directory Proxy Server Instances / Configuration Changes Requiring Server Restart http://docs.sun.com/app/docs/doc/820-2763/gbong?l=en&a=view
This list will be greatly reduced in the next release (7.0)
InoVallee is a technology park dedicated to innovating companies in the Grenoble area.
The latest issue of Inovallee Magazine (in French) contains an article about the French Sun Campus Ambassador program.
This program is being managed from Grenoble
Engineering Center and I'm the Mentor of the 2 Campus Ambassadors for INSA Lyon.
A recent article from the Guardian newspaper in UK does a great job of covering how
Grenoble is once again becoming a hot technology center and is now
beating London on some fronts for investment in high tech R & D. It mentions Sun, covers new French R&D tax credits and associated
advantages of high tech investment in France :-)
http://www.guardian.co.uk/media/pda/2008/sep/25/yahoo.yahoo
What Grenoble offers is an existing tech community and a huge
community
of science and technology students; they account for more than 60,000
of Grenoble's wider population of around 250,000. London might be
strong on mobile and creative web development, but can it match that
combination of talent, tax breaks and quality of life?...there aren't
many offices where it's quite normal to fit in a snowboarding session
before work.
The article was also picked up by Courrier International (full version requires log in)
http://www.courrierinternational.com/article.asp?obj_id=89909
Recently I attended a 3 day PRINCE2
foundation training class. Since them, I've started to use this methodology to secure projects I'm working on.
PRINCE2 (PRojects IN Controlled Environments) is a process-based method for effective project management. PRINCE2 is a de facto standard used extensively by the UK Government and is widely recognised and used in the private sector, both in the UK and internationally.
The key features of PRINCE2 are:
Here is a summary of a common deployment scenario with Sun Directory Proxy Server:
LDAP entries are grouped by location in the DIT, e.g user entries are located under
ou=north,ou=people,dc=company, dc=com or
ou=south,ou=people,dc=company, dc=com or ou=east,ou=people,dc=company, dc=com or ou=west,ou=people,dc=company, dc=com based on user physical location.
Later, for sake of simplicity, the DIT is flatten so that every user entry is stored immediatly under ou=people, dc=company, dc=com
New applications are aware of the DIT structure change but DPS is used so that legacy applications expecting the location container node can operate w/o problem.
The dn mapping needed can be achieved by using virtual data transformations as described in http://docs.sun.com/app/docs/doc/820-2765/virtual_transformations?a=view
Let's assume that
- you have a data view DV1 with viewBase (suffix) set to dc=company,dc=com.
- entry location (north, east,...) is always available in each entry in attribute 'location'
- entry uid=*,ou=(north|south|east|west),ou=people,dc=company,dc=com mapped to uid=*,ou=people,dc=company,dc=com
You have to create a virtual data transformation on the 'dn' for data view DV1. For inbound traffic (requests), the proxy must get rid of the ou=(north|south|east|west) node. For outbound traffic (responses), the proxy gerenates a (fake) ou=(north|south|east|west) from the content of the 'location' attribute of each entry.
Here is the dpconf command to do that:
dpconf add-virtual-transformation -h <host> -p <port> -d <proxy manager> DV1 mapping attr-value-mapping dn internal-value:uid=\${uid},ou=people view-value:uid=\${uid},ou=\${location},ou=people
Note: you might have to escape some characters (e.g $) in the command
below depending on the command interpreter you are using. In the
example above, I used \$ instead of plain $.
Note2: dn patterns used in virtual transformations must not contain the
data view viewBase (dc=company,dc=com in this case) as it is implicit.
This blog copyright 2009 by Sylvain Duloutre
What's this? Feeds let you keep up to date with the latest information on a blog or website. Right-click on a feed link and copy the link's URL, then paste it into your feed reader. Some browsers also allow you to click a feed link and subscribe directly.
