Hacking Oracle Identity Analytics - Hello World Scheduler

I have been playing around with the Oracle Identity Manager product for some time now, but this past month a new comer to the Oracle block of IdM products, Oracle Identity Analytics or Sun Role Manager got included in my current office project. As usual, the office guys will nag a thousand times before giving resources like RAM and harddisk for the simple reason that I want to learn/hack some more. Nevertheless, I got one server on Amazon EC2 for this experiment. Thank you Amazon!

I got the base OIM 9.1.0.1 (what crappy version nomenclature!) or what the Oracle guys call OIM 10g and the OIA 11.*.5 or OIA 11gR5 on the EC2 instance running in a days duration. But sadly, I realized that OIM needs to be upgraded, before I can even start integration. So two more upgrades and I am at OIM 9.1.0.2 BP17a. Phew! what a pain in the ass.

Now back to getting to know OIA or Oracle Identity Analytics. During the installation I observed, that product was built with Spring 2.x and hasn't been changed since. Spring 2.x is a ancient release, and I guess most of the people at either Sun / Oracle haven't bothered to upgrade it.

Back to the work now.
My requirement is --> A simple hello world scheduler, that build on nothing that OIA is providing, but simply uses the Spring's native features to get started. My first go was to get a Quartz based scheduler class and plug it in along with the other jobs that OIA itself has. Apparently, I still am not able to get this configured properly. I tried tweaking the scheduling-context.xml and jobs.xml with my simple helloworld style classes, but it just did not work. So much pain for a hello world approach, not justified at all!

Spring also provides a JDK Timer based scheduler, and apparently that was all that I need. So here is what I have now

Create a simple timer class as shown here:

I created a helloworld.xml containing my spring beans. Its shown below:

It has three beans
1. The job
2. The trigger
3. The trigger manager

More official documentation on this is available here

Now to integrate it in the OIA webapp, all I do is add helloworld.xml to the web.xml as a parameter. This is shown below:

Restart server and I can see it in the weblogic logs :)

The eclipse project for this here

More on this coming soon 

Browser/Javascript Memory leaks with setTimeout

It's been some time since I have been working on the OpenAnimator project, but recently I observed a strange memory leak. After drilling down into a lot of the javascript, I found the problem with a snippet of code that was something like this:


a = function() {
    try {
       
    setTimeout('a()',1);
    }catch(e) { error(e); }
};
a();

At first look this looks like a fairly, okay bit of code, and not any variables were being created except the setTimeout call. After a lot of google hunting here is what I have now:

a = function() {
    try {
       
    setTimeout(function() {a();},1);
    }catch(e) { error(e); }
}
a();


Apparently this solved the problem (atleast it appears so now). I am still not able to figure out why there was a problem with the earlier code. the 'a()' is causing a implicit eval to be executed, but how that leads to memory leaks is still unknown to me. I hope I'll get this one someday.

OIM - Find resources assigned to user

Wanna dig through OIM (Oracle Identity Manager) for resources assigned to users? Here is a query to solve it:

SELECT DISTINCT oiu.oiu_key,
  oiu.req_key,
  oiu.oiu_offlined_date,
  obi.obi_key,
  obi.obi_status, obj.obj_key,
  obj.obj_name,
  orc.orc_key,
  orc.orc_create,
  orc.orc_update,
  orc.orc_status, orc.orc_tos_instance_key,
  ORC_TASKS_ARCHIVED,
  ost_status,
  obj.sdk_key     AS OBJECTFORMKEY, '0' AS OBJECTFORMCOUNT,
  objsdk.sdk_name AS OBJECTFORMNAME, tos.sdk_key AS PROCESSFORMKEY,
  '0'             AS PROCESSFORMCOUNT, procsdk.sdk_name AS PROCESSFORMNAME,
  oiu.oiu_serviceaccount
FROM obj obj
LEFT OUTER JOIN sdk objsdk
ON obj.sdk_key=objsdk.sdk_key, oiu oiu
LEFT OUTER JOIN orc orc
ON oiu.orc_key=orc.orc_key
LEFT OUTER JOIN tos tos
ON orc.tos_key=tos.tos_key
LEFT OUTER JOIN sdk procsdk
ON tos.sdk_key=procsdk.sdk_key,  obi obi,  ost ost
WHERE oiu.obi_key=obi.obi_key
AND oiu.ost_key  =ost.ost_key
AND obi.obj_key  =obj.obj_key
AND oiu.usr_key IN (

select usr_key from usr where usr_status = 'Active'


)




This query will show you the same result as getObjects API call for all active OIM users.

 

Intel VT-d and Xen

Joanna's team posted an interesting vulnerability on their blog, related to use of Intel VT-d in Xen. Although the root cause is at the hardware layer, I hope there are patches for it soon. Here the full research http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf

DNS configuration for your server

If you want to configure your own DNS server here is a good guide:
http://ubuntuforums.org/showthread.php?t=236093

CouchDB v1.0.2.on Ubuntu 10.10

1. Get Spidermonkey from (http://ftp.mozilla.org/pub/mozilla.org/js/js-1.8.0-rc1.tar.gz)
2. Compile and setup Spidermonkey

cd js/src 

make BUILD_OPT=1 -f Makefile.ref

make BUILD_OPT=1 JS_DIST=/opt/app/spidermonkey180rc1 -f Makefile.ref export 

3. Install the packages from ubuntu archives

apt-get install   build-essential erlang libicu-dev libcurl4-openssl-dev

4. Compile CouchDB

./configure --prefix=/install/couchdb --with-js-lib=/opt/app/spidermonkey180rc1/lib64 --with-js-include=/opt/app/spidermonkey180rc1/include 
make 
make install

5. Start CouchDB

/install/couchdb/etc/init.d/couchdb start

Note: If you don't want to run the couchdb server as user couchdb then change the config file located at /install/couchdb/etc/default/couchdb. Edit the COUCHDB_USER field and specify the user it should run with.

If you want to change the port on which FUTON/CouchDB's web UI runs then edit the file /install/couchdb/etc/couchdb/default.ini. Set the port value under [httpd] to the new value that you want.

6. Run couchdb 

/install/couchdb/etc/init.d/couchdb start

HTTP PUT vs POST

http://upload.thinfile.com/docs/put.php