Thursday, 23 February 2017

A Graduate Course in Applied Cryptography

I heard about this thanks to Steve Gibson of Gibson Research Corporation (GRC), thanks to his excellent Security Now podcast.

In essence, it's an WIP book on cryptography, produced by Dan Boneh of Stanford University  and Victor Shoup of New York University.

Here's an excerpt from the ToC: -

Part I: Secret key cryptography
• Introduction
• Encryption
• Stream ciphers
• Block ciphers
• Chosen plaintext attacks
• Message integrity
• Message integrity from universal hashing
• Message integrity from collision resistant hashing
• Authenticated encryption
Part II: Public key cryptography
• Public key tools
• Public key encryption
• Chosen ciphertext secure public-key encryption
• Digital signatures
• Fast signatures from one-way functions
• Analysis of number theoretic assumptions
• Elliptic curve cryptography and pairings
• Lattice based cryptography


Definitely worth downloading ….

For the record, the show notes for Security Now are on Steve's site here: -


Thursday, 16 February 2017

Book Review - Swift iOS 24-Hour Trainer, by Abishek Mishra

This is another in my infrequent series of book reviews for the British Computer Society.

Swift iOS 24-Hour Trainer, by Abishek Mishra

So let me start by declaring that I did not read this book in 24 hours; in fact, it's taken me far longer to read, for no other reason than that I've been reading it in chunks, one lesson per day, and there are over 30 lessons.

Therefore, I can't say, hand on heart, that the 24-hour programme actually works; however, for a committed reader, one who has made time to read, learn and practice, I suspect that a day, albeit a long day, would suffice.

By that, I mean that this book serves as an excellent introduction to the Swift language, providing context, timeline and system requirements, both developer and run-time.

To properly learn a language, one needs to practice said language, and this book provides plenty of material to support effective learning, including Try It tutorials at the end of each lesson, with worked examples.

In terms of prerequisites, the book assumes that one has access to Apple's Xcode integrated development environment, which is key for the effective development and testing of applications targeting the iOS platform.

Whilst one could follow most of the lessons, and tutorials, using an alternative IDE, such as IBM's Swift ( declaration, I work for IBM ) or even the Swift command-line, many of the lessons do really require one to use Xcode, which is available from Apple ( assuming that one has a Mac computer ).

That being said, it's typically safe to assume that, if one is developing for the Apple ecosystem, one would have access to a Mac, Xcode etc., especially if one was also familiar with iOS development using Objective C.

Anyway, back to the book; as the title suggests, this is aimed as a trainer and, as such, is intended to provide a taster to the language, with the lessons increasing in scope and relative complexity. By the end of the book, one should be familiar with the full gamut of iOS app development, including interactive with on-device features such as mapping, camera, multi-touch and gestures.

The Try It tutorials are relatively simple, being worked examples, and are often self-contained, rather than assuming that one has completed the previous lessons. Therefore, one could jump straight into specific areas of interest, rather than absolutely needing to read the book from start to finish.

That being said, I would suggest that, if one is unfamiliar with Swift or the basics of iOS app development, that a cover-to-cover read is the way to go.

To summarise, this is an excellent introduction to the Swift programming language, in the specific context of iOS app development, and would serve as an effective on-ramp to anyone wishing to start their journey in app development, within the Apple ecosystem.

Apart from hands-on coding, the book also provides a good insight into the prerequisites of successful app development, including design, user-interface modelling ( e.g. wireframes ) and, most importantly, testing.

At 500 pages, it's long enough to provide detail when required, but concise enough to get one started.

In terms of a ranking, I'd give this book 10 out of 10, simply because it met my expectations, and provided both context and a deep-dive into Swift and iOS app development.

PS For the record, I previously delivered a 
review of another book on Swift, Swift Essentials Second Edition by Dr Alex Blewitt, in June 2016.

IBM Advantage Blog

Highlighting someone else's blog is always nice …


This blog is a collection of ideas, thoughts and links to interesting resources related to the competitive position of IBM software and cloud offerings. Customers have many choices in selecting the software to run their business and comparative information is hard to find. We strive to keep the information presented here purely factual and avoid FUD tactics. If you believe that any of the posts violate these principles – please let us know. Authors of this blog work for IBM, however the postings solely reflect the personal views of the authors and do not necessarily represent the views, positions, strategies or opinions of IBM. Read more about IBM Social Computing Guidelines. Contact email: whywebsphere@gmail.com.



Tuesday, 14 February 2017

WebSphere Application Server - Binary Scanner

From this: -


With the latest release of the binary scanner, two new enhancements are available that can help application developers and administrators outside the scope of a migration. Have you developed a new application for Liberty or moved one over from another application server and are wondering what features you need to configure in the server.xml file? Or maybe you are supporting a legacy application that has grown over time and you have no idea what is in it and what problems are lurking? Intrigued? Keep reading to see how the binary scanner can help you.

and this: -


The Migration Toolkit for Application Binaries provides a command line tool that quickly evaluates application binaries for rapid deployment on newer versions of WebSphere Application Server traditional or Liberty.

so I've tried it on some my sample applications: -

java -jar binaryAppScanner.jar ~/Downloads/DefaultApplication/DefaultWebApplication.war 

Scanning files.......................
The report was saved to the following file: /Users/davidhay/Downloads/wamt/DefaultWebApplication.war_TechnologyReport.html


java -jar binaryAppScanner.jar ~/Downloads/ferret-1.2.war 

Scanning files..........................
The report was saved to the following file: /Users/davidhay/Downloads/wamt/ferret-1.2.war_TechnologyReport.html



java -jar binaryAppScanner.jar ~/Desktop/SuperSnoopProj.ear 

Scanning files......
The report was saved to the following file: /Users/davidhay/Downloads/wamt/SuperSnoopProj.ear_TechnologyReport.html


So that's me OK then …

For the record, I've "installed" the Binary Scanner JAR on my Mac, running macOS Sierra, and am using Java 8

java -version

java version "1.8.0_121"
Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)



WebSphere Liberty Profile - Where's my stuff ?

I saw this: -

[14/02/17 10:50:51:653 GMT] 0000002b com.ibm.ws.webcontainer.webapp                               W SRVE0190E: File not found: /foo.jsp
[14/02/17 10:50:51:744 GMT] 0000002b com.ibm.ws.logging.internal.impl.IncidentImpl                I FFDC1015I: An FFDC Incident has been created: "com.ibm.ws.jsp.webcontainerext.JSPErrorReport: JSPG0036E: Failed to find resource /foo.jsp com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter 144" at ffdc_17.02.14_10.50.51.0.log
[14/02/17 10:53:03:226 GMT] 0000004f com.ibm.ws.webcontainer.extension                            W SRVE0190E: File not found: /login.html


on my local installation of WebSphere Liberty Profile (WLP) on my Mac.

What was strange was that the so-called missing files were definitely there.

Or, to be more precise, they were here: -

 ~/Downloads/wlp/usr/servers/defaultServer/apps/expanded/DefaultWebApplication.war/

HelloHTML.jsp HelloVXML.jsp HelloWML.jsp HitCount.jsp WEB-INF banner.gif index.html loginError.jsp
HelloHTMLError.jsp HelloVXMLError.jsp HelloWMLError.jsp META-INF auth_error.jsp foo.jsp login.html logout.html


I'd checked my server.xml for the specific web application: -

    <webApplication id="DefaultWebApplication"
     location="DefaultWebApplication.war"
     name="DefaultWebApplication" suppressUncoveredHttpMethodWarning="true" contextRoot="DefaultWebApplication">
     <application-bnd>
     <security-role name="All Role" id="admin">
     <special-subject type="ALL_AUTHENTICATED_USERS"></special-subject>
     </security-role>
     </application-bnd>
    </webApplication>


and I'd proven that the context root wasn't the problem, as I *WAS* able to access certain pages, such as this: -


So, to summarise my position, I had a web application deployed to Liberty, suitably referenced in server.xml serving SOME but not ALL requested pages ….

So I then dug into the file-system further …..

… and found this: -

 ~/Downloads/wlp/usr/servers/defaultServer/apps/DefaultWebApplication.war.xml 

<?xml version="1.0" encoding="UTF-8"?>
<archive>
    <dir sourceOnDisk="/Users/davidhay/Documents/workspace/DefaultWebApplication/WebContent" targetInArchive="/"/>
    <dir sourceOnDisk="/Users/davidhay/Documents/workspace/DefaultWebApplication/ImportedClasses" targetInArchive="/WEB-INF/classes/"/>
</archive>


And that's the problem ….

This file appears to "override" what's in the server.xml file, meaning that the actual root ( from where the content is served ) is the Eclipse workspace.

I proved this by coping the missing files: -

cp ~/Downloads/wlp/usr/servers/defaultServer/apps/expanded/DefaultWebApplication.war/log* /Users/davidhay/Documents/workspace/DefaultWebApplication/WebContent/

which did the trick.

Next step is to see whether I actually need the DefaultWebApplication.war.xml file, as it's been helpfully provided by the WebSphere Developer Tools in Eclipse, with which I've been managing the WLP instance.

Fun fun fun

Monday, 13 February 2017

Improve IBM BPM performance with an Oracle database

This was published last week: -


IBM® Business Process Manager (BPM) is a platform for processing and orchestrating enterprise business tasks. With proper planning, you can prevent performance issues before the end users of your process applications report them. This article focuses on what you can learn from the BPMDB database in IBM BPM to prevent problems and to troubleshoot issues when they occur.

This is part of a 3-part series: -


Sunday, 12 February 2017

java.lang.UnsupportedClassVersionError: JVMCFRE003 bad major version; class=com/ibm/rules/res/xu/spi/internal/XUResourceAdapter

Not sure why I've not seen this before, but that's a problem for another day.

During a build of an IBM Operational Decision Manager (ODM) 8.8.1 environment, I saw this: -

...
  [wsadmin] GBRPT0017I: Install resource adapter on the node: Node1 
  [wsadmin] WASX7017E: Exception received while running file "/opt/ibm/WebSphereProfiles/Dmgr01/bin/rules/configureDSRulesNetworkDeployer.py"; exception information: com.ibm.websphere.management.exception.ConfigServiceException
  [wsadmin] javax.management.MBeanException
  [wsadmin] com.ibm.websphere.management.exception.AdminException
  [wsadmin] java.lang.UnsupportedClassVersionError: java.lang.UnsupportedClassVersionError: JVMCFRE003 bad major version; class=com/ibm/rules/res/xu/spi/internal/XUResourceAdapter, offset=6

  [wsadmin] Java Result: 105

BUILD SUCCESSFUL
Total time: 2 minutes 14 seconds

...

during the build of the Rule Execution Server (RES) cluster.

This is what I had installed: -

/opt/ibm/InstallationManager/eclipse/tools/imcl listAvailablePackages -repositories /mnt/disk1/WAS,/mnt/disk1/WASJDK7,/mnt/disk2/DecisionServerRules,/mnt/disk2/ProfileTemplateRules

com.ibm.websphere.ND.v85_8.5.5009.20160225_0435
com.ibm.websphere.IBMJAVA.v70_7.0.9030.20160224_1826
com.ibm.websphere.odm.ds.rules.v88_8.8.1000.20160527_0819
com.ibm.websphere.odm.pt.rules.v88_8.8.1000.20160527_0949


and this is how I was creating the cluster: -

export ODM_HOME=/opt/ibm/ODM881/
/opt/ibm/WebSphereProfiles/Dmgr01/bin/configureDSCluster.sh -dmgrAdminUsername wasadmin -dmgrAdminPassword passw0rd -clusterPropertiesFile ~/configureDSCluster.properties -targetNodeName Node1 -dmgrHostName `hostname` -dmgrPort 8879


Thankfully, the internet had the solution: -

which said, in part: -

<snip>
The problem occured because profiles are created by default with Java 6 and ODM 8.8 components require Java 7.

To make sure that WAS profiles are created by default with a given version use the managesdk command.

To check the default WAS profile Java version execute:

WAS_HOME/bin/managesdk -getNewProfileDefault

To set the default Java version to 1.7_4 execute:

WAS_HOME/bin/managesdk -setNewProfileDefault -sdkName 1.7_64

</snip>

Once I realised this, I added the following steps to my build: -

Check Default SDK

/opt/ibm/WebSphere/AppServer/bin/managesdk.sh -getNewProfileDefault

CWSDK1007I: New profile creation SDK name: 1.6_64
CWSDK1001I: Successfully performed the requested managesdk task.


Set SDK to 1.7

/opt/ibm/WebSphere/AppServer/bin/managesdk.sh -setNewProfileDefault -sdkName 1.7_64

CWSDK1022I: New profile creation will now use SDK name 1.7_64.
CWSDK1001I: Successfully performed the requested managesdk task.


Check Default SDK

/opt/ibm/WebSphere/AppServer/bin/managesdk.sh -getNewProfileDefault

CWSDK1007I: New profile creation SDK name: 1.7_64
CWSDK1001I: Successfully performed the requested managesdk task.


Once done, my cluster magically created : -

...
  [wsadmin] GBRPT0019I: Start application jrules-ssp on server Node1-DSServer ...
  [wsadmin] GBRPT0019I: Start application jrules-res-management on server RulesMgrSrv ...
  [wsadmin] GBRPC0005I: Invoking synchronization for node Node1 ...
  [wsadmin] GBRPC0013I: Synchronization done.
  [wsadmin] GBRPC0028I: The cluster is up and running!

BUILD SUCCESSFUL
Total time: 5 minutes 24 seconds

...