We are in the process of procuring the hardware for worklight installation with Oracle DB. I looked up the perquisites for the Oracle DB (tablespace/temp) space requirements, but did not find any information on the IBM website. Can you help me determine what would be a good oracle database (tablespace/temp) space configuration for the worklight installation?
The database requirements, as well as all other hardware and system requirements, will depend heavily on your mobile requirements. The type of app you plan to develop (consumer and/or enterprise), total number of users, mobile device platforms supported and so forth will all affect your requirements.
Specifically for the database, Worklight Foundation requires one database schema per runtime environment (set of apps, adapters and project-specific configuration) and one database schema for all runtime environments (administration data). If you plan to deploy Application Center you will need an additional database schema, and you might need one extra database schema for reports, which is an optional feature.
The total database size requirement depends on all these factors, with the reporting schema (optional) being by far the most demanding one, requiring daily purges and a robust infrastructure.
You can find more information at:
Worklight 6.2 Knowledge Center
Worklight Foundation Hardware Calculator spreadsheet
Worklight Foundation Scalability and Hardware Sizing PDF
I would strongly suggest that you contact your IBM sales representative, who can help you assess your requirements and define the best topology and system/hardware requirements for your need.
Related
Our company is considering Neo4j for a database solution. We're using to Oracle dbs, and have relied upon their built in user authentication management to control who can connect to the db, who has read or write access, and what they are allowed to view in the db.
With Neo4j, most of these security options are missing. While we don't necessarily need to control visibility of nodes and relationships on a per-user level, the lack of multiple user accounts and the inability to control read/write access per account could be a dealbreaker. While application access of Neo4j should be well-contained and secure, we want to allow read-only accounts via the browser client to our developers (at least in our dev and qa environments).
The only solution that's jumped out at us so far has been GraphAware's Enterprise Security offering. I'd like to know if there are any other solutions out there that are compatible with Neo4j 3.0. At the moment we are not considering using the Neo4j REST API.
GraphAware Enterprise Security is compatible with 3.0 and there are no other solutions as far as we are aware. That said, judging from Github activity, it looks to me like the security mechanisms in Neo4j 3.1 will be enhanced to include multiple users and LDAP integration. We have to wait for 3.1 to be out. GraphAware Enterprise will be compatible with Neo4j 3.1 and use its native security features where possible.
DISCLAIMER: I work at GraphAware.
I did find one other partial solution to this, though it has its own hoops to go through to set up.
With the Enterprise edition, in a clustered environment, a node can be configured to be a read-only slave, and configured with its own login/pass for dev use.
Can we build commercial apps using the IBM Worklight free Developer Edition?
I searched the IBM official site and I sensed that we have to buy the license to develop commercial apps. But, can someone please clarify it?
Legally speaking: No, you cannot.
Non-Production Limitation
The Program can only be deployed as part of the Licensee's internal
development and test environment for internal non-production
activities, including but not limited to testing, performance tuning,
fault diagnosis, internal benchmarking, staging, quality assurance
activity and/or developing internally used additions or extensions to
the Program using published application programming interfaces.
Licensee is not authorized to use any part of the Program for any
other purposes without acquiring the appropriate production
entitlements.
Technically speaking: you could create an application that does not utilize Worklight features that in order to use them in a production environment, you'd have to buy the Consumer or Enterprise Edition of IBM Worklight.
By doing so you will lose:
The ability to install Worklight Server on an application server
The ability to utilize Worklight Adapters for backend connectivity, that rely on Worklight Server
The ability to secure your application using numerous built-in security features (application authenticity, device provisioning, ...)
The ability to manage your applications (notify, disable, ...)
The ability to remotely update (Direct Update) your applications
The ability to leverage Worklight's unified Push Notifications
The ability to see operational analytics
... and the list goes on.
Instead, you will have to rely on AJAX requests and spend time on (re-)implementing various aspects required for an application (but that's also of course depending on the scope and purpose of the application).
Also see:
https://stackoverflow.com/questions/17030963/ibm-worklight-license-is-worklight-free-to-use/17031953#17031953
IBM Worklight - Limitations of Worklight Studio for Developers
For any inquiries about Worklight I would suggest to contact IBM:
https://www14.software.ibm.com/webapp/iwm/web/signup.do?source=raq&S_TACT=109HE02W&lang=en_US
The Coherence functionality seems to based on clustering concept. Does this mean that, if I want to install WLS on my system for development use, I do not need the Coherence component that comes with WLS ?
Correct, it is not required to use WLS.
This may help to answer the question:
Coherence is now on the same "release train" as WebLogic, starting with version WebLogic version 12.1.2 (which is the second point release of the WebLogic "12c" major release version). So from now on, Coherence and WebLogic versions are in sync, and the two products are tested and certified together.
Coherence is "physically" included as part of some WebLogic installers. Coherence can be purchased as a separate product (three editions: Standard, Enterprise, Grid), or it can be purchased as part of the WebLogic Suite product (which comes with Enterprise Edition, but can be upgraded to Grid Edition).
WebLogic now has a free developer license available, and that free developer license covers Coherence development as well. (Previously, customers had to pay for a developer license, mainly AFAICT because that is how the database was licensed. We are glad to have fixed this!)
WebLogic can be used without Coherence. Coherence can be used without WebLogic. And both products can also be used together, using Coherence*Web for session management, WebLogic Active Cache for simple caching use cases, or Coherence Containers for full-blown, deployable, life-cycle managed, multi-tier data grid applications that are integrated with Java EE applications on WebLogic.
I hope this helps to clarify the possible options that you have.
For the sake of full disclosure, I work at Oracle. The opinions and views expressed in this post are my own, and do not necessarily reflect the opinions or views of my employer.
Apologies if what I am going to ask is too generic and please feel free to mark it as community wiki or even close it but after getting a good answer please.. Here goes nothing.
I had a heated debate over the term application infrastructure with a consultant from a BIG company and hence I am here to see what the experts think as I myself need a good understanding as well. I am a puny software developer and was trying to have a chat about software architecture and stuff and then we kinda got stuck up at the term application infrastructure.
As per my rival's understanding, this is solely used re the back-end hardware components and whereas I thought he is mixing the contexts and from the context of software eng it should refer to stuff that supports the application such as logging, ORM, or even framework (.net) etc.
To what extent am I wrong and if I am please shed some light on the definition...it's really gonna help a lot.
Thanks
Here are a few links with a little description about the term Application Infrastructure extracted from them:
Application Infrastructure -- f5.com
Application infrastructure, comprised of application servers, web servers, and often database servers, is a core component in most network architectures. This part of the network infrastructure delivers high performance application services to the LAN as well as to employees, partners and customers on the WAN.
Some of the key functionality of application infrastructure includes transaction management, clustering, reliable application-to-application messaging, system management, advanced application development tools, proprietary access, and interoperability with legacy technologies.
Application Infrastructure -- networkmagazineindia.com
A (common/standard) platform is required to make different applications in an enterprise work across geographies or multiple locations, and to manage a large number of users and transactions taking place within an enterprise. This platform which ensures that different applications work with each other, is known as an application infrastructure.
Application Infrastructure -- bitpipe.com
A high performance, reliable, and secure integrated technology infrastructure for managing multiple hosted applications by Application Service Providers.
What he seem to be describing is the platform for software (I'll leave it open if that is the same thing as the software platform. I do include software service in the Application Infrastructure definition and also include connectivity/networking along with hardware and software as the three foundation corner stones of Infrastructure. Infrastructure is the general purpose commodity components as opposed to the domain specific components which will typically always be Software; (A possible exception would be an organisation uses custom hardware). AIH; IBM pitch WebSphere as Appliction Infrastructure and Microsoft Consider their Windows Server to the Application Infrasture both agree with you and I.
From what I can see it speaks to HW and SW (middleware and API management).
Gertner definition : Application infrastructure is software platforms for the delivery of business applications, including development and runtime enablers.
Interesting info from Gartner:
http://wso2.com/resources/analyst-reports/comparing-vendors-of-comprehensive-application-infrastructure-suites/
We've discussed SSO before. I would like to re-enhance the conversation with defined requirements, taking into consideration recent new developments.
In the past week I've been doing market research looking for answers to the following key issues:
The project should should be:
Requirements
SSO solution for web applications.
Integrates into existing developed products.
has Policy based password security (Length, Complexity, Duration and co)
Security Policy can be managed using a web interface.
Customizable user interface (the password prompt and co. screens).
Highly available (99.9%)
Scalable.
Runs on Red Hat Linux.
Nice to have
Contains user Groups & Roles.
Written in Java.
Free Software (open source) solution.
None of the solutions came up so far are "killer choice" which leads me to think I will be tooling several projects (OWASP, AcegiSecurity + X??) hence this discussion.
We are ISV delivering front-end & backend application suite. The frontend is broken into several modules which should act as autonomous unit, from client point of view he uses the "application" - which leads to this discussion regrading SSO.
I would appreciate people sharing their experience & ideas regarding the appropriete solutions.
Some solutions are interesting
CAS
Sun OpenSSO Enterprise
JBoss Identity IDM
JOSSO
Tivoli Access Manager for Enterprise Single Sign-On
Or more generally speaking this list
Thank you,
Maxim.
What about FreeIPA?
"FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 (formerly known as Fedora Directory Server), MIT Kerberos, NTP, DNS. It consists of a web interface and command-line administration tools."
If you focus on web applications, check out http://oauth.net/.
CAS has strong adoption, user-base, and a strong lead (who recently switched jobs, but is still comitted to the project). It is straightforward to integrate (if you're comfortable writing Java code/configuring Spring beans), and can do all your requirements, noteably:
SSO solution for web applications.
YES
Integrates into existing developed products.
YES (though some cleaner than others - but many modules are available for major products, and it supports common standards (SAML, OpenID).
has Policy based password security (Length, Complexity, Duration and co)
*YES - can easily be implemented, and some extensions to integrate with LDAP (probably the most common user store) are supported
Security Policy can be managed using a web interface.
NO - though one could be build fairly simply - if you're comfortable with development, and given that this is likely to be a non-trivial project, I'd recommend considering this a non-blocker given that the product is open-source
Customizable user interface (the password prompt and co. screens).
YES - easily customized through some basic HTML/CSS editing
Highly available (99.9%)
YES - both reliable, and can support multiple node/failover scenarios easily
Scalable.
YES - used in many high-traffic environments both intranet and internet
Runs on Red Hat Linux.
YES
Oracle Enterprise Single Sign-On is not what you're after - it requires a Windows executable to be deployed. Oracle Access Manager is closer to what you're after (though it's not free or Java-based).
The major commercial players in the Identity and Access Management (IAM) market space are CA, Oracle, IBM, Sun and Novell. None of these are free solutions but they have many of the features that you are looking for.
For free software, I recommend DACS: The Distributed Access Control System. I know that one department where I work has implemented this with great success. It doesn't have as many features the commercial IAM products but otherwise is a good solution.
I have used Tivoli Access Manager backing onto Websphere and IIS boxes - the way it writes access information into the page headers is very useful. On the downside, I didnt find the DB2 Ldap backend very scalable or reliable, and you know with IBM this isn't going to come cheap.
Also the asynchronous paths (junctions) used to identify different servers is a bit of a hack really eg http://mysite/myserver/myapp - a very bad idea and not thought through very well.