Thursday, October 07, 2010

Oracle SQLPlus versus SQL Server and MySQL

Tested creating tables with some scripts we have here. Testing was against: Oracle 10g, SQL Server 2005, and MySQL 5x.

Somehow Oracle is this least intuitive.

I need some links for next time:

Connecting to SQL Plus


Deleting tables (called dropping in Oracle)

Creating and dropping sequences

Creating a Trigger

Using a *.sql script from within SQL Plus

Dropping a trigger

Seems a lot more complex than MySQL or SQL Plus

Monday, October 04, 2010

We're a bearer token company

It was mentioned in a meeting in my first week that we're a bearer token company. The more I learn about my job and the different aspects of our company, the more I realize how true it is.

I've used tokens in the past and they have many definitions. Just type define: token in Google search.

Tokens in computer software - and in our company - provide identity delegation. They can be proxies for you so you don't have to keep logging into different sites with the same username/password, which is the idea behind SSO (Single-Sign On).

A user logs in once and a token is then used in their place when they want to use a service that's outside of their initial domain where they logged in first. Ping Federate bears the brunt of creating the token and passing it between disparate domains, saving the expense. For example, a user would login to United Airlines to buy a round-trip ticket. That user would also need to rent a car so United would use our SSO Ping Federate solution to allow a token to be passed from United to Hertz so the user could rent a car and not have to login again when transfered to the Hertz rental site.

Since tokens are the basis of communication between our federated servers, they can be quite simple, from passing on basic user credentials, or the more complex, providing further information or attributes to a requesting service provider.

In the beginning I had a bit of confusion with some terms that really meant the same thing. Since a lot of terms overlap I'll just list them here.

We use SAML tokens. These are the same as SAML assertions (or to be exact, are enclosed within a SAML message), which are basically XML documents sent over the wire. Whether you use token, assertion, SAML message, SAML assertion, XML assertion, in many ways, they are all synonymous terms. They provide the mechanism to proxy for an initial sign-in and pass that sign-on to another domain. By passing on the initial sign-on we are forwarding assertions about the initial users credentials.

Assertions are also called claims. Since tokens contain assertions/claims, you can have simple claims that state who you are (basic authentication) to more extensive assertions/tokens/claims (see how I interchange them?) that also authenticate you and/or provide more attributes about who you are. It all depends on what you want an assertion/token to do and what is requested by the service you are trying to access.

This is the basis of what we do.

Friday, October 01, 2010

find and locate

I've been using Unix find on the command line for many years and it's certainly saved me some time trying to find files or strings within files.

Here's an example usage that I've liked to use:

find . -name "*.java" -exec grep -l "Boolean" {} \;

This will find all java files from the current directory down that contain the string Boolean and then list their paths.

For something a little more basic where I just need to search for file extension types I use something like this:

find . -name "*.properties" -print

But, one thing I never heard about until yesterday was the locate command.

Locate uses indexed search results and was helpful when I was trying to find some JAR files in a local repository.

Basically it takes find and cron together, run at scheduled intervals, to index the local filesystem. Then when you use locate, it will use that index to quickly give back results, that might have taken long with just the find command.