On my laptop, I encountered some unexpected popup IE windows.
I found an expected schedule task and it runs C:\Windows\system32\rewikupe.dll.
I cleaned up the task and the dll.
Tuesday, December 29, 2009
Friday, December 04, 2009
Run WebSphere Administrative Script in Rational Software Architect
WAS 6.1, RSA 7.0.0.6
Create a py file in the project, e.g. a script to create a SIB bus, add member to the bus, create a Queue Connection Factory, and a few queues could look like,
Right click on the py file, and select Run As, then Administrative Script.from java.lang import String
from java.util import Properties
from com.ibm.ws.scripting import ScriptingException
from java.io import File
from java.io import FileOutputStream
from java.io import FileInputStream
from java.io import PrintStream
###################################################################################
# Verify input parameters
#
###################################################################################
# Usage method
def usage():
print ""
print "Usage to create local sib resources:"
print "wsadmin -profileName-lang jython -f create_local_sib.py "
print "Example: wsadmin -profileName AppSrv01 -lang jython -f create_local_sib.py Cell Node server1"
print ""
print "NOTE: This script creates the 'bus', addsas member to the bus,"
print " the Queue Connection Factory and queues on the bus."
print " This is a pure CREATE script. It does not check whether resources already exist."
print " The script will fail if any of the SIB resources already exist."
sys.exit()
# Update these to reflect local environment
m_cellName = ""
m_nodeName = ""
m_serverName = ""
# Get the cell parameter
try:
m_cellName = sys.argv[0]
except:
print "You must specify a Cell name"
usage()
# Get the node parameter
try:
m_nodeName = sys.argv[1]
except:
print "You must specify a Node name"
usage()
# Get the server parameter
try:
m_serverName = sys.argv[2]
except:
print "You must specify a Server name"
usage()
# Configure the Bus and Server
AdminTask.createSIBus('[-bus bus -busSecurity false -scriptCompatibility 6.1 ]')
# File Store Bus Member
AdminTask.addSIBusMember('[-bus bus -node ' + m_nodeName + ' -server ' + m_serverName + ' -fileStore -logSize 100 -minPermanentStoreSize 200 -maxPermanentStoreSize 500 -unlimitedPermanentStoreSize false -minTemporaryStoreSize 200 -maxTemporaryStoreSize 500 -unlimitedTemporaryStoreSize false ]')
print "Bus created and Bus member added."
# Create the Queue Connection Factory
AdminTask.createSIBJMSConnectionFactory(m_serverName + '(cells/' + m_cellName + '/nodes/' + m_nodeName + '/servers/' + m_serverName + '|server.xml)', '[-name ossQueueConnectionFactory -jndiName jms/ossQueueConnectionFactory -type queue -authDataAlias -category -description -xaRecoveryAuthAlias -busName ossBus -nonPersistentMapping ExpressNonPersistent -persistentMapping ReliablePersistent -readAhead Default -target -targetType BusMember -targetSignificance Preferred -targetTransportChain -providerEndPoints -connectionProximity Bus -tempQueueNamePrefix -shareDataSourceWithCMP false]')
print "Queue Connection Factory created."
def createQueue(sibQueueName, jmsQueueName, activationSpecName, isSingleton, queuePriority):
concurrencyParam = ""
if isSingleton == 1:
concurrencyParam = " -maxConcurrency 1 "
poisonMessageParams = ""
if sibQueueName != "QUEUE1":
poisonMessageParams = " -maxFailedDeliveries 1 -exceptionDestination QUEUE1 "
AdminTask.createSIBDestination('[-bus bus -name ' + sibQueueName + ' -type Queue -node ' + m_nodeName + ' -server ' + m_serverName + ' -description -reliability ASSURED_PERSISTENT ' + poisonMessageParams + ']')
AdminTask.createSIBJMSQueue(m_serverName + '(cells/' + m_cellName + '/nodes/' + m_nodeName + '/servers/' + m_serverName + '|server.xml)', '[-name ' + jmsQueueName + ' -jndiName jms/' + jmsQueueName + ' -description -queueName ' + sibQueueName + ' -deliveryMode Application -priority ' + queuePriority + ' -readAhead AsConnection -busName bus ]')
AdminTask.createSIBJMSActivationSpec(m_serverName + '(cells/' + m_cellName + '/nodes/' + m_nodeName + '/servers/' + m_serverName + '|server.xml)', '[-name ' + activationSpecName + ' -jndiName jms/' + activationSpecName + ' -destinationJndiName jms/' + jmsQueueName + ' -description -acknowledgeMode Auto-acknowledge -authenticationAlias -busName bus -clientId -durableSubscriptionHome ' + concurrencyParam + ' -messageSelector -subscriptionDurability NonDurable -subscriptionName -readAhead Default -target -targetType BusMember -targetSignificance Preferred -targetTransportChain -shareDataSourceWithCMP false]')
createQueue("QUEUE0", "description", "ExceptionActivationSpecifications", 0, "9")
createQueue("QUEUE1", "description", "ActivationSpecifications", 0, "4")
createQueue("QUEUE2", "description", "ActivationSpecifications", 0, "4")
createQueue("QUEUE3", "description", "ActivationSpecifications", 1, "4")
createQueue("QUEUE4", "description", "ActivationSpecifications", 0, "4")
createQueue("QUEUE5", "description", "ActivationSpecifications", 1, "4")
createQueue("QUEUE6", "description", "AsyncResponseSpecifications", 0, "4")
print "Queues created."
AdminConfig.save()
print "Finished."
Select WebSphere Application Server v6.1 as the Scripting runtime.
Select AppSrvWSFP01 as the WebSphere profile.
Enter Cell Node Server as the wasadmin arguments.
Select Specify in the Security and enter userid and password
Click on Run to run the script.
Wednesday, November 18, 2009
SAP Portal - Migrate Portal Application from 7.0 to 7.1
I am surprised at the poor migration support of NWDS from 7.0 to 7.1.
I recently installed NWDS 7.1 SP08. Then I started the migration of my portal applications.
I couldn't found any way to do that other than exporting/importing par files. So I did it even at the warning of deprecation.
Then I got 5 missing library errors and 1 warning. The warning is an easy piece. Just use quick fix and it will be gone.
How to deal with these missing libraries? Here is what I did.
I created a new portal application in 7.1 and found there were normally 10 libraries referenced. I opened the .classpath file of the new project, copied the 10 library definitions and pasted in the .classpath file of the newly migrated project.
It still missed libraries of 8 classes.
A few notes,
TSSAP_JAVAX_HOME/lib/servlet.jar
->
SAP_EP/resources/servlet.jar
ECLIPSE_HOME/plugins/com.sap.security_2.0.0/lib/com.sap.security.api.jar
->
ECLIPSE_HOME/plugins/com.sap.security_2.0.0.091014073932/lib/sap.com~tc~sec~ume~api~impl.jar
I recently installed NWDS 7.1 SP08. Then I started the migration of my portal applications.
I couldn't found any way to do that other than exporting/importing par files. So I did it even at the warning of deprecation.
Then I got 5 missing library errors and 1 warning. The warning is an easy piece. Just use quick fix and it will be gone.
How to deal with these missing libraries? Here is what I did.
I created a new portal application in 7.1 and found there were normally 10 libraries referenced. I opened the .classpath file of the new project, copied the 10 library definitions and pasted in the .classpath file of the newly migrated project.
It still missed libraries of 8 classes.
A few notes,
TSSAP_JAVAX_HOME/lib/servlet.jar
->
SAP_EP/resources/servlet.jar
ECLIPSE_HOME/plugins/com.sap.security_2.0.0/lib/com.sap.security.api.jar
->
ECLIPSE_HOME/plugins/com.sap.security_2.0.0.091014073932/lib/sap.com~tc~sec~ume~api~impl.jar
Thursday, November 12, 2009
SAP Portal - Portal Content Translation
- Content Administration > Portal Content Translation > Translation Worklist Coordination
- I usually create a folder "Translations" for this purpose
- Right click folder "Translations" and select New > Translation worklist
- I usually name the worklist [Role]-[Entity]-[Date]
- After the creation, enter the edit mode of the worklist.
- Same as you edit a transport package, select objects from Portal Catalog and add them into the worklist.
- Click the Generate the translation data.
- Release the worklist for translation. Note, the status is now Released for Translation
- Here is a little bit tricky. You need to close the edit and go to the "Worklist Translation" from the left index.
- Click Search you will see the worklist. If too many, try some keywords to narrow down.
- Select Source and Target languages
- Enter the translation
- Save all.
- Mark as Translated
- Close.
- Now go back to Translation Worklist Coordination and select the worklist from Portal Catalog and open it once again.
- Click Publish Translation.
Thursday, November 05, 2009
SAP Portal - WebDynpro ABAP iView
We are running Portal 7.0.18. The WebDynpro ABAP appl is called xyz.
We created an iView and specify the appl "xyz". Both previewing and opening in a page will only result in an endless loop.
Then we figured it out the Portal was sending the request to backend ABAP server like
https:///sap/bc/webdynpro/sap/xyz/;sap-ext-sid=......
That was wrong, it should be <...>/sap/xyz;sap-ext-sid=......
SAP must mistakenly append a "/" after appl name.
I am searching for the fix from SAP for this issue. For now, I just define the appl as xyz\ and the \ will nullify the /.
... after 2 hours searching ...
OK, SAP note 1230506 - Endless loop when starting Web Dynpro ABAP is right on it.
We created an iView and specify the appl "xyz". Both previewing and opening in a page will only result in an endless loop.
Then we figured it out the Portal was sending the request to backend ABAP server like
https://
That was wrong, it should be <...>/sap/xyz;sap-ext-sid=......
SAP must mistakenly append a "/" after appl name.
I am searching for the fix from SAP for this issue. For now, I just define the appl as xyz\ and the \ will nullify the /.
... after 2 hours searching ...
OK, SAP note 1230506 - Endless loop when starting Web Dynpro ABAP is right on it.
Tuesday, November 03, 2009
CentOS 5 Chinese Support
Just run yum groupinstall "Chinese Support", then restart the Tomcat server.
All done.
All done.
Thursday, October 22, 2009
SAP Portal - Page Timeout and Session Timeout
1. Goto Portal Catalogue -> Content Provided by SAP -> End User Content -> Standard Portal users
2. Right click on 'Default Framework Page' open --> object
3. Select 'Desktop InnerPage' and edit it(drag the horizontal scroll to right side )
4. select show all in the category drop down and go down in the property page where you can see Page Timeout Set the value for "Page Timeout" and click on save in the top
Or
To the page timeout property add the following property to the property file (portalapp.xml):
com.sap.portal.page.PageTimeout=108000
The value is defined in milliseconds. The default value is 15 seconds = 15000 milliseconds. A page timeout value of -1 defines, that there is no time out and that the page will wait for all of the portal applications to finish loading as long as necessary.
If modify portalapp.xml then restart Portal, in the editor, it will show Changed by SAP.
Also, Session management is controlled by the profile parameter "rdisp/plugin_auto_logout". This parameter, with a default value of 30 minutes, controls the time that a session can be idle before it is cleared.
Said plugin_auto_logout is only for SAP GUI client, not for HTTP client.
2. Right click on 'Default Framework Page' open --> object
3. Select 'Desktop InnerPage' and edit it(drag the horizontal scroll to right side )
4. select show all in the category drop down and go down in the property page where you can see Page Timeout Set the value for "Page Timeout" and click on save in the top
Or
To the page timeout property add the following property to the property file (portalapp.xml):
com.sap.portal.page.PageTimeout=108000
The value is defined in milliseconds. The default value is 15 seconds = 15000 milliseconds. A page timeout value of -1 defines, that there is no time out and that the page will wait for all of the portal applications to finish loading as long as necessary.
If modify portalapp.xml then restart Portal, in the editor, it will show Changed by SAP.
Also, Session management is controlled by the profile parameter "rdisp/plugin_auto_logout". This parameter, with a default value of 30 minutes, controls the time that a session can be idle before it is cleared.
Said plugin_auto_logout is only for SAP GUI client, not for HTTP client.
Monday, October 19, 2009
SAP Portal: Hide Rooms in the Room Directory
For example, if you want to hide any room with template "Template ABC" in the Room Directory, just configure the iView and set
Pre-selected template in the room directory = "#Template ABC"
Not sure how combination would work. Will try later.
Pre-selected template in the room directory = "#Template ABC"
Not sure how combination would work. Will try later.
Wednesday, October 07, 2009
Monday, October 05, 2009
Install Flash Plugin for Firefox on Fedora 10
Flash Plugin for Fedora 32bit.
First you must install the adobe repository.
First you must install the adobe repository.
rpm -ivh http://linuxdownload.adobe.com/linux/i386/adobe-release-i386-1.0-1.noarch.rpmNow install it like this:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
yum install flash-pluginFinally restart Firefox and go to Tools -> Add-ons -> Plugins. You should Shockwave Flash among the plugins.
Tuesday, September 29, 2009
yum install yum-utils
- To find duplicate package: package-cleanup --dupes, clean: package-cleanup --cleandups
- To find broken dependencies: package-cleanup --problems
- To find libraries not required by any other package(s): package-cleanup --leaves (CAUTION: just because a library is not REQUIRED does NOT mean it is useless - it may provide useful functionality feature(s) for other package(s)).
- To find all packages not required by any other package: package-cleanup --leaves --all (see CAUTION above)
- To find packages not originating from enabled repositories: package-cleanup --orphans
Monday, September 28, 2009
Ctrl Alt + F1
On Linux, Ctrl Alt + F1 switch from X-Window to terminal.
Ctrl Alt + F7 switch it back.
Ctrl Alt + F7 switch it back.
Tuesday, August 04, 2009
jcalendar - Calendar._TT.DEF_DATE_FORMAT
jcalendar javascript widget, IE, language preference is French.
'Calendar._TT.DEF_DATE_FORMAT' is null or not an object.
solution, convert the .../lang/calendar-fr.js to UTF-8 encoding, recommended notepad++.
'Calendar._TT.DEF_DATE_FORMAT' is null or not an object.
solution, convert the .../lang/calendar-fr.js to UTF-8 encoding, recommended notepad++.
Thursday, July 30, 2009
SAP Portal - XML Form
Create a XML form
You need Content Manager role in the portal. Content Management -> Forms Builder. You can create a XML form project from scratch or use an existing one as base. Check the Global Settings, usually the project store is /irj/go/km/docs/etc/xmlforms and server is https://<>:443/. Remember the ID, e.g. my_Form123.
Transport the form to another portal
A ICE subscriber and syndicate way is suggested all over the Internet. Somehow I was not able to get it work. Instead, I simply copied the files under /etc/xmlforms/ to the destination portal and it worked fine for me. It did give me a bit of trouble when I previewed the form for the first time after transported. However, it worked fine at the second time.
Folder Settings
You then need the System Administration role. System Administration -> System Configuration -> Knowledge Management -> Content Management -> Form-Based Publishing -> Forms Availability -> Folder Settings
Add a new Form/Folder setting,
ID(my_form):priority(80):Folder Path(/documents/public_news/**):Forms to Exclude(SAP_APP_*):Forms to Include(my_Form123).
You shall see my_Form123 in the new selection menu of the folder.
You need Content Manager role in the portal. Content Management -> Forms Builder. You can create a XML form project from scratch or use an existing one as base. Check the Global Settings, usually the project store is /irj/go/km/docs/etc/xmlforms and server is https://<>:443/. Remember the ID, e.g. my_Form123.
Transport the form to another portal
A ICE subscriber and syndicate way is suggested all over the Internet. Somehow I was not able to get it work. Instead, I simply copied the files under /etc/xmlforms/
Folder Settings
You then need the System Administration role. System Administration -> System Configuration -> Knowledge Management -> Content Management -> Form-Based Publishing -> Forms Availability -> Folder Settings
Add a new Form/Folder setting,
ID(my_form):priority(80):Folder Path(/documents/public_news/**):Forms to Exclude(SAP_APP_*):Forms to Include(my_Form123).
You shall see my_Form123 in the new selection menu of the folder.
Wednesday, July 22, 2009
SAP Portal - EP CRM Roles
Initially, you export Roles from CRM into a XML file. The PCD location is the folder pre-created on EP to hold the incoming roles.
You then import the XML file into EP and roles will be created in EP. Remember to save the XML file for future reference.
You then can change on CRM, but need to make the same change directly on EP, not through export/import. You can also make any changes that you want on EP, e.g. to add some BI contents.
You transport changes to CRM QAS and PRD from CRM DEV, to EP QAS and PRD from EP DEV.
You then import the XML file into EP and roles will be created in EP. Remember to save the XML file for future reference.
You then can change on CRM, but need to make the same change directly on EP, not through export/import. You can also make any changes that you want on EP, e.g. to add some BI contents.
You transport changes to CRM QAS and PRD from CRM DEV, to EP QAS and PRD from EP DEV.
Wednesday, July 15, 2009
SAP Portal - Missing Portal Content
Once I was assigned the Content Admin role in a portal but can't see the Portal Content under PCD. Weird, right?
OK, at the end, we figured it out. After the installation, the Super Admin needs to click on the Portal Content under PCD and grant the permission to Content Admin role.
OK, at the end, we figured it out. After the installation, the Super Admin needs to click on the Portal Content under PCD and grant the permission to Content Admin role.
Friday, June 05, 2009
SAP Portal - KM Navigation Layout Set Mode
- Default means that settings in this iView layout set may be overlaid by existing object type handler settings (these are settings for a specific type of object).
- Exclusive means that the iView settings may overlay the object type handler settings.
SAP Portal - KM Navigation Layout
Usually you use NewsBrowser as the layout set for a KM Navigation iView.
You can use another layout set. First you need to know what are the choices.
System Administration -> System Configuration -> Knowledge Management -> Content Management -> User Interface -> Settings -> Layout Set
On SAP Enterprise Portal 7.0.18, there are 125 layout sets available.
You can use another layout set. First you need to know what are the choices.
System Administration -> System Configuration -> Knowledge Management -> Content Management -> User Interface -> Settings -> Layout Set
On SAP Enterprise Portal 7.0.18, there are 125 layout sets available.
Friday, May 29, 2009
SAP Portal - BEx
Well, this is my first BEx iView.
We have a dedicated BI installed, which means outside the Portal. We have already defined it as System Dxx.
I am the Content Administrator on the Portal, but have no role on the BI. Thus I can't preview the BEx.
So I request to have at least a display role on the BI.
I then go through the BEx (7.0) wizard, and define the query string as template=ZXXX_XXX_XXXX and it's done.
Easy.
We have a dedicated BI installed, which means outside the Portal. We have already defined it as System Dxx.
I am the Content Administrator on the Portal, but have no role on the BI. Thus I can't preview the BEx.
So I request to have at least a display role on the BI.
I then go through the BEx (7.0) wizard, and define the query string as template=ZXXX_XXX_XXXX and it's done.
Easy.
SAP Portal - Why afterInit()
During the life cycle of a Portal Service, the Portal Runtime calls the init(IServiceContext) when the service is loaded in memory, the afterInit() when the init returns, the destroy() when the service is stopped.
So is the afterInit() something unnecessary? Can we merge afterInit() into init()?
No. Actually the afterInit() is called after all services in the portal runtime have already been initialized. Suppose you need to call another service to initialize this service, you can't do it in the init() since you have no promise from the Portal Runtime that certain service will be up before others. You will have to do it in the afterInit().
So is the afterInit() something unnecessary? Can we merge afterInit() into init()?
No. Actually the afterInit() is called after all services in the portal runtime have already been initialized. Suppose you need to call another service to initialize this service, you can't do it in the init() since you have no promise from the Portal Runtime that certain service will be up before others. You will have to do it in the afterInit().
Thursday, May 28, 2009
SAP Portal - Federated Portal Network (FPN)
FPN is nowadays a hot topic. Someones (my SAP instructor) dislike it, some others (a consultant) like it.
For us, it seems inevitable. We have to place the EP as the consumer and CRM and BI as producers.
In this case, we are actually doing something called Content Federation.
Another way of FPN is Portal Federation, which, to my understanding, is more complicated and only make sense if you do have more than one site of SAP landscapes.
For us, it seems inevitable. We have to place the EP as the consumer and CRM and BI as producers.
In this case, we are actually doing something called Content Federation.
Another way of FPN is Portal Federation, which, to my understanding, is more complicated and only make sense if you do have more than one site of SAP landscapes.
SAP Portal - TREX
EP Knowledge Management includes two major elements, the Content Management and the Search and Classification Engine.
Installation of the Search and Classification Engine is required to use the functionality of Knowledge Management completely. The Engine is formerly known as TREX - text retrieval and classification.
Installation of the Search and Classification Engine is required to use the functionality of Knowledge Management completely. The Engine is formerly known as TREX - text retrieval and classification.
Wednesday, May 27, 2009
SAP Portal - Resource
A component can reference a Web resource packaged in its application or in another application by retrieving an IResource object for the resource from the IPortalComponentRequest object, as in the following examples:
For a resource in the same application:
request.getResource(IResource.IMAGE,"images/myImage.gif");
For a resource in another application:
request.getResource("myApp",IResource.IMAGE,"images/myImage.gif");
A component can use a Web resource, for example, to create a link to the
resource or to include it in its content.
For a resource in the same application:
request.getResource(IResource.IMAGE,"images/myImage.gif");
For a resource in another application:
request.getResource("myApp",IResource.IMAGE,"images/myImage.gif");
A component can use a Web resource, for example, to create a link to the
resource or to include it in its content.
WinSCP - Unix Daylight Saving Time
When Unix changes to Daylight Save Time or back from DST, WinSCP by default will show one hour difference from the real timestamp of the file in Unix.
You need to change the Environment setting Daylight saving time to Preserve remote timestamp (Unix).
Note this will disable the synchronization function in WinSCP between the two systems.
You need to change the Environment setting Daylight saving time to Preserve remote timestamp (Unix).
Note this will disable the synchronization function in WinSCP between the two systems.
Tuesday, May 26, 2009
SAP Portal - Workset
For example, add two iViews into a workset and assign the workset to a role.
The workset will appear as subgroup at the top-level navigation bar. The two iViews will appear in the Detailed Navigation panel.
Worksets can only be assigned to roles and not directly to users. Worksets are particularly useful if a lot of content is assigned to a role.
The workset will appear as subgroup at the top-level navigation bar. The two iViews will appear in the Detailed Navigation panel.
Worksets can only be assigned to roles and not directly to users. Worksets are particularly useful if a lot of content is assigned to a role.
SAP Portal - Theme and Portal Desktop
Default Desktop is under Portal Content/Portal Users/Standard Portal Users/Default Portal Desktop.
After a new theme is created, it is placed under Portal Content/themes.
You need to add the new theme to the Desktop before end users can choose the new theme.
You can only see desktops and themes by System Administration/Portal Display/Desktops & Display Rules.
After a new theme is created, it is placed under Portal Content/themes.
You need to add the new theme to the Desktop before end users can choose the new theme.
You can only see desktops and themes by System Administration/Portal Display/Desktops & Display Rules.
SAP Portal - Collapse Portal Favorite
By default, it expands the Portal Favorite. To collapse it, open the entry point of the role, either a page or a iView of a page, select the Navigation in the Property Category, and set Initial State of Navigation Panel from Automatic (default) to Always Close.
If choose Close, Portal will restore the state of the Portal Favorite when user last exits.
If choose Close, Portal will restore the state of the Portal Favorite when user last exits.
SAP Portal - FAQ 5
1. What is the difference between authentication and Single Sign-On?
In computer security, authentication is the process by which a computer, computer program, or another user attempts to confirm that the computer, computer program, or user from whom the second party has received some communication is, or is not, the claimed first party.
Single Sign-On is the subsequent automated authentication for additional systems after the user has logged on once. In this case, the authenticating system passes the user information to the subsequently called system. This is done in the background; that is, the user does not need to authenticate himself or herself again after his or her first logon.
2. What options are there for authentication for the SAP Web Application Server?
2.1 Web-based authentication methods
• Anonymous/ guest access
• User ID/ password (only authentication, not Single Sign-On)
o Form based
o Basic authentication
• X.509 digital certificates
• SAP Logon Tickets
• External authentication methods
o HTTP header variable authentication (not ABAP except for X.509 certificate information forwarding)
o Security Assertion Markup Language (SAML – only Java)
o Through Java Authentication and Authorization Services (JAAS – only Java). External authentication can be performed using a JAAS module with SAP Web Application Server 6.30. The module is not supplied by SAP, but can be implemented by customers and connected using a standardized interface. JAAS allows you to set a separate authentication mechanism for each application
2.2 SAP GUI for Windows
• SAP-certified SNC product, external security product (authentication takes place outside of SAP system)
• SAP provided wrappers for Microsoft Windows authentication mechanisms:
o Windows NTLM
o Windows 2000 Kerberos
• SAP Shortcut Method (SAP Logon Ticket)
SNC is an integration layer with which a partner product for user authentication can be included in the SAP system landscape. SNC can only be used with SAP protocols (DIAG, RFC, SAP ITS AGate/WGate), and not with the Internet protocol HTTP. This means that it cannot be used with SAP GUI for HTML; only SAP GUI for Java und SAP GUI for Windows can be secured using SNC. Pluggable Authentication Service (PAS) can be used for Web-based access - see below.
In addition to the integration of a third-party product, you can also use existing authentication infrastructures, for example for Microsoft Windows NT or Microsoft Windows 2000 through SNC. For an overview of the partner products certified by SAP for this interface (which is based on the Generic Security Services [GSS] standard), see Security Partners.
The user logs on to the partner product; the SNC user name is then mapped to the SAP user name. The SAP system accepts the logon information, and additional authentication is not required. Security mechanisms of different strengths can be used, such as, such as Public-Key cryptography or Kerberos, depending on the product you are using.
SAP provides mapping libraries free of charge for Microsoft Windows NT and Microsoft Windows 2000. These do not contain any cryptographic functions themselves, but rather access the relevant Microsoft Security Provider APIs. These can be used instead of a partner product.
For more information, see http://service.sap.com/security > Security in Detail > Secure System Management
2.3 SAP WebGUI
• X.509 client certificate
• SAP Logon Ticket
**
3. What options are there for single sign-on for SAP GUI?
The procedure used for Single Sign-On depends on the SAP GUI in use.
SAP GUI for HTML (Available with SAP Web AS and SAP ITS)
• SSO can be implemented using SAP Logon Tickets. This is a proprietary SAP solution, contain in the standard version of the software. For more information about SAP Logon Tickets, see How do SAP logon tickets work?.
• SSO can also be implemented using digital certificates - see authentication. There are advantages and disadvantages to this approach, as described under Which is the most secure option?.
• For the ITS, you can also implement external authentication using the Pluggable Authentication Service (PAS). For more information, see Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system. For more detailed information, see the relevant documentation.
SAP GUI for Java
• SNC can be used in this case; see also Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system.
SAP GUI for Windows
• You can implement SSO using SNC through a partner product; see also Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system.
• A cost-effective alternative to a partner product is to use Microsoft Windows NTLM or Microsoft Kerberos, which is contained in Microsoft operating systems at no additional cost. This variant can only be implemented in a purely Microsoft environment; if other components are used, you must purchase an additional partner product (for more information, see SAP Note 352295). For information about certified partners that provide suitable products for SNC, see Security Partners.
• You can implement SSO using SAP Shortcuts. These are available as of SAP R/3 4.0B under Microsoft Windows NT and Microsoft Windows 95 installations. SAP Shortcuts are useful for frequently used transactions or reports; a shortcut of this type means that they can be started directly from the desktop. System data, the name of the transaction or report, and the user’s logon data are stored in the shortcut. The password can also be stored here; this means that it is not necessary to enter it again during the logon. However, we recommend that you exercise caution in this situation: SAP Shortcuts store the logon data directly on the front end. As any user that can access the front end desktop can also activate the shortcut, if there is a lack of security at the front end, there is a danger that the logon data will be misused. The SAP Shortcut could also be copied to another front end computer, if access to the file system is not appropriately secured. Passwords should therefore only be stored in SAP Shortcuts if there is adequate security at the front end. You should also note that this is not a genuine Single Sign-On scenario, as each SAP Shortcut is a separate logon to the relevant SAP system. However, an actual Single Sign-On solution for SAP Shortcuts can be implemented in connection with SNC. As of SAP R/3 4.5, the SNC procedure for SSO also applies for SAP Shortcuts. For more information about SAP Shortcuts, see the SAP R/3 online documentation (as of SAP R/3 4.5) under General Information > Getting Started with R/3 > Daily Start-Up/Shutdown of the R/3 System > SAP Shortcut and SAP Note 99054 .
**
4. Must a user have the same password in all systems that are part of an SSO landscape?
No. The passwords can be different in the different systems; this does not affect the setting up of Single Sign-On in any way.
5. After a year, Single Sign-On suddenly no longer works. What could the reason for this be?
This error can occur due to an expired server certificate on the system that issues the SAP Logon Tickets. Certificates for servers, which are signed by a Certification Authority (CA) such as the SAP Trust Center Service (SAP_CA), are usually valid for a year. Although the SAP Logon Tickets for SSO are still issued after this period, an error message is triggered by the receiving system when it checks the certificates. "Self-signed" certificates, which are not issued by a CA, but by the server itself, usually have a significantly longer validity period. To avoid the certificates expiring in future, a new report has been created that provides warning in good time before the expiration of the validity of installed certificates. For more information about this, see SAP Notes 572035(Warning about expired security certificates) and 499386 ("Invalid logon ticket" for CA certificates).
6. How do SAP logon tickets work? Can they also be used to include non-SAP products in an SSO environment?
SAP Logon Tickets generate SSO for SAP solutions with Web-based access, that is, for applications that are based on SAP Web Application Server or SAP ITS. An SAP Logon Ticket is used only for the purposes of SSO and cannot be used for initial authentication. To obtain a Logon Ticket, the user must first logon using a different procedure, such as a user name and a password or a digital certificate. The Logon Ticket is contained in a cookie that is forwarded to the user’s Web browser by the issuing system. It is forwarded from the user’s browser to the subsequently called systems that are integrated into the SSO landscape. The user logs on only once. The ticket itself contains the user name, a timestamp, information about the issuing system, and a certain validity period, which can be configured using a system profile parameter , and which can range from a few minutes to several hours. To protect the authenticity and the integrity of the ticket, it is digitally signed by the issuing system. The prerequisite for the use of SAP Logon Tickets is the use of identical user names in the systems that issue and accept the ticket. The SAP Enterprise Portal is an exception to this rule; in this case, an external user name can be specified in the ticket itself.
The advantage of SAP Logon Tickets over an SSO solution using digital certificates is that the (person-related) Public-Key Infrastructure, which is required to administer digital certificates and can be cost-intensive, is not required. Logon Tickets that have already been checked can be buffered for the duration of their validity, which improves performance. To avoid it being stolen through interception, the ticket should be protected using SSL. Many external systems can also be configured to accept and verify SAP Logon Tickets. You can do this using a library provided by SAP, which is then integrated into the external software. The following SAP systems can issues SAP Logon Tickets: systems as of SAP Basis 4.6C (see SAP Note 358469), SAP Web Application Server 6.10 and above, SAP Enterprise Portal 5.0 and above. SAP systems as of SAP Basis 4.0 can accept SAP Logon Tickets (see SAP Note 177895).
7. Are authentication and SSO connected with Central User Administration (CUA)?
No. Central User Administration simply centralizes the administration of user and role data across a large number of SAP systems. The data contained there only applies after the user has already logged on; authentication and, if appropriate, Single Sign-On have therefore already taken place. Setting up a CUA therefore does not affect authentication and SSO procedures in any way; however, it does provide the basis for the use of SAP Logon Tickets due to the assignment of uniform cross-system user names. Implementing CUA also does not provide any form of password synchronization between the central and child systems. Initial passwords are an exception to this rule, and it is also possible to reset passwords. This can be done both in the local child systems and in the central system (with distribution to selected systems).
8. Are authentication and SSO connected with LDAP user data synchronization (LDAP Connector, LDAPMAP)?
No. Since SAP Basis 4.6, SAP systems have had an LDAP Connector, which allows connection to an LDAP directory. However, only individual accesses to the LDAP directory are possible in this version. Data synchronization between SAP R/3 and the LDAP directory was standardized with SAP Web AS 6.10, and mass synchronization is possible. The data synchronization applies only to user and role data, however. Authentication and SSO functions are provided neither using the LDAP Connector nor through transaction LDAPMAP. For information about transferring an external authentication to the LDAP directory, see Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system?.
9. How do authentication and SSO work in the SAP NW Portal?
The SAP Netweaver Portal offers the same possibilities for user authentication as SAP Netweaver AS Java. In Addition Account Aggregation ist supported. With this procedure, a portal user (or a user group) is associated with the user name and password for an application. This allows SSO even for applications that cannot accept SAP Logon Tickets. The administrator, or the user can perform the required mapping using a graphical interface. The portal stores the data in the portal database. For security reasons, all password information is encrypted using a triple DES algorithm.
For more information about authentication and SSO in the SAP Enterprise Portal, see Solution in Detail: Security in the mySAP Enterprise Portal.
10. Does SAP offer a Trust Center?
Yes. For more information, see the SAP Service Marketplace using the alias TCS. SAP offers client certificates, server certificates, for example, for Secure Socket Layer, and router certificates for service connections through SAPRouter.
11. Where is the SAP Passport physically stored?
Passports are stored wherever the browser stores its certificates. In the case of Microsoft Internet Explorer, this is the registry. You can usually also replace the browser storage using a third party product, for example a smart card or a central Personal Security Environment (PSE) server.
12. SAP Passports - where can I learn more about it?
On SAP Service Marketplace at htttp://service.sap.com/~form/sapnet?_SHORTKEY=01100035870000282722& you find a detailed description of the process in the presentation "SAP Passports - How to get started". To test SAP passport functionality in your SAP Workplace, please generate a Certificate Request (CR) and send message on component BC-SEC to SAP via SAP Net R/3 Frontend (OSS) or SAP Service Marketplace. We will send you the necessary certificate for your Registration Authority (RA).
13. Does SAP also support newer standards, such as SAML or the Liberty Alliance Project?
Security Assertion Markup Language (SAML) With SAP Web Application Server 6.30, the SAP J2EE Engine can accept SAML tickets for logon in the browser artifact scenario. For more information about SAML,
SAP is a sponsor of Liberty Alliance Project, an initiative to establish a standard for federated digital identities on the Web. Its aim is to use specifications to develop open standards that can be used internationally across industries.
In computer security, authentication is the process by which a computer, computer program, or another user attempts to confirm that the computer, computer program, or user from whom the second party has received some communication is, or is not, the claimed first party.
Single Sign-On is the subsequent automated authentication for additional systems after the user has logged on once. In this case, the authenticating system passes the user information to the subsequently called system. This is done in the background; that is, the user does not need to authenticate himself or herself again after his or her first logon.
2. What options are there for authentication for the SAP Web Application Server?
2.1 Web-based authentication methods
• Anonymous/ guest access
• User ID/ password (only authentication, not Single Sign-On)
o Form based
o Basic authentication
• X.509 digital certificates
• SAP Logon Tickets
• External authentication methods
o HTTP header variable authentication (not ABAP except for X.509 certificate information forwarding)
o Security Assertion Markup Language (SAML – only Java)
o Through Java Authentication and Authorization Services (JAAS – only Java). External authentication can be performed using a JAAS module with SAP Web Application Server 6.30. The module is not supplied by SAP, but can be implemented by customers and connected using a standardized interface. JAAS allows you to set a separate authentication mechanism for each application
2.2 SAP GUI for Windows
• SAP-certified SNC product, external security product (authentication takes place outside of SAP system)
• SAP provided wrappers for Microsoft Windows authentication mechanisms:
o Windows NTLM
o Windows 2000 Kerberos
• SAP Shortcut Method (SAP Logon Ticket)
SNC is an integration layer with which a partner product for user authentication can be included in the SAP system landscape. SNC can only be used with SAP protocols (DIAG, RFC, SAP ITS AGate/WGate), and not with the Internet protocol HTTP. This means that it cannot be used with SAP GUI for HTML; only SAP GUI for Java und SAP GUI for Windows can be secured using SNC. Pluggable Authentication Service (PAS) can be used for Web-based access - see below.
In addition to the integration of a third-party product, you can also use existing authentication infrastructures, for example for Microsoft Windows NT or Microsoft Windows 2000 through SNC. For an overview of the partner products certified by SAP for this interface (which is based on the Generic Security Services [GSS] standard), see Security Partners.
The user logs on to the partner product; the SNC user name is then mapped to the SAP user name. The SAP system accepts the logon information, and additional authentication is not required. Security mechanisms of different strengths can be used, such as, such as Public-Key cryptography or Kerberos, depending on the product you are using.
SAP provides mapping libraries free of charge for Microsoft Windows NT and Microsoft Windows 2000. These do not contain any cryptographic functions themselves, but rather access the relevant Microsoft Security Provider APIs. These can be used instead of a partner product.
For more information, see http://service.sap.com/security > Security in Detail > Secure System Management
2.3 SAP WebGUI
• X.509 client certificate
• SAP Logon Ticket
**
3. What options are there for single sign-on for SAP GUI?
The procedure used for Single Sign-On depends on the SAP GUI in use.
SAP GUI for HTML (Available with SAP Web AS and SAP ITS)
• SSO can be implemented using SAP Logon Tickets. This is a proprietary SAP solution, contain in the standard version of the software. For more information about SAP Logon Tickets, see How do SAP logon tickets work?.
• SSO can also be implemented using digital certificates - see authentication. There are advantages and disadvantages to this approach, as described under Which is the most secure option?.
• For the ITS, you can also implement external authentication using the Pluggable Authentication Service (PAS). For more information, see Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system. For more detailed information, see the relevant documentation.
SAP GUI for Java
• SNC can be used in this case; see also Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system.
SAP GUI for Windows
• You can implement SSO using SNC through a partner product; see also Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system.
• A cost-effective alternative to a partner product is to use Microsoft Windows NTLM or Microsoft Kerberos, which is contained in Microsoft operating systems at no additional cost. This variant can only be implemented in a purely Microsoft environment; if other components are used, you must purchase an additional partner product (for more information, see SAP Note 352295). For information about certified partners that provide suitable products for SNC, see Security Partners.
• You can implement SSO using SAP Shortcuts. These are available as of SAP R/3 4.0B under Microsoft Windows NT and Microsoft Windows 95 installations. SAP Shortcuts are useful for frequently used transactions or reports; a shortcut of this type means that they can be started directly from the desktop. System data, the name of the transaction or report, and the user’s logon data are stored in the shortcut. The password can also be stored here; this means that it is not necessary to enter it again during the logon. However, we recommend that you exercise caution in this situation: SAP Shortcuts store the logon data directly on the front end. As any user that can access the front end desktop can also activate the shortcut, if there is a lack of security at the front end, there is a danger that the logon data will be misused. The SAP Shortcut could also be copied to another front end computer, if access to the file system is not appropriately secured. Passwords should therefore only be stored in SAP Shortcuts if there is adequate security at the front end. You should also note that this is not a genuine Single Sign-On scenario, as each SAP Shortcut is a separate logon to the relevant SAP system. However, an actual Single Sign-On solution for SAP Shortcuts can be implemented in connection with SNC. As of SAP R/3 4.5, the SNC procedure for SSO also applies for SAP Shortcuts. For more information about SAP Shortcuts, see the SAP R/3 online documentation (as of SAP R/3 4.5) under General Information > Getting Started with R/3 > Daily Start-Up/Shutdown of the R/3 System > SAP Shortcut and SAP Note 99054 .
**
4. Must a user have the same password in all systems that are part of an SSO landscape?
No. The passwords can be different in the different systems; this does not affect the setting up of Single Sign-On in any way.
5. After a year, Single Sign-On suddenly no longer works. What could the reason for this be?
This error can occur due to an expired server certificate on the system that issues the SAP Logon Tickets. Certificates for servers, which are signed by a Certification Authority (CA) such as the SAP Trust Center Service (SAP_CA), are usually valid for a year. Although the SAP Logon Tickets for SSO are still issued after this period, an error message is triggered by the receiving system when it checks the certificates. "Self-signed" certificates, which are not issued by a CA, but by the server itself, usually have a significantly longer validity period. To avoid the certificates expiring in future, a new report has been created that provides warning in good time before the expiration of the validity of installed certificates. For more information about this, see SAP Notes 572035(Warning about expired security certificates) and 499386 ("Invalid logon ticket" for CA certificates).
6. How do SAP logon tickets work? Can they also be used to include non-SAP products in an SSO environment?
SAP Logon Tickets generate SSO for SAP solutions with Web-based access, that is, for applications that are based on SAP Web Application Server or SAP ITS. An SAP Logon Ticket is used only for the purposes of SSO and cannot be used for initial authentication. To obtain a Logon Ticket, the user must first logon using a different procedure, such as a user name and a password or a digital certificate. The Logon Ticket is contained in a cookie that is forwarded to the user’s Web browser by the issuing system. It is forwarded from the user’s browser to the subsequently called systems that are integrated into the SSO landscape. The user logs on only once. The ticket itself contains the user name, a timestamp, information about the issuing system, and a certain validity period, which can be configured using a system profile parameter , and which can range from a few minutes to several hours. To protect the authenticity and the integrity of the ticket, it is digitally signed by the issuing system. The prerequisite for the use of SAP Logon Tickets is the use of identical user names in the systems that issue and accept the ticket. The SAP Enterprise Portal is an exception to this rule; in this case, an external user name can be specified in the ticket itself.
The advantage of SAP Logon Tickets over an SSO solution using digital certificates is that the (person-related) Public-Key Infrastructure, which is required to administer digital certificates and can be cost-intensive, is not required. Logon Tickets that have already been checked can be buffered for the duration of their validity, which improves performance. To avoid it being stolen through interception, the ticket should be protected using SSL. Many external systems can also be configured to accept and verify SAP Logon Tickets. You can do this using a library provided by SAP, which is then integrated into the external software. The following SAP systems can issues SAP Logon Tickets: systems as of SAP Basis 4.6C (see SAP Note 358469), SAP Web Application Server 6.10 and above, SAP Enterprise Portal 5.0 and above. SAP systems as of SAP Basis 4.0 can accept SAP Logon Tickets (see SAP Note 177895).
7. Are authentication and SSO connected with Central User Administration (CUA)?
No. Central User Administration simply centralizes the administration of user and role data across a large number of SAP systems. The data contained there only applies after the user has already logged on; authentication and, if appropriate, Single Sign-On have therefore already taken place. Setting up a CUA therefore does not affect authentication and SSO procedures in any way; however, it does provide the basis for the use of SAP Logon Tickets due to the assignment of uniform cross-system user names. Implementing CUA also does not provide any form of password synchronization between the central and child systems. Initial passwords are an exception to this rule, and it is also possible to reset passwords. This can be done both in the local child systems and in the central system (with distribution to selected systems).
8. Are authentication and SSO connected with LDAP user data synchronization (LDAP Connector, LDAPMAP)?
No. Since SAP Basis 4.6, SAP systems have had an LDAP Connector, which allows connection to an LDAP directory. However, only individual accesses to the LDAP directory are possible in this version. Data synchronization between SAP R/3 and the LDAP directory was standardized with SAP Web AS 6.10, and mass synchronization is possible. The data synchronization applies only to user and role data, however. Authentication and SSO functions are provided neither using the LDAP Connector nor through transaction LDAPMAP. For information about transferring an external authentication to the LDAP directory, see Is it possible to connect products from external vendors to implement authentication and SSO outside the SAP system?.
9. How do authentication and SSO work in the SAP NW Portal?
The SAP Netweaver Portal offers the same possibilities for user authentication as SAP Netweaver AS Java. In Addition Account Aggregation ist supported. With this procedure, a portal user (or a user group) is associated with the user name and password for an application. This allows SSO even for applications that cannot accept SAP Logon Tickets. The administrator, or the user can perform the required mapping using a graphical interface. The portal stores the data in the portal database. For security reasons, all password information is encrypted using a triple DES algorithm.
For more information about authentication and SSO in the SAP Enterprise Portal, see Solution in Detail: Security in the mySAP Enterprise Portal.
10. Does SAP offer a Trust Center?
Yes. For more information, see the SAP Service Marketplace using the alias TCS. SAP offers client certificates, server certificates, for example, for Secure Socket Layer, and router certificates for service connections through SAPRouter.
11. Where is the SAP Passport physically stored?
Passports are stored wherever the browser stores its certificates. In the case of Microsoft Internet Explorer, this is the registry. You can usually also replace the browser storage using a third party product, for example a smart card or a central Personal Security Environment (PSE) server.
12. SAP Passports - where can I learn more about it?
On SAP Service Marketplace at htttp://service.sap.com/~form/sapnet?_SHORTKEY=01100035870000282722& you find a detailed description of the process in the presentation "SAP Passports - How to get started". To test SAP passport functionality in your SAP Workplace, please generate a Certificate Request (CR) and send message on component BC-SEC to SAP via SAP Net R/3 Frontend (OSS) or SAP Service Marketplace. We will send you the necessary certificate for your Registration Authority (RA).
13. Does SAP also support newer standards, such as SAML or the Liberty Alliance Project?
Security Assertion Markup Language (SAML) With SAP Web Application Server 6.30, the SAP J2EE Engine can accept SAML tickets for logon in the browser artifact scenario. For more information about SAML,
SAP is a sponsor of Liberty Alliance Project, an initiative to establish a standard for federated digital identities on the Web. Its aim is to use specifications to develop open standards that can be used internationally across industries.
Friday, May 22, 2009
SAP Portal - Difference Between DynPage and JSPDynPage
DynPage is part of HTMLB not of Portal, which means it might be used in places or programs other than Portal. But JSPDynPage is part of Portal, which means it shall only be used in Portal.
JSPDynPage extends DynPage. It uses its jspName to point to a JSP file under dist/pagelet.
In DynPage classes, you code all HTMLB controlComponent in Java. In JSPDynPage, you code all HTMLB controlComponent in JSP and use the Java class just to induce the JSP.
JSPDynPage extends DynPage. It uses its jspName to point to a JSP file under dist/pagelet.
In DynPage classes, you code all HTMLB controlComponent in Java. In JSPDynPage, you code all HTMLB controlComponent in JSP and use the Java class just to induce the JSP.
SAP Portal - HTMLB
HTMLB(HTML-Bussiness for Java) provides a full set of easy-to-use Web controls.
SAP recommends Web Dynpro over HTMLB since the former is more powerful. However, from time to time, there are really easy requirements coming in and HTMLB might be less costly.
HTMLB is more likely a SWT or Swing GUI style programming. It contains Form, ControlComponent, Container, and Event.
Form
It is basically the wrapping paper of your page and essential for the data transfer from the web client to the web browser and for the event handling. Controls in the form have unique control names. The control names are generated by the HTMLB renderer. Therefore you cannot use for example, JavaScript to manipulate the controls.
ControlComponent
ControlComponent are GUI elements and are placed in a Form. Every control has different attributes that define the "look" of the control. Controls are checkboxes, radio buttons and grids, etc..
Container
Container contains controls. Container can contain containers - nesting. For example, a "tray" contains a "gridLayout", which contains "textView" and "inputField".
Event
Components can respond to user action. The response is called an event. An event usually causes a submit (sending the form from the web client to the web server). With the control that can create an event you specify the name of the event handling routine. The web server receives the form, analyzes it and calls the event handling routine which does the further processing.
SAP recommends Web Dynpro over HTMLB since the former is more powerful. However, from time to time, there are really easy requirements coming in and HTMLB might be less costly.
HTMLB is more likely a SWT or Swing GUI style programming. It contains Form, ControlComponent, Container, and Event.
Form
It is basically the wrapping paper of your page and essential for the data transfer from the web client to the web browser and for the event handling. Controls in the form have unique control names. The control names are generated by the HTMLB renderer. Therefore you cannot use for example, JavaScript to manipulate the controls.
ControlComponent
ControlComponent are GUI elements and are placed in a Form. Every control has different attributes that define the "look" of the control. Controls are checkboxes, radio buttons and grids, etc..
Container
Container contains controls. Container can contain containers - nesting. For example, a "tray" contains a "gridLayout", which contains "textView" and "inputField".
Event
Components can respond to user action. The response is called an event. An event usually causes a submit (sending the form from the web client to the web server). With the control that can create an event you specify the name of the event handling routine. The web server receives the form, analyzes it and calls the event handling routine which does the further processing.
Thursday, May 21, 2009
SAP Portal - Personalization
In the portalapp.xml file, define a component, component-profile.
personalization
plainDescription a plain text that can be used in user interfaces to describe the property. it will be used if no description attribute is specified.
inheritance
personalization
- dialog: per-user storage and shown in end user personalization and content admin dialog
- no_dialog: per-user storage, not shown in personalization dialog, shown in content admin dialog
- none: means not define this property at all, cross-user storage, not shown in end user personalization dialog, but in content admin dialog
- String: value="string"
- Date: ? never work (on NW 7.0.18), learn from the conversion with Todor Petrov on his blog, Date is not supported on NW 7.0, only available after 7.1. But a SAP training material which uses NW 7.0.11 has included Date as a supported type.
- Select: select[ABC, BCD, DAD]
- Boolean: false, true
plainDescription a plain text that can be used in user interfaces to describe the property. it will be used if no description attribute is specified.
inheritance
- non-final (default): can be overridden by a template derivation
- final: can not be overridden (actually can be overridden in my test. not sure why)
Wednesday, May 20, 2009
SAP Portal - FAQ 4
What is the default security constraint for Enterprise JavaBeans (EJB) methods?
It is possible to deploy EJB components without setting security constraints. The default security for a method is "unchecked" which means that no checks are made by the container and this will allow all clients to invoke it.
Is it possible for a bean to use a service or a library?
Yes, it is possible. You must specify a reference from the application to that component in order to have a reference between the class loaders. This could be done in the application-j2ee-engine.xml or after deploying the application by the changeref command of the deploy service. If you want to use an object from JNDI (e.g. bound by a service) you must specify a reference to it in the ejb-j2ee-engine.xml
Can I start a thread from a bean?
No, according to the Enterprise JavaBeans 2.0 Specification (Appendix C EJB 1.1 Runtime Environment) thread management is performed by the EJB Container and Enterprise Beans must not attempt to manage threads, which includes starting, stopping, suspending, or resuming a thread; or changing a thread's priority or name. Enterprise Beans must not attempt to manage thread groups either. These requirements ensure that the Container properly manages the runtime environment.
What happens if the same bean is accessed concurrently from several clients?
For session beans the usual client behavior must be to create its own session object (by any of the Home interface's create methods), use it and then remove it. Sharing the session object between clients and transactions may cause problems. Here are some details :
start_app: First, the files that are needed by the container during start (i.e. jar files and other configuration stuff) are downloaded from the DB. Then the descriptors for the application are built and they are used to create the naming contexts for each bean. After that the specific EJB class loader for the application is created and registered, the containers for each EJB are initialized and their EJBHomes and/or EJBLocalHomes are bound to JNDI. Persistence Managers for the CMP entity beans are created and initialized. Finally, the pools for stateless, entity, and message-driven beans are initialized. The default initial pool size is 0 - this means that no instances will be created (and respectively no setSessionContext/setEntityContext/setMessageDrivenContext wil be invoked) at start time. If you wish, you can specify the initial pool size in your ejb-j2ee-engine.xml, like this:
In the above example 10 instances of MyStatelessBean will be created at start time.
stop_app: First, the EJBHomes and/or EJBLocalHomes are unbound from JNDI and all EJB naming contexts are destroyed. Then the containers and pools for each EJB are destroyed too. Finally, the EJB class loader for the application is unregistered.
May I deploy the Web components as EAR1 and the corresponding EJB components as EAR2?
Although this scenario is not described in the specification, it is really commonly used and has to be supported. In this case, the dynamically generated P4 stubs are used. If you have the interfaces of the bean in the servlet's ear then there must be also all other helper classes - return types, parameters, exceptions (a common issue is that the EJBObject class can not be loaded and the most probable reason is this). The other possibility is not to have the bean's interfaces in the servlet's ear. Then you should have a reference between the applications. But don't use reference if you already have the interfaces :) This may cause a ClassCastException.
How are the bean instances/EJBObject/EJBHome objects distributed in the cluster environment? Does the client still access the same cluster node?
Every bean component deployed on the J2EE Engine is loaded on every server node of the cluster.
Bean instances (i.e. instances of the bean class) live in every server node.
The distribution of the remote EJBHome and EJBObjects is managed by the remote protocol (the default one for the J2EE Engine is P4). When a remote object is created on a server node the P4 protocol manages a connection from the client to that object. That means that the client is always connected to a certain server node.
What happens if the server node to which the client is connected crashes? Is there a failover mechanism?
If the server node to which the client is connected crashes, the remote protocol redirects the call to another server node where a new remote object will process the subsequent client calls. The failover mechanism is different for the diffenrent types of beans:
- Stateless session beans have no state and their failover is implemented only by redirecting the call to another server node.
- Stateful failover serializes stateful bean instances in a persistent storage (the file system or the system database). Thus the last state of the session is replicated.
- Entity beans are persisted in the database and that's why they are synchronized with the consistent data in the database. The entities are locked in the Enque server and then loaded from the database. If a server crashes during an entity bean update, the transaction will be considered as invalid. The next request to the same entity will be dispatched to a working server and the last committed state will be loaded from the database.
Should I clear/reinitialize bean's fields inside ejbPassivate/ejbActivate?
Stateful session- and entity beans: For minimizing the jndi lookups, my bean looks up some references (jndi context root, ejbHome of related beans, a datasource object, UserTransaction object) inside setSessionContext/setEntityContext (or ejbCreate) and it stores it locally into private fields.
Should they make the lookups again inside ejbActivate() and should they set the references to null inside ejbPassivate()?
Stateful sessions can keep references to some not serializable object after ejbPassivate() (EJB2.0 Chapter 7.4.1). These objects are jndi contexts - the root or any of its subcontexts; UserTransaction object, SessionContext object; EJBHome, EJBObject, EJBLocalHome, EJBLocalObject references. These references may not be set to null in ejbPassivate and that means not to be initialized again in ejbActivate. The opposite applies accordingly for any kind of resources and resource factories - data sources, connections, sockets, etc.
For entity beans it is quite different. After ejbPassivate() is called to a bean it applies a 'passive' state. The passive instances are kept in a pool and are used for finder methods execution. That means that they may have any kind of references - data sources, connections, etc. We recommend not to keep open connections in a passive instance because this may cause problems (like never releasing the connections).
Do references to plain Java classes survive the passivation/activation - ( e.g. I use dao class instances)
Yes, but the classes must implement java.io.Serializable (again EJB2.0 Chapter 7.4.1)
Should EJB instances set their references to null inside ejbRemove (for clean up)?
After ejbRemove() entity beans go in a 'passive' state, and just like in ejbPassivate, there is no reason to set their references to null, but it's a good idea if they close all open connections. Session beans stop their existence after ejbRemove(), so they MUST close all open resources. The ejb instances will be garbage collected so there is no need to set their references to null, but if an open resource remains it may never be released.
Should I call remove() to a session bean in order to clean up the associated EJBObjects (stub/skeleton)?
For stateless session beans it makes no sense to invoke the remove() method as this does not trigger the invoking of the ejbRemove() method on any bean instance.
For stateful session beans cleaning up EJBObjects is important as they are remote objects and cleaning them means removing all proxy objects that are used by the remote protocols. The stateful session beans' remove() method triggers invoking the ejbRemove() method on the corresponding bean instance. That is why invoking it is important if there is a specific business logic implemented in the bean's ejbRemove() method. Otherwise (if the session bean's client hasn't explicit reason to invoke remove) it may omit it. For these cases the session container has a timeout for the active sessions (active means EJBObjects/EJBLocalObject that are obtained by a home's create method and are not removed). If such sessions are not used for a specified period they are removed and the container cleans up all related objects. To avoid keeping objects that are not used on the server for a long time, it is a good design for the applications to invoke remove() always when they are able to do it.
Is the stateful bean the better choice than stateless because of the possibility of utilizing the SessionSynchronization interface?
The answer is no, it is not possible to claim that the one kind is better than the other. They are just different and it depends on the application design which of them is more suitable. SessionSynchronization interface is useless for stateless sessions because the instances are not associated with the session - they are stateless. That means that different methods in the same session (through the same EJBObject) could be (and most probable are) invoked on different instances so they must not keep any information between method calls.
6.30 stateful session beans: How does the passivation/activation work?
The EJB Container uses the LRU (least recently used) algorithm for choosing which stateful session bean instances to be passivated. The instances are serialized and written into a persistent storage (the file system or the system database).
Is there a performance difference between stateful and stateless session beans?
Until SP4 the differences in the implementation were not big. Therefore, we do not expect a significant difference in the performance.
Since SP5 the remote communication for stateless session beans is changed in a way that only one remote object is used for all EJBObjects. This makes the create methods very fast as they are executed only on the client side without executing a remote call.
What is the performance of CMP- versus BMP entity beans with 6.30?
When CMP entity beans can be used, they have proved to be faster than BMP beans. However, the results may vary and depend on the application and its behavior with the persistent data. According to our measurements with the SPECjAppServer 2003 benchmark:
CMP beans are more scalable than BMP beans. On the same configuration, the CMP version of the benchmark application processes the requests of 50% more clients than the BMP version.
The response times for the different transactions with CMP are between 20% and 100% better the response times with BMP.
The life-cycle management of the entity beans is the same for BMP and CMP. The better performance is due to optimizations in the persistence management.
Entity beans: At which point of time will ejbLoad/ejbStore be called?
ejbLoad: before a first method call inside a new transaction.
ejbStore: prior to transaction's commit - beforeCompletion() method of javax.transaction.Synchronization interface (JTA) is used. In addition, for CMP, ejbStore is called before finder methods: the updated data is flushed into the database (for performance reasons this is optional - there is a tag "switch-off-storing" in persistent.xml). The special thought here is that storing before finder methods is not specified for BMP, but if a transaction has accessed both BMP and CMP beans and after that it calls a CMP finder method, then ejbStore will be called for all BMP and CMP beans.
What is the "n+1 finder problem" ?
Entity beans by default force you to first load a collection of keys for the dataset you want to access and then go through this set and get the data records key by key. This results in n+1 round trips to the database, where "n" is the number of records needed.
Does the 6.30 container cache the whole entities after a finder method call? How can the "n+1 finder problem" be avoided?
a. For CMP?
With the default configuration only primary keys are loaded. When a single entity is accessed, it is loaded and locked regarding the transaction's isolation level. The "n+1 finder problem" can be avoided be specifying the load-selected-objects property for the corresponding finder method. Then the whole entities will be loaded in the finder method and will be cached until the end of the transaction.
b. For BMP?
Finder methods are implemented by the bean provider. The EJB Container extracts only the primary keys of the selected entities. Each entity is loaded on demand ? the first time it is accessed. The architecture does not allow the EJB Container to implement any caching and thus to solve the "n+1 finder problem".
May I avoid the "n+1 finder problem" using ejbHome methods instead of ejbFind methods?
Yes. ejbHome methods can be used for operations like increaseAllSallaries(). This is done instead of invoking a finder method and then using business methods on every single instance of the resulting data. With BMP this whole operation can be made with a single query and is the only way to avoid the "n+1 finder problem".
CMP Entity beans: Which kind of data source has to be used: Open SQL/Native SQL/Vendor SQL?
All stated possibilities are allowed.
What is the difference between Open SQL/Native SQL/Vendor SQL?
The three modi are adjusted from the administrator for the engine for every datasource. It defines whether this datasource is using SAP persistence level Open SQL or something in between.
1. Open SQL: You will have full support of the SAP persistence level. This means that SQL requests have to be written in Open SQL grammar, thus ensuring they will run with all DB's supported by SAP. You can use statement cache, SQL trace and the table buffer. Buffering tables has to be configured in.
2. Native SQL: You don't use Open SQL, but parts of the persistence level, that allows you to use the statement cache and SQL trace.
3. Vendor SQL: You are on plain JDBC using the vendor specific driver. No special support for persistence features. You still benefit from serverside connection pooling and transaction management service.
Should I lock the table/entity explicitly when implementing persistence using EJB components?
If using: - session beans - entity bean with BMP - entity beans with CMP?
Answer: When you use session beans or BMP you have to make explicit locking - the bean provider is responsible for the synchronization.
For CMP the synchronization is managed by the Persistence Manager, so the application must not do any kind of locking
If I have to lock do I use the Enque Server interfaces?
All applications that use common persistent data must use the same locking mechanism in order to synchronize their access to the data. Therefore, it depends on whether your persistent data can be accessed by other applications and what locking mechanism they use. If they use the database locking mechanisms you must also use them. If they use the Enque server locking, you must also use it. The EJB Container provides both options for CMP entity beans.
If you use the Enque server locking you must do it by the TableLocking API from the applocking service.
CMP: How does the EJB Container (Persistence Manager) manage the locking?
Persistence Manager uses only pessimistic concurrency control based on different isolation levels and locking in Enque server or in the database. If you have a read-only CMP bean it is better to specify this when describing its O/R mapping in persistent.xml descriptor. Thus you will escape any locking for that bean and will increase the performance.
Which kind of transaction should my EJB bean use: local(JDBC) or global(JTA)?
At best, EJB beans should not start end-to-end transactions explicitly at all. They rather should use the container-managed transaction demarcation and rely on the transaction management done by the EJB Container. Entity beans must use the container-managed transaction demarcation. If you need the explicite (bean-managed) transaction demarcation for a session bean, only JTA transactions must be used.
What is the default transaction attribute for container-managed transaction demarcation?
It is possible to deploy EJB components with container-managed transaction management without having set the transaction attributes for metods.
The default transaction attribute is :
"Supports" for session which means,
a. if a client is part of a transaction: the call is executed in the same transaction;
b. if a client has no transaction: the call is executed without a transaction context.
"Required" for entity beans which means,
a. if a client is part of a transaction: the call is executed in the same transaction;
b. if a client has no transaction: a new transaction is started for executing the call.
"Not Supported" for message-driven beans which means the call will be executed without a transaction context
(BMP) Entity beans: During JTA transaction commit the method ejbPassivate() is called. Why ?
Our EJB Container uses the 'Commit option C', i.e. it associates an active bean instance with a JTA transaction. At the end of the transaction ejbStore() method is invoked and the instance is passivated (returned to the pool). Before passivating an instance, the EJB Container has to call the method ejbPassivate().
When should I use a plain Java RMI client? Which libraries does a Java RMI client need?
A plain Java RMI client is very convenient for small EJB components testing purposes. However, there is no specification for such an RMI client and it may not work correctly in certain situations, e.g. it cannot manage transactions. With regard to J2EE the only possible clients of an EJB bean are appclients, Web components, and other EJBs.
In order to access the EJB components an RMI client needs the libraries:
The ejb-client jar of your deployed EJB application. You can retrieve it either through the runtime view of deploy service in Visual Admin, or through the command shell on the server (using the command CLIENTJARS from DEPLOY group).
The SAPJ2EEEngineClient.jar library as provided inside the Engine's build procedure.
It is possible to deploy EJB components without setting security constraints. The default security for a method is "unchecked" which means that no checks are made by the container and this will allow all clients to invoke it.
Is it possible for a bean to use a service or a library?
Yes, it is possible. You must specify a reference from the application to that component in order to have a reference between the class loaders. This could be done in the application-j2ee-engine.xml or after deploying the application by the changeref command of the deploy service. If you want to use an object from JNDI (e.g. bound by a service) you must specify a reference to it in the ejb-j2ee-engine.xml
Can I start a thread from a bean?
No, according to the Enterprise JavaBeans 2.0 Specification (Appendix C EJB 1.1 Runtime Environment) thread management is performed by the EJB Container and Enterprise Beans must not attempt to manage threads, which includes starting, stopping, suspending, or resuming a thread; or changing a thread's priority or name. Enterprise Beans must not attempt to manage thread groups either. These requirements ensure that the Container properly manages the runtime environment.
What happens if the same bean is accessed concurrently from several clients?
For session beans the usual client behavior must be to create its own session object (by any of the Home interface's create methods), use it and then remove it. Sharing the session object between clients and transactions may cause problems. Here are some details :
- Stateless session beans: Each client accessing a session object gets a pooled bean instance for each request. Concurrent access makes no problem.
- Stateful session beans: If a second client tries to use the same EJBObject (that is uses the same session) he/she will get an exception. If the stateful bean has container managed transactions, the instance is "associated" with a transaction. That means that if a transaction T1 calls a business method, no other transaction is allowed to invoke this instance till the end of T1.
- Entity beans: The entity container is common for BMP and CMP and uses Commit option C (EJB2.0 Chapter 10.5.9). That means that for every transaction that uses a bean instance (representing a certain persistent entity) there is a copy of the instance. Concurrent access to the persistent data is managed by locking mechanisms. For BMP entity beans the bean provider is responsible for locking, whereas for CMP entity beans the EJB Container manages the concurrent access. It uses either the Enque server or the database locking mechanisms.
start_app: First, the files that are needed by the container during start (i.e. jar files and other configuration stuff) are downloaded from the DB. Then the descriptors for the application are built and they are used to create the naming contexts for each bean. After that the specific EJB class loader for the application is created and registered, the containers for each EJB are initialized and their EJBHomes and/or EJBLocalHomes are bound to JNDI. Persistence Managers for the CMP entity beans are created and initialized. Finally, the pools for stateless, entity, and message-driven beans are initialized. The default initial pool size is 0 - this means that no instances will be created (and respectively no setSessionContext/setEntityContext/setMessageDrivenContext wil be invoked) at start time. If you wish, you can specify the initial pool size in your ejb-j2ee-engine.xml, like this:
MyStatelessBean InitialSize 10
stop_app: First, the EJBHomes and/or EJBLocalHomes are unbound from JNDI and all EJB naming contexts are destroyed. Then the containers and pools for each EJB are destroyed too. Finally, the EJB class loader for the application is unregistered.
May I deploy the Web components as EAR1 and the corresponding EJB components as EAR2?
Although this scenario is not described in the specification, it is really commonly used and has to be supported. In this case, the dynamically generated P4 stubs are used. If you have the interfaces of the bean in the servlet's ear then there must be also all other helper classes - return types, parameters, exceptions (a common issue is that the EJBObject class can not be loaded and the most probable reason is this). The other possibility is not to have the bean's interfaces in the servlet's ear. Then you should have a reference between the applications. But don't use reference if you already have the interfaces :) This may cause a ClassCastException.
How are the bean instances/EJBObject/EJBHome objects distributed in the cluster environment? Does the client still access the same cluster node?
Every bean component deployed on the J2EE Engine is loaded on every server node of the cluster.
Bean instances (i.e. instances of the bean class) live in every server node.
The distribution of the remote EJBHome and EJBObjects is managed by the remote protocol (the default one for the J2EE Engine is P4). When a remote object is created on a server node the P4 protocol manages a connection from the client to that object. That means that the client is always connected to a certain server node.
What happens if the server node to which the client is connected crashes? Is there a failover mechanism?
If the server node to which the client is connected crashes, the remote protocol redirects the call to another server node where a new remote object will process the subsequent client calls. The failover mechanism is different for the diffenrent types of beans:
- Stateless session beans have no state and their failover is implemented only by redirecting the call to another server node.
- Stateful failover serializes stateful bean instances in a persistent storage (the file system or the system database). Thus the last state of the session is replicated.
- Entity beans are persisted in the database and that's why they are synchronized with the consistent data in the database. The entities are locked in the Enque server and then loaded from the database. If a server crashes during an entity bean update, the transaction will be considered as invalid. The next request to the same entity will be dispatched to a working server and the last committed state will be loaded from the database.
Should I clear/reinitialize bean's fields inside ejbPassivate/ejbActivate?
Stateful session- and entity beans: For minimizing the jndi lookups, my bean looks up some references (jndi context root, ejbHome of related beans, a datasource object, UserTransaction object) inside setSessionContext/setEntityContext (or ejbCreate) and it stores it locally into private fields.
Should they make the lookups again inside ejbActivate() and should they set the references to null inside ejbPassivate()?
Stateful sessions can keep references to some not serializable object after ejbPassivate() (EJB2.0 Chapter 7.4.1). These objects are jndi contexts - the root or any of its subcontexts; UserTransaction object, SessionContext object; EJBHome, EJBObject, EJBLocalHome, EJBLocalObject references. These references may not be set to null in ejbPassivate and that means not to be initialized again in ejbActivate. The opposite applies accordingly for any kind of resources and resource factories - data sources, connections, sockets, etc.
For entity beans it is quite different. After ejbPassivate() is called to a bean it applies a 'passive' state. The passive instances are kept in a pool and are used for finder methods execution. That means that they may have any kind of references - data sources, connections, etc. We recommend not to keep open connections in a passive instance because this may cause problems (like never releasing the connections).
Do references to plain Java classes survive the passivation/activation - ( e.g. I use dao class instances)
Yes, but the classes must implement java.io.Serializable (again EJB2.0 Chapter 7.4.1)
Should EJB instances set their references to null inside ejbRemove (for clean up)?
After ejbRemove() entity beans go in a 'passive' state, and just like in ejbPassivate, there is no reason to set their references to null, but it's a good idea if they close all open connections. Session beans stop their existence after ejbRemove(), so they MUST close all open resources. The ejb instances will be garbage collected so there is no need to set their references to null, but if an open resource remains it may never be released.
Should I call remove() to a session bean in order to clean up the associated EJBObjects (stub/skeleton)?
For stateless session beans it makes no sense to invoke the remove() method as this does not trigger the invoking of the ejbRemove() method on any bean instance.
For stateful session beans cleaning up EJBObjects is important as they are remote objects and cleaning them means removing all proxy objects that are used by the remote protocols. The stateful session beans' remove() method triggers invoking the ejbRemove() method on the corresponding bean instance. That is why invoking it is important if there is a specific business logic implemented in the bean's ejbRemove() method. Otherwise (if the session bean's client hasn't explicit reason to invoke remove) it may omit it. For these cases the session container has a timeout for the active sessions (active means EJBObjects/EJBLocalObject that are obtained by a home's create method and are not removed). If such sessions are not used for a specified period they are removed and the container cleans up all related objects. To avoid keeping objects that are not used on the server for a long time, it is a good design for the applications to invoke remove() always when they are able to do it.
Is the stateful bean the better choice than stateless because of the possibility of utilizing the SessionSynchronization interface?
The answer is no, it is not possible to claim that the one kind is better than the other. They are just different and it depends on the application design which of them is more suitable. SessionSynchronization interface is useless for stateless sessions because the instances are not associated with the session - they are stateless. That means that different methods in the same session (through the same EJBObject) could be (and most probable are) invoked on different instances so they must not keep any information between method calls.
6.30 stateful session beans: How does the passivation/activation work?
The EJB Container uses the LRU (least recently used) algorithm for choosing which stateful session bean instances to be passivated. The instances are serialized and written into a persistent storage (the file system or the system database).
Is there a performance difference between stateful and stateless session beans?
Until SP4 the differences in the implementation were not big. Therefore, we do not expect a significant difference in the performance.
Since SP5 the remote communication for stateless session beans is changed in a way that only one remote object is used for all EJBObjects. This makes the create methods very fast as they are executed only on the client side without executing a remote call.
What is the performance of CMP- versus BMP entity beans with 6.30?
When CMP entity beans can be used, they have proved to be faster than BMP beans. However, the results may vary and depend on the application and its behavior with the persistent data. According to our measurements with the SPECjAppServer 2003 benchmark:
CMP beans are more scalable than BMP beans. On the same configuration, the CMP version of the benchmark application processes the requests of 50% more clients than the BMP version.
The response times for the different transactions with CMP are between 20% and 100% better the response times with BMP.
The life-cycle management of the entity beans is the same for BMP and CMP. The better performance is due to optimizations in the persistence management.
Entity beans: At which point of time will ejbLoad/ejbStore be called?
ejbLoad: before a first method call inside a new transaction.
ejbStore: prior to transaction's commit - beforeCompletion() method of javax.transaction.Synchronization interface (JTA) is used. In addition, for CMP, ejbStore is called before finder methods: the updated data is flushed into the database (for performance reasons this is optional - there is a tag "switch-off-storing" in persistent.xml). The special thought here is that storing before finder methods is not specified for BMP, but if a transaction has accessed both BMP and CMP beans and after that it calls a CMP finder method, then ejbStore will be called for all BMP and CMP beans.
What is the "n+1 finder problem" ?
Entity beans by default force you to first load a collection of keys for the dataset you want to access and then go through this set and get the data records key by key. This results in n+1 round trips to the database, where "n" is the number of records needed.
Does the 6.30 container cache the whole entities after a finder method call? How can the "n+1 finder problem" be avoided?
a. For CMP?
With the default configuration only primary keys are loaded. When a single entity is accessed, it is loaded and locked regarding the transaction's isolation level. The "n+1 finder problem" can be avoided be specifying the load-selected-objects property for the corresponding finder method. Then the whole entities will be loaded in the finder method and will be cached until the end of the transaction.
b. For BMP?
Finder methods are implemented by the bean provider. The EJB Container extracts only the primary keys of the selected entities. Each entity is loaded on demand ? the first time it is accessed. The architecture does not allow the EJB Container to implement any caching and thus to solve the "n+1 finder problem".
May I avoid the "n+1 finder problem" using ejbHome methods instead of ejbFind methods?
Yes. ejbHome methods can be used for operations like increaseAllSallaries(). This is done instead of invoking a finder method and then using business methods on every single instance of the resulting data. With BMP this whole operation can be made with a single query and is the only way to avoid the "n+1 finder problem".
CMP Entity beans: Which kind of data source has to be used: Open SQL/Native SQL/Vendor SQL?
All stated possibilities are allowed.
What is the difference between Open SQL/Native SQL/Vendor SQL?
The three modi are adjusted from the administrator for the engine for every datasource. It defines whether this datasource is using SAP persistence level Open SQL or something in between.
1. Open SQL: You will have full support of the SAP persistence level. This means that SQL requests have to be written in Open SQL grammar, thus ensuring they will run with all DB's supported by SAP. You can use statement cache, SQL trace and the table buffer. Buffering tables has to be configured in.
2. Native SQL: You don't use Open SQL, but parts of the persistence level, that allows you to use the statement cache and SQL trace.
3. Vendor SQL: You are on plain JDBC using the vendor specific driver. No special support for persistence features. You still benefit from serverside connection pooling and transaction management service.
Should I lock the table/entity explicitly when implementing persistence using EJB components?
If using: - session beans - entity bean with BMP - entity beans with CMP?
Answer: When you use session beans or BMP you have to make explicit locking - the bean provider is responsible for the synchronization.
For CMP the synchronization is managed by the Persistence Manager, so the application must not do any kind of locking
If I have to lock do I use the Enque Server interfaces?
All applications that use common persistent data must use the same locking mechanism in order to synchronize their access to the data. Therefore, it depends on whether your persistent data can be accessed by other applications and what locking mechanism they use. If they use the database locking mechanisms you must also use them. If they use the Enque server locking, you must also use it. The EJB Container provides both options for CMP entity beans.
If you use the Enque server locking you must do it by the TableLocking API from the applocking service.
CMP: How does the EJB Container (Persistence Manager) manage the locking?
Persistence Manager uses only pessimistic concurrency control based on different isolation levels and locking in Enque server or in the database. If you have a read-only CMP bean it is better to specify this when describing its O/R mapping in persistent.xml descriptor. Thus you will escape any locking for that bean and will increase the performance.
Which kind of transaction should my EJB bean use: local(JDBC) or global(JTA)?
At best, EJB beans should not start end-to-end transactions explicitly at all. They rather should use the container-managed transaction demarcation and rely on the transaction management done by the EJB Container. Entity beans must use the container-managed transaction demarcation. If you need the explicite (bean-managed) transaction demarcation for a session bean, only JTA transactions must be used.
What is the default transaction attribute for container-managed transaction demarcation?
It is possible to deploy EJB components with container-managed transaction management without having set the transaction attributes for metods.
The default transaction attribute is :
"Supports" for session which means,
a. if a client is part of a transaction: the call is executed in the same transaction;
b. if a client has no transaction: the call is executed without a transaction context.
"Required" for entity beans which means,
a. if a client is part of a transaction: the call is executed in the same transaction;
b. if a client has no transaction: a new transaction is started for executing the call.
"Not Supported" for message-driven beans which means the call will be executed without a transaction context
(BMP) Entity beans: During JTA transaction commit the method ejbPassivate() is called. Why ?
Our EJB Container uses the 'Commit option C', i.e. it associates an active bean instance with a JTA transaction. At the end of the transaction ejbStore() method is invoked and the instance is passivated (returned to the pool). Before passivating an instance, the EJB Container has to call the method ejbPassivate().
When should I use a plain Java RMI client? Which libraries does a Java RMI client need?
A plain Java RMI client is very convenient for small EJB components testing purposes. However, there is no specification for such an RMI client and it may not work correctly in certain situations, e.g. it cannot manage transactions. With regard to J2EE the only possible clients of an EJB bean are appclients, Web components, and other EJBs.
In order to access the EJB components an RMI client needs the libraries:
The ejb-client jar of your deployed EJB application. You can retrieve it either through the runtime view of deploy service in Visual Admin, or through the command shell on the server (using the command CLIENTJARS from DEPLOY group).
The SAPJ2EEEngineClient.jar library as provided inside the Engine's build procedure.
SAP Portal - FAQ 3
What exactly is the SAP Web Application Server?
The SAP Web Application Server is the reliable, open standard-based application server from SAP. It supports both J2EE and ABAP, and serves as the underlying infrastructure for all new and upcoming SAP solutions, like SAP R/3 Enterprise, SAP Portal, SAP Exchange Infrastructure, and all other SAP components. The SAP Web Application Server is not a new product, it is the natural evolution of proven SAP application server technology formerly known as SAP Basis. It provides the platform to develop, execute, and operate Web applications and Web services as well as traditional SAP GUI based applications
Does the SAP Web Application Server replace the SAP Internet Transaction Server (SAP ITS)?
No, the SAP Internet Transaction Server (SAP ITS) will continue to be supported in the future and is integrated into Web Application Server from version 6.40 on. This is because the SAP ITS will in future display Dynpro-based SAP applications to the Web, either using the HTML-GUI or with HTML-template based IACs. This integration reduces the additional hardware for an external ITS. All SAP ITS based applications and the administration will work as before.
Flow Logic technology will also not be supported by the SAP Web Application Server. ITS Flow Logic is an approach to Web application development that is now completely covered by the new "Business Server Pages" technology and others. New applications based on ITS Flow Logic are no longer developed by SAP. Existing applications based on ITS Flow Logic will continue to be supported. SAP recommends customers use the Business Server Pages for new projects or projects in an early stage of development instead of ITS Flow Logic.
Will my application run on SAP Web AS?
The SAP Web Application Server is the foundation for all new and upcoming SAP solutions, like SAP R/3 Enterprise (MySAP ERP respectively), SAP Portal, SAP Exchange Infrastructure, and all other SAP components. Basically an SAP application will run on top of the SAP Web Application Server, if SAP ships the application or solution based on the SAP Web Application Server (for current information about SAP components availability see: Platform and Technology Information Center.
Furthermore, a non-SAP application that is based on J2EE could run on the Web Application Server if this application is J2EE compliant.
SAP Web Application Server 6.40 provides a J2EE Engine which is an J2EE 1.3-compliant application server, that is, every J2EE-1.3 compliant application will run on it. The only thing to do is configure external resources used by your application (for example, the database, the JMS resource) inside SAP Web Application Server 6.40 and to (re)deploy your application on SAP Web Application Server 6.40. However, many third party J2EE application servers provide additional, proprietary server functions, making applications possibly not immediately portable. Check if your J2EE 1.3 application is using such non-standard extensions.
Will my SAP application also run on third party application servers?
There are two cases here to consider. If your application is written in ABAP the answer clearly is no. If your application is written in Java the answer is not that easy. Any J2EE application can of course be ported to other servers. This definitely means that there will be some porting effort, dependent on the specific case and the J2EE technologies used. SAP will not automatically support this.
Be aware that J2EE will help a lot to standardize your application but at the same time will not guarantee a seamless port-by-copy approach.
Should I use Java or ABAP as the programming language for Web application development?
The Java development and runtime environment is gradually being built up, extended, and integrated in the SAP Web Application Server by SAP. However, it will still take some time in the market before the Java/J2EE platform offers the performance and reliability that the ABAP environment has already had for a long time.
On the other hand Java development today is preferred for many projects done in the corporate area. Your decision on using one or the other should be based on the kind of resources you have available.
When mixing technologies it is a good idea to do a proof of concept for that project to be sure that it works in the way you expect.
Does SAP Web Application Server available for High Availability (HA)?
Yes, there are several measures to prevent unplanned downtimes eliminating single points of failure. Basically, all critical system components of the SAP Web AS can be configured redundantly. When one single component crashes a remaining component can take over the tasks of the failed one. The SAP Web AS can be used both in local fail-over and disaster recovery scenarios.
More information can be found in sapnet under alias /ha
What are the most important HA features of the SAP Web AS?
The SAP Web AS has built-in scalability and redundancy: Multiple front-ends can run against multiple application servers. Using load-balancing features (logon load balancing and Web Dispatcher), the requests will be directed to the best suitable application server. The database can be protected with common HA measures as clustering, parallel database, or standby databases. After a fail-over of the database, the work processes can reconnect and continue their work. A single SAP Web AS instance itself has a high reliability due to its proven memory management and application isolation features: A failure of a process only affects one single user session
Does SAP guarantee defined availability levels?
No, it is not possible to guarantee availability levels because the customer environments are very different and contain a lot of non-SAP components (for example, hardware, network). However, lots of our customers experience system availability of 99.5% and above.
Could I upgrade my existing SAP solution (for example, R/3 4.5) to the SAP Web Application Server 6.20?
No, this is not possible and was also not possible for previous SAP solutions. Then, the SAP Basis (which is now SAP Web Application Server) was in a composite with the application component. That bundle was shipped as a SAP Solution like R/3 4.5. The upgrade was always an upgrade of the whole bundle. This means that to use the SAP Web Application Server features you have to install a SAP Web Application Server separately in front of your existing SAP System and connect to that system using RFC, for example. Or you have to upgrade to the SAP solution, which is based on the SAP Web Application Server like R/3 Enterprise
What is the Web Dynpro?
Web Dynpro is a runtime and development environment for creating easily adaptable Web based user interfaces. The Web Dynpro programming model goes a step further than the server side scripting models by providing graphical design tools that allow the development of the UI independently of the underlying runtime platform. The runtime coding will be generated for all platforms (Java and ABAP) out of these UI definitions.
What are Business Server Pages (BSP)?
The "Business Server Pages" (BSP) programming model is the server side scripting technology of the SAP Web Application Server. This has advantages when existing SAP logic, data structures and interfaces need to be implemented in a "native" Web application. A BSP page usually consists of HTML text which includes ABAP as a server side scripting code in special tags. The scripting code allows direct to access to all elements (function modules, database tables, ABAP objects, and so on) in the application server. It combines the advantages of the trusted SAP development environment with the well-known page-based approach for Web application development (like Microsoft ASP, Java JSP).
What is the benefit of using the SAP Java Tag Library or the BSP Extensions compared to plain HTML?
The HTMLB library provides predefined UI elements (Buttons, Input Fields, Tables) for JSPs and BSPs which speed up the development of typical Web applications enormously. Additionally, the HTMLB library allows the development of Web applications with a consistent look and feel, even in bigger development teams.
The SAP Web Application Server is the reliable, open standard-based application server from SAP. It supports both J2EE and ABAP, and serves as the underlying infrastructure for all new and upcoming SAP solutions, like SAP R/3 Enterprise, SAP Portal, SAP Exchange Infrastructure, and all other SAP components. The SAP Web Application Server is not a new product, it is the natural evolution of proven SAP application server technology formerly known as SAP Basis. It provides the platform to develop, execute, and operate Web applications and Web services as well as traditional SAP GUI based applications
Does the SAP Web Application Server replace the SAP Internet Transaction Server (SAP ITS)?
No, the SAP Internet Transaction Server (SAP ITS) will continue to be supported in the future and is integrated into Web Application Server from version 6.40 on. This is because the SAP ITS will in future display Dynpro-based SAP applications to the Web, either using the HTML-GUI or with HTML-template based IACs. This integration reduces the additional hardware for an external ITS. All SAP ITS based applications and the administration will work as before.
Flow Logic technology will also not be supported by the SAP Web Application Server. ITS Flow Logic is an approach to Web application development that is now completely covered by the new "Business Server Pages" technology and others. New applications based on ITS Flow Logic are no longer developed by SAP. Existing applications based on ITS Flow Logic will continue to be supported. SAP recommends customers use the Business Server Pages for new projects or projects in an early stage of development instead of ITS Flow Logic.
Will my application run on SAP Web AS?
The SAP Web Application Server is the foundation for all new and upcoming SAP solutions, like SAP R/3 Enterprise (MySAP ERP respectively), SAP Portal, SAP Exchange Infrastructure, and all other SAP components. Basically an SAP application will run on top of the SAP Web Application Server, if SAP ships the application or solution based on the SAP Web Application Server (for current information about SAP components availability see: Platform and Technology Information Center.
Furthermore, a non-SAP application that is based on J2EE could run on the Web Application Server if this application is J2EE compliant.
SAP Web Application Server 6.40 provides a J2EE Engine which is an J2EE 1.3-compliant application server, that is, every J2EE-1.3 compliant application will run on it. The only thing to do is configure external resources used by your application (for example, the database, the JMS resource) inside SAP Web Application Server 6.40 and to (re)deploy your application on SAP Web Application Server 6.40. However, many third party J2EE application servers provide additional, proprietary server functions, making applications possibly not immediately portable. Check if your J2EE 1.3 application is using such non-standard extensions.
Will my SAP application also run on third party application servers?
There are two cases here to consider. If your application is written in ABAP the answer clearly is no. If your application is written in Java the answer is not that easy. Any J2EE application can of course be ported to other servers. This definitely means that there will be some porting effort, dependent on the specific case and the J2EE technologies used. SAP will not automatically support this.
Be aware that J2EE will help a lot to standardize your application but at the same time will not guarantee a seamless port-by-copy approach.
Should I use Java or ABAP as the programming language for Web application development?
The Java development and runtime environment is gradually being built up, extended, and integrated in the SAP Web Application Server by SAP. However, it will still take some time in the market before the Java/J2EE platform offers the performance and reliability that the ABAP environment has already had for a long time.
On the other hand Java development today is preferred for many projects done in the corporate area. Your decision on using one or the other should be based on the kind of resources you have available.
When mixing technologies it is a good idea to do a proof of concept for that project to be sure that it works in the way you expect.
Does SAP Web Application Server available for High Availability (HA)?
Yes, there are several measures to prevent unplanned downtimes eliminating single points of failure. Basically, all critical system components of the SAP Web AS can be configured redundantly. When one single component crashes a remaining component can take over the tasks of the failed one. The SAP Web AS can be used both in local fail-over and disaster recovery scenarios.
More information can be found in sapnet under alias /ha
What are the most important HA features of the SAP Web AS?
The SAP Web AS has built-in scalability and redundancy: Multiple front-ends can run against multiple application servers. Using load-balancing features (logon load balancing and Web Dispatcher), the requests will be directed to the best suitable application server. The database can be protected with common HA measures as clustering, parallel database, or standby databases. After a fail-over of the database, the work processes can reconnect and continue their work. A single SAP Web AS instance itself has a high reliability due to its proven memory management and application isolation features: A failure of a process only affects one single user session
Does SAP guarantee defined availability levels?
No, it is not possible to guarantee availability levels because the customer environments are very different and contain a lot of non-SAP components (for example, hardware, network). However, lots of our customers experience system availability of 99.5% and above.
Could I upgrade my existing SAP solution (for example, R/3 4.5) to the SAP Web Application Server 6.20?
No, this is not possible and was also not possible for previous SAP solutions. Then, the SAP Basis (which is now SAP Web Application Server) was in a composite with the application component. That bundle was shipped as a SAP Solution like R/3 4.5. The upgrade was always an upgrade of the whole bundle. This means that to use the SAP Web Application Server features you have to install a SAP Web Application Server separately in front of your existing SAP System and connect to that system using RFC, for example. Or you have to upgrade to the SAP solution, which is based on the SAP Web Application Server like R/3 Enterprise
What is the Web Dynpro?
Web Dynpro is a runtime and development environment for creating easily adaptable Web based user interfaces. The Web Dynpro programming model goes a step further than the server side scripting models by providing graphical design tools that allow the development of the UI independently of the underlying runtime platform. The runtime coding will be generated for all platforms (Java and ABAP) out of these UI definitions.
What are Business Server Pages (BSP)?
The "Business Server Pages" (BSP) programming model is the server side scripting technology of the SAP Web Application Server. This has advantages when existing SAP logic, data structures and interfaces need to be implemented in a "native" Web application. A BSP page usually consists of HTML text which includes ABAP as a server side scripting code in special tags. The scripting code allows direct to access to all elements (function modules, database tables, ABAP objects, and so on) in the application server. It combines the advantages of the trusted SAP development environment with the well-known page-based approach for Web application development (like Microsoft ASP, Java JSP).
What is the benefit of using the SAP Java Tag Library or the BSP Extensions compared to plain HTML?
The HTMLB library provides predefined UI elements (Buttons, Input Fields, Tables) for JSPs and BSPs which speed up the development of typical Web applications enormously. Additionally, the HTMLB library allows the development of Web applications with a consistent look and feel, even in bigger development teams.
SAP Portal - FAQ 2
1. What is SAP Enterprise Portal?
SAP EP offers users role-specific, Web-based and secure access to all relevant information, applications and services. Employees only need a desktop and a Web Browser, and can begin work once they have been authenticated in the portal.
2. What components does SAP Enterprise Portal contain?
SAP Enterprise Portal contains the NetWeaver components Portal, Knowledge Management, and Collaboration. In addition, SAP provides pre-defined content. At the moment the portfolio contains more than 100 business packages, which are shipped in multiple languages.
3. What is the relationship between Web Dynpro and SAP Enterprise Portal? Are iViews and Web Dynpro competing technologies?
Web Dynpro is SAP's programming model for developing professional and interactive Web user interfaces for business applications.
An iView is a logical portal content module representing a visual application or part of one. One or more iViews are combined on a portal page, which is then assigned to users by the role definition. Web Dynpro UIs are integrated in SAP Enterprise Portal with iViews.
4. What personalization functions does SAP Enterprise Portal provide?
Portal roles are a central element of SAP Enterprise Portal. They structure the content and are defined for specific end users.
A role is a collection of task-specific content. Roles are defined based on responsibilities and areas of interest, and are created by a role administrator. A user can be assigned one or more roles (for example, the roles employee and staff). The roles define the content of the portal navigation as well as the content of the portal. Role assignment can therefore be seen as a pre-personalization of the portal - a personalization that is performed by the administrator and not by the user (personalization level 1). Depending on their permissions, users can also adjust the look and feel of the portal, maintain user-specific attributes (personalization level 2), change portal pages by adding or deleting iViews (personalization level 3), and personalize individual iViews (personalization level 4).
5. What tools does SAP provide for creating portal content?
SAP provides tools for creating and developing portal content, depending on the target group and the complexity of the applications.
One distinguishes between
Portal Content Studio: An administration environment integrated in SAP Enterprise Portal that is used for code-free development of portal content using wizards.
SAP NetWeaver Visual Composer: Model-based development of portal content by simply using graphic tools.
SAP NetWeaver Developer Studio (Web Dynpro perspective): Based on the powerful Web Dynpro programming model, application developers can develop Web user interfaces for professional business applications.
SAP NetWeaver Developer Studio (J2EE + PDK perspective): The SAP NetWeaver Developer Studio offers complete support when developing Java projects.
SAP ABAP Workbench: The ABAP Workbench provides the Business Server Page (BSP) technology for creating Web user interfaces.
All the portal content created using these tools can be seamlessly integrated in SAP Enterprise Portal using the portal services already presented.
6. What are the key features of the portal?
The portal is more than just a "page paste" and different services for handling the interaction between iViews. Typical examples for the integration technology are:
Client Eventing: Enables iViews to communicate with one another at the client side and to communicate with the portal itself.
Work Protect: Function providing an infrastructure for handling unsaved data in portal applications, for example if users navigate in the portal without first having stored their entries in an application.
Session Management: Contains in particular the session persistence to retain the last session status of the user (for example when navigating to another portal page) as well as a server session termination function for releasing resources on the backend system (for example when closing the browser).
Portal Navigation: SAP Enterprise Portal offers more than simply navigation between individual portal pages, in particular.
Object-based navigation (OBN): It provides users with a navigation feature based on the actual business objects from productive backend systems.
Drag&Relate: iViews can contain objects representing business elements of a backend application (for example customer). If users pull such an object, as with Drag&Drop, and relate it to another object in the Drag&Relate target object area, they can navigate between different applications containing similar, but not identical business objects.
Dynamic Navigation: The portal enables you to assign navigation objects to pages and iViews as context-sensitive dynamic navigation iViews. This means that navigation targets are provided dynamically depending on the action selected.
7. Which security features does SAP Enterprise Portal offer?
The portal offers the following security features to help keep your portal secure.
Authentication: When users access the portal, they must provide some form of identification in the form of user ID and password, client certificates, and so on. The portal supports authentication with user ID and password, X.509 certificates, integrated Windows authentication, external Web access management tools.
Single Sign-On: Once users have successfully logged on to the portal, they can access all information, applications, and services without repeatedly having to log on.
Authorization: ACL-based permissions ensure that users can only access portal objects for which they have the required authorization. Authorization for applications integrated in the portal are handled by the systems on which the applications run.
User Management: Existing corporate LDAP directories in your system landscape can be leveraged by the portal. Alternatively user data can be retrieved from a SAP Web Application Server ABAP or from a database.
Secure Communications: Secure Sockets Layer (SSL) and Secure Network Communications (SNC) can be used to build a secure channel between the user's Web browser, the portal server, and backend systems.
Secure network architecture: Recommendations for a secure network architecture for the portal are available in the Portal Security Guide.
Security logging: Security-relevant events such as user logon, or changes to permissions, are logged.
8. How is user management implemented in SAP Enterprise Portal?
The portal uses the 'User Management Engine' (UME) which is an integral part of SAP Web Application Server Java. The UME manages user and user-related data (roles, groups) which can be retrieved from an LDAP directory, a SAP Web Application Server Java, a database, or a combination of these. Administration tools allowing you to manage users, groups, and roles are integrated in the portal user administrator role. A configuration tool for configuring the UME is integrated in the portal system administrator role.
In addition, the UME provides many features such as self-registration with approval workflow, notification emails, and so on.
9. How can I integrate the user management of the portal with that of other systems?
The portal user management is very flexible and allows you to use a variety of repositories for storing and retrieving user data. In particular, it allows you to leverage existing user repositories in your system rather than having to set up a new user repository.
For example, if you are using your portal in a system landscape that includes many non-SAP systems, you can provide a central user base using an LDAP directory and configure the portal to use the LDAP directory as its user repository.
On the other hand, if you are using your portal in a system landscape that consists of SAP systems only, you can set up Central User Administration (CUA) on one of the ABAP-based systems and configure your portal to use the ABAP user management as its user repository.
SAP EP offers users role-specific, Web-based and secure access to all relevant information, applications and services. Employees only need a desktop and a Web Browser, and can begin work once they have been authenticated in the portal.
2. What components does SAP Enterprise Portal contain?
SAP Enterprise Portal contains the NetWeaver components Portal, Knowledge Management, and Collaboration. In addition, SAP provides pre-defined content. At the moment the portfolio contains more than 100 business packages, which are shipped in multiple languages.
3. What is the relationship between Web Dynpro and SAP Enterprise Portal? Are iViews and Web Dynpro competing technologies?
Web Dynpro is SAP's programming model for developing professional and interactive Web user interfaces for business applications.
An iView is a logical portal content module representing a visual application or part of one. One or more iViews are combined on a portal page, which is then assigned to users by the role definition. Web Dynpro UIs are integrated in SAP Enterprise Portal with iViews.
4. What personalization functions does SAP Enterprise Portal provide?
Portal roles are a central element of SAP Enterprise Portal. They structure the content and are defined for specific end users.
A role is a collection of task-specific content. Roles are defined based on responsibilities and areas of interest, and are created by a role administrator. A user can be assigned one or more roles (for example, the roles employee and staff). The roles define the content of the portal navigation as well as the content of the portal. Role assignment can therefore be seen as a pre-personalization of the portal - a personalization that is performed by the administrator and not by the user (personalization level 1). Depending on their permissions, users can also adjust the look and feel of the portal, maintain user-specific attributes (personalization level 2), change portal pages by adding or deleting iViews (personalization level 3), and personalize individual iViews (personalization level 4).
5. What tools does SAP provide for creating portal content?
SAP provides tools for creating and developing portal content, depending on the target group and the complexity of the applications.
One distinguishes between
Portal Content Studio: An administration environment integrated in SAP Enterprise Portal that is used for code-free development of portal content using wizards.
SAP NetWeaver Visual Composer: Model-based development of portal content by simply using graphic tools.
SAP NetWeaver Developer Studio (Web Dynpro perspective): Based on the powerful Web Dynpro programming model, application developers can develop Web user interfaces for professional business applications.
SAP NetWeaver Developer Studio (J2EE + PDK perspective): The SAP NetWeaver Developer Studio offers complete support when developing Java projects.
SAP ABAP Workbench: The ABAP Workbench provides the Business Server Page (BSP) technology for creating Web user interfaces.
All the portal content created using these tools can be seamlessly integrated in SAP Enterprise Portal using the portal services already presented.
6. What are the key features of the portal?
The portal is more than just a "page paste" and different services for handling the interaction between iViews. Typical examples for the integration technology are:
Client Eventing: Enables iViews to communicate with one another at the client side and to communicate with the portal itself.
Work Protect: Function providing an infrastructure for handling unsaved data in portal applications, for example if users navigate in the portal without first having stored their entries in an application.
Session Management: Contains in particular the session persistence to retain the last session status of the user (for example when navigating to another portal page) as well as a server session termination function for releasing resources on the backend system (for example when closing the browser).
Portal Navigation: SAP Enterprise Portal offers more than simply navigation between individual portal pages, in particular.
Object-based navigation (OBN): It provides users with a navigation feature based on the actual business objects from productive backend systems.
Drag&Relate: iViews can contain objects representing business elements of a backend application (for example customer). If users pull such an object, as with Drag&Drop, and relate it to another object in the Drag&Relate target object area, they can navigate between different applications containing similar, but not identical business objects.
Dynamic Navigation: The portal enables you to assign navigation objects to pages and iViews as context-sensitive dynamic navigation iViews. This means that navigation targets are provided dynamically depending on the action selected.
7. Which security features does SAP Enterprise Portal offer?
The portal offers the following security features to help keep your portal secure.
Authentication: When users access the portal, they must provide some form of identification in the form of user ID and password, client certificates, and so on. The portal supports authentication with user ID and password, X.509 certificates, integrated Windows authentication, external Web access management tools.
Single Sign-On: Once users have successfully logged on to the portal, they can access all information, applications, and services without repeatedly having to log on.
Authorization: ACL-based permissions ensure that users can only access portal objects for which they have the required authorization. Authorization for applications integrated in the portal are handled by the systems on which the applications run.
User Management: Existing corporate LDAP directories in your system landscape can be leveraged by the portal. Alternatively user data can be retrieved from a SAP Web Application Server ABAP or from a database.
Secure Communications: Secure Sockets Layer (SSL) and Secure Network Communications (SNC) can be used to build a secure channel between the user's Web browser, the portal server, and backend systems.
Secure network architecture: Recommendations for a secure network architecture for the portal are available in the Portal Security Guide.
Security logging: Security-relevant events such as user logon, or changes to permissions, are logged.
8. How is user management implemented in SAP Enterprise Portal?
The portal uses the 'User Management Engine' (UME) which is an integral part of SAP Web Application Server Java. The UME manages user and user-related data (roles, groups) which can be retrieved from an LDAP directory, a SAP Web Application Server Java, a database, or a combination of these. Administration tools allowing you to manage users, groups, and roles are integrated in the portal user administrator role. A configuration tool for configuring the UME is integrated in the portal system administrator role.
In addition, the UME provides many features such as self-registration with approval workflow, notification emails, and so on.
9. How can I integrate the user management of the portal with that of other systems?
The portal user management is very flexible and allows you to use a variety of repositories for storing and retrieving user data. In particular, it allows you to leverage existing user repositories in your system rather than having to set up a new user repository.
For example, if you are using your portal in a system landscape that includes many non-SAP systems, you can provide a central user base using an LDAP directory and configure the portal to use the LDAP directory as its user repository.
On the other hand, if you are using your portal in a system landscape that consists of SAP systems only, you can set up Central User Administration (CUA) on one of the ABAP-based systems and configure your portal to use the ABAP user management as its user repository.
SAP Portal - FAQ 1
1) Accessing a Portal Component in the Default Mode?
Ans: doContent();
2) Extending class when Developing your Portal Components?
Ans: AbstractPortalComponent.
3) Portal Runtime calls the methods in the Life Cycle
Ans: init(), service(), destroy()
4) What are the Parameters that we have to pass to doConent();
Ans: IPortalComponentRequest ,IPortalComponentResponse;
5) How do u access a Resource from a request object
Ans: request.getResource();
6) Personalization concept what are the data type, the type attribute supports
Ans : String , Date , Select , Boolean (however, the Date does not work in my try out)
7) How do u get the property from the IPortalCompenentProfile
Ans : getProperty(String)
8) What is the method has to be overridden by the class that extends from PageProcessorComponent
Ans : getPage(); A static inner class extends JSPDynPage and in getPage, new the inner class.
9) Give the sequence of methods execution of DynPage
Ans :
1) doInitialization()
2) doProcessAfterInput()
3) doProcessBeforeOutput()
10) sequence of method calls when an event occurs
Ans :
1) doProcessAfterInput()
2) on[eventhandlername]
3) doProcessBeforeOutput()
11) how do u get the getCurrentEvent();
Ans :
IPageContext myContext = PageConectFactory.createPageConext(request,responce);
Event = myContext.getCurrentevent();
12) onClientClick() and onClick() are specified then which method will be called first
Ans : onClientClick();
13) JSPDynPage uses _________ type of approach
Ans : Model View Controller
14) The two properties in the component profile indicate that a JSP need to be compiled into portal component :
Ans :
Property name = JSP
Property name = ComponentType
15) Which one is true in the following statement
a)<%@ taglib uri = hbj prefix = htmlb>
b)<%@ taglib uri = hbj prefix = hbj>
c)<%@ taglib uri = hbj prefix = htmlb>
d)<%@ taglib uri = htmlb prefix = hbj>
Ans : a ( I think the answer shall be d.)
16) How do u call a jsp file :
Ans : setJspName();
17) If java Script are used _______tag is necessary for the page
Ans : Page tag
18) Which tag is used for including bean in the jsp file
Ans : [jsp:]
19) What is the scope of the bean
Ans : Session
20) Give the objects that are extend form the IPrincipal
Ans : IGroup, IRole, IUser, IUserAccount, IUserMaint,
21) ____is the Central object from which all UME object factories are obtained
Ans : UMFactory
22) IUser user = UMfactory.getUserfactory().getUserbyLogonID(uid)
String userName = user.getDisplayName();
String email = user.getEmail();
Response.write( userName + username+ Email :+ email);
1) Displays the username and Email ID
2) Throws an exception
3) Doesnt Compile
Ans : 1.
23) List the methods used to create successful user
Ans :
1) NewUser(uid);
2) setFirstName()
3) setLastName()
4) setEmail()
5) setPassword();
24) can we construct an unique id manually .
Ans : false can create a unique id .
25) Unique IDs are used to identify objects across data sources.
Ans :..
26) How do u retrieve log on information
Ans : umdata.enrich(map);
27) What is the return type of map.get("");
Ans : String
28) How do u load the data in the Client Eventing across the iviews
Ans : EPCM.loadClientData();
29) What is the object available in the pages
Ans : EPCM
30) What problems does HTMLB the overcomes on servelts
Ans :
Visualization and business logic are not separate
Development has to take care of different web clients and versions
NamesSpace conflicts with form elements
31) Stored data is identified by the key¦..
Ans : Namespace+name
32) Frame Work Levels
Ans :
Level = 0 ---- not supported by both javaScript, Java
Level = 1 ---- only by browser (java Script )
Level = 2 ---- both javaScript and Java
33) Features of portal Services in the portal
Ans :
1) portal services are way to provide functionality to portal component
2) portal services implement no user interface
3) portal service may be accessed from out side portal framework
34) Why do we need custom portal Services in the portal
Ans :
1) Can be used by other Portal Application
2) Provide commonly used Functionality
3) Can be exposed as webservice
35) To build a new portal service interface must be implemented
Ans :
IService
36) Life cycle of a portal service
Ans :
Init()
Afterinit()
Destroy()
37) Service name =
Ans :
.
.
.
.
38) Portal service name is myService …what would be the name of interface that extends IService
Ans : IMyService
39) JCA/J2EE connector Architecture is not API. True /False
Ans : true
40) ConnectorFrameWork is SAP Extended API from CCI . all methods in Connector FrameWork has methods with suffix as EX()….
Ans : False only some methods
41) What is the method used to get connection in the Java Connectors
Ans : Service.getConnection();
42) How do u get the locale from the request object.
Ans : Request.getLocale();
43) What is the return type for the table type structure .
Ans : IRecordSet.
44) Give the name of the method that returns resource bundle for the current locale.
Ans : getResourceBundle()
45) Localization.properties
Localization_de_DE.properties.
Localization_en_EN.properties.
What is the Resource bundle name : ?
Ans : Localization
46) What is the data type that returns by the method getString (key)
Ans : String
47) How do u access the a key in the properties file xyz = abc
Ans : getString ("xyz")
48) What type of objects can be translated
Ans : Text
49) the portal translation process is supported by tools
Ans :
Translation worklist coordination
Worklist translation
50) to customize the Logoff screen to the portal ----file is used to change
Ans : masthead
51) SAP Recommends not to modify the SAP code , then what are the process to customize the code
Ans :
1) copy the existing file and rename it according to customer name space
2) create new custom component
52) how can we customize the company Branding
Ans :
1) masthead
2) through customize applicaton
53) Their one question on Desktop inner page
54) What are the components that are added to Portal Desktop
Ans :
Default Frame work
Themes
55) What is the jsp name that contains log on page
Ans : umLogonPage.jsp
56) Authschemes.xml is modified to get custom log on component
57) How do u access portal services from WebDynpro applications
Ans : WDPortalUtils
58) Cache Level :
Ans : none ,session ,user,shared
59) getCachingLevel() is used to get the Cachelevel
60) When will the doinitialization () method is called
Ans :
1 When the page is loaded for the first time
2 When the page is refreshed
3 When object is called from the another object
61) Cached objects are retrieved using the --- method
Ans : get(key)
62) How can the portal service access to external Web Service
Ans :
Generate java proxy out of WSDL file with PDK
You can execute the java proxy as portal service
Ans: doContent();
2) Extending class when Developing your Portal Components?
Ans: AbstractPortalComponent.
3) Portal Runtime calls the methods in the Life Cycle
Ans: init(), service(), destroy()
4) What are the Parameters that we have to pass to doConent();
Ans: IPortalComponentRequest ,IPortalComponentResponse;
5) How do u access a Resource from a request object
Ans: request.getResource();
6) Personalization concept what are the data type, the type attribute supports
Ans : String , Date , Select , Boolean (however, the Date does not work in my try out)
7) How do u get the property from the IPortalCompenentProfile
Ans : getProperty(String)
8) What is the method has to be overridden by the class that extends from PageProcessorComponent
Ans : getPage(); A static inner class extends JSPDynPage and in getPage, new the inner class.
9) Give the sequence of methods execution of DynPage
Ans :
1) doInitialization()
2) doProcessAfterInput()
3) doProcessBeforeOutput()
10) sequence of method calls when an event occurs
Ans :
1) doProcessAfterInput()
2) on[eventhandlername]
3) doProcessBeforeOutput()
11) how do u get the getCurrentEvent();
Ans :
IPageContext myContext = PageConectFactory.createPageConext(request,responce);
Event = myContext.getCurrentevent();
12) onClientClick() and onClick() are specified then which method will be called first
Ans : onClientClick();
13) JSPDynPage uses _________ type of approach
Ans : Model View Controller
14) The two properties in the component profile indicate that a JSP need to be compiled into portal component :
Ans :
Property name = JSP
Property name = ComponentType
15) Which one is true in the following statement
a)
b)
c)
d)
Ans : a ( I think the answer shall be d.)
16) How do u call a jsp file :
Ans : setJspName();
17) If java Script are used _______tag is necessary for the page
Ans : Page tag
18) Which tag is used for including bean in the jsp file
Ans : [jsp:]
19) What is the scope of the bean
Ans : Session
20) Give the objects that are extend form the IPrincipal
Ans : IGroup, IRole, IUser, IUserAccount, IUserMaint,
21) ____is the Central object from which all UME object factories are obtained
Ans : UMFactory
22) IUser user = UMfactory.getUserfactory().getUserbyLogonID(uid)
String userName = user.getDisplayName();
String email = user.getEmail();
Response.write( userName + username+ Email :+ email);
1) Displays the username and Email ID
2) Throws an exception
3) Doesnt Compile
Ans : 1.
23) List the methods used to create successful user
Ans :
1) NewUser(uid);
2) setFirstName()
3) setLastName()
4) setEmail()
5) setPassword();
24) can we construct an unique id manually .
Ans : false can create a unique id .
25) Unique IDs are used to identify objects across data sources.
Ans :
26) How do u retrieve log on information
Ans : umdata.enrich(map);
27) What is the return type of map.get("");
Ans : String
28) How do u load the data in the Client Eventing across the iviews
Ans : EPCM.loadClientData();
29) What is the object available in the pages
Ans : EPCM
30) What problems does HTMLB the overcomes on servelts
Ans :
Visualization and business logic are not separate
Development has to take care of different web clients and versions
NamesSpace conflicts with form elements
31) Stored data is identified by the key¦..
Ans : Namespace+name
32) Frame Work Levels
Ans :
Level = 0 ---- not supported by both javaScript, Java
Level = 1 ---- only by browser (java Script )
Level = 2 ---- both javaScript and Java
33) Features of portal Services in the portal
Ans :
1) portal services are way to provide functionality to portal component
2) portal services implement no user interface
3) portal service may be accessed from out side portal framework
34) Why do we need custom portal Services in the portal
Ans :
1) Can be used by other Portal Application
2) Provide commonly used Functionality
3) Can be exposed as webservice
35) To build a new portal service interface must be implemented
Ans :
IService
36) Life cycle of a portal service
Ans :
Init()
Afterinit()
Destroy()
37) Service name =
Ans :
38) Portal service name is myService …what would be the name of interface that extends IService
Ans : IMyService
39) JCA/J2EE connector Architecture is not API. True /False
Ans : true
40) ConnectorFrameWork is SAP Extended API from CCI . all methods in Connector FrameWork has methods with suffix as EX()….
Ans : False only some methods
41) What is the method used to get connection in the Java Connectors
Ans : Service.getConnection();
42) How do u get the locale from the request object.
Ans : Request.getLocale();
43) What is the return type for the table type structure .
Ans : IRecordSet.
44) Give the name of the method that returns resource bundle for the current locale.
Ans : getResourceBundle()
45) Localization.properties
Localization_de_DE.properties.
Localization_en_EN.properties.
What is the Resource bundle name : ?
Ans : Localization
46) What is the data type that returns by the method getString (key)
Ans : String
47) How do u access the a key in the properties file xyz = abc
Ans : getString ("xyz")
48) What type of objects can be translated
Ans : Text
49) the portal translation process is supported by tools
Ans :
Translation worklist coordination
Worklist translation
50) to customize the Logoff screen to the portal ----file is used to change
Ans : masthead
51) SAP Recommends not to modify the SAP code , then what are the process to customize the code
Ans :
1) copy the existing file and rename it according to customer name space
2) create new custom component
52) how can we customize the company Branding
Ans :
1) masthead
2) through customize applicaton
53) Their one question on Desktop inner page
54) What are the components that are added to Portal Desktop
Ans :
Default Frame work
Themes
55) What is the jsp name that contains log on page
Ans : umLogonPage.jsp
56) Authschemes.xml is modified to get custom log on component
57) How do u access portal services from WebDynpro applications
Ans : WDPortalUtils
58) Cache Level :
Ans : none ,session ,user,shared
59) getCachingLevel() is used to get the Cachelevel
60) When will the doinitialization () method is called
Ans :
1 When the page is loaded for the first time
2 When the page is refreshed
3 When object is called from the another object
61) Cached objects are retrieved using the --- method
Ans : get(key)
62) How can the portal service access to external Web Service
Ans :
Generate java proxy out of WSDL file with PDK
You can execute the java proxy as portal service
SAP Portal - Create Custom Layout and Apply the Layout
Create a layout JSP in NetWeaver Developer Studio (NWDS)
mylayout.jsp under the dist/jsp folder
lyt:template
...
/lyt:template
Define component in portalapp.xml
component name="myLayout"
config:
ClassName com.sapportals.portal.pb.layout.PageLayout
ResourceBundleName: pagebuilder_nls
profile:
ComponentType: com.sapportals.portal.layout
com.sap.portal.pcm.Title:
com.sap.portal.pcm.Description:
com.sap.portal.reserved.layout.TagLibLayout : /SERVICE/com.sap.portal.pagebuilder/taglib/layout.tld
com.sap.portal.reserved.layout.TagLibHtmlb: /SERVICE/com.sap.portal.htmlb/taglib/htmlb.tld
com.sap.portal.reserved.layout.TemplateFile: mylayout.jsp
com.sap.portal.reserved.layout.Cont1: the_container_id [title: my container, orientation: vertical]
Deploy the PAR to Portal
Create the layout in Portal Content, actually not necessarily under the Layout Templates.
Set the "Object is a Template" to "Yes"
DONE
mylayout.jsp under the dist/jsp folder
lyt:template
...
/lyt:template
Define component in portalapp.xml
component name="myLayout"
config:
ClassName com.sapportals.portal.pb.layout.PageLayout
ResourceBundleName: pagebuilder_nls
profile:
ComponentType: com.sapportals.portal.layout
com.sap.portal.pcm.Title:
com.sap.portal.pcm.Description:
com.sap.portal.reserved.layout.TagLibLayout : /SERVICE/com.sap.portal.pagebuilder/taglib/layout.tld
com.sap.portal.reserved.layout.TagLibHtmlb: /SERVICE/com.sap.portal.htmlb/taglib/htmlb.tld
com.sap.portal.reserved.layout.TemplateFile: mylayout.jsp
com.sap.portal.reserved.layout.Cont1: the_container_id [title: my container, orientation: vertical]
Deploy the PAR to Portal
Create the layout in Portal Content, actually not necessarily under the Layout Templates.
Set the "Object is a Template" to "Yes"
DONE
SAP Portal - Collapse Portal Favorite as Default
Content Administration -> Portal Content -> select the page/workset -> Edit -> Object
select the category "Navigation" and set the "Initial State of Navigation Panel" to "Always Closed".
select the category "Navigation" and set the "Initial State of Navigation Panel" to "Always Closed".
Monday, May 18, 2009
SAP Portal - JSP DynPage
By default, NWDS will generate two lines for a JSP DynPage component.
property name="ComponentType" value="jspnativa"
property name="JSP" value="pagelet/abc.jsp"
It is necessary to remove these two lines. For me, if not, componentRequest value will not be passed to the page and the value will be null.
property name="ComponentType" value="jspnativa"
property name="JSP" value="pagelet/abc.jsp"
It is necessary to remove these two lines. For me, if not, componentRequest value will not be passed to the page and the value will be null.
SAP Portal - KM Service
import com.sap.netweaver.bc.sf/lib/bc.sf.framework_api.jar.
import com.sap.netweaver.bc.util/lib/bc.util.public_api.jar
and handle WcmException
import com.sap.netweaver.bc.util/lib/bc.util.public_api.jar
and handle WcmException
Thursday, May 14, 2009
SAP Portal - Enable Collabration Room in Portal Application
Download supporting libraries
- log in SAP Portal, System Administration -> Support -> Portal Runtime -> Browse Deployment
- navigate to ROOT/WEB-INF/portal/portalapps/com.sap.netweaver.coll.shared/lib
- download the coll.shared.roomobject_api.jar
- download \portalapps\com.sap.portal.usermanagement\lib\com.sap.security.api.ep5.jar
- download \portalapps\com.sap.netweaver.bc.rf\lib\bc.rf.framework_api.jar
- download \portalapps\com.sap.netweaver.coll.shared\lib\coll.shared.extension_api.jar
- download \portalapps\com.sap.netweaver.coll.shared\lib\coll.shared.types_api.jar
- download \portalapps\com.sap.netweaver.kmc.util\lib\kmc.util.core_api.jar
- actually the downloaded file will be called com.sap.portal.support.browse.zip
- extract the jar to C:\development\sap-portal-7.0.18\lib
- in NWDS, Windows -> Preferences -> Java -> Classpath Variables -> New and add PORTAL_HOME=C:\development\sap-portal-7.0.18\lib
- in a Portal project, right click on the project, Properties -> Java Build Path -> Libraries -> Add Variable
- select PORTAL_HOME, click on Extend
- select the coll.shared.roomobject_api.jar and rest, click on OK
- application-config :: property name = "ServicesReference" :: value = "..., com.sap.netweaver.coll.shared, ..."
Tuesday, May 12, 2009
SAP Portal - User's Own Layout
I created my own layout. Deployed on Portal. then created a layout in Portal Content.
However the layout is not listed when creating a page. Any idea?
However the layout is not listed when creating a page. Any idea?
Thursday, May 07, 2009
SAP Portal - Redirect in Portal Component
You will need to import javax.servlet.http.HttpServletResponse.
SAP NetWeaver Developer Studio 7.0.18. (aka 2004s)
Java build path. Extend ECLIPSE_HOME and add plugins/com.tssap.ext.libs.j2ee_xxx/lib/servlet.jar.
HttpServletResponse httpResponse = request.getServletResponse(true);
try { httpResponse.sendRedirect(url); } catch (IOException e) {}
SAP NetWeaver Developer Studio 7.0.18. (aka 2004s)
Java build path. Extend ECLIPSE_HOME and add plugins/com.tssap.ext.libs.j2ee_xxx/lib/servlet.jar.
HttpServletResponse httpResponse = request.getServletResponse(true);
try { httpResponse.sendRedirect(url); } catch (IOException e) {}
SAP Portal - Direct Access to an iView
https://.../irj/portal?NavigationTarget=ROLES://portal_content/e0040034/e0040034.myLinkedReport
After ROLES, it is the PCD id.
or
https://.../irj/servlet/prt/portal/prtmode/preview/prtroot/pcd!3aportal_content!2fe0040034!2fe0040034.myLinkedReport
After ROLES, it is the PCD id.
or
https://.../irj/servlet/prt/portal/prtmode/preview/prtroot/pcd!3aportal_content!2fe0040034!2fe0040034.myLinkedReport
Wednesday, April 08, 2009
Temporary Objects in SAP Portal
At some circumstances, e.g. when the pop-up window is blocked by browser, modifying certain objects, such as the Default Page Template in SAP Portal will leave some temporary objects uncleaned and they will not expire.
This may cause SAP Portal behavior different among users. The reason is that some users may be associated with some temp objects and others may be with other temp objects.
The tool to clean these temporary objects is to use PCD inspector. Search for all associations or links to the temp object and delete these links first. Then delete these temp objects.
After it, System Admin -> Support Desk -> Portal Content Directory -> PCD Admin -> Release cache.
After it, reboot the server (depends).
This may cause SAP Portal behavior different among users. The reason is that some users may be associated with some temp objects and others may be with other temp objects.
The tool to clean these temporary objects is to use PCD inspector. Search for all associations or links to the temp object and delete these links first. Then delete these temp objects.
After it, System Admin -> Support Desk -> Portal Content Directory -> PCD Admin -> Release cache.
After it, reboot the server (depends).
Thursday, April 02, 2009
SAP Portal - Direct Access to Portal Content Administration
I made a mistake and configured the Default Page Template::Element in Framework Page to None instead of Framework Page. 10 minutes later, I was getting errors like "disablePersonalize" is undefined, etc.. and I can't get back to Content Administration to change it back.
Try the NavigationTarget as portal?NavigationTarget=navurl://06d9a4f1c16a67d0305579b9459fb574.
It saved me.
Try the NavigationTarget as portal?NavigationTarget=navurl://06d9a4f1c16a67d0305579b9459fb574.
It saved me.
Wednesday, March 18, 2009
SQL - Delete in Two Tables
delete from a.doc_data where sur_doc_nbr in (select sur_doc_nbr from a.doc where deld=1)
delete from a.doc_attr where sur_doc_nbr in (select sur_doc_nbr from a.doc where deld=1)
delete from a.doc where deld=1
delete from a.doc_attr where sur_doc_nbr in (select sur_doc_nbr from a.doc where deld=1)
delete from a.doc where deld=1
Friday, March 06, 2009
aggregates not allowed in WHERE clause
use HAVING, e.g.
SELECT player_name, AVG(score) as score FROM NBA.score_box WHERE box_year > 2004 GROUP BY player_name HAVING count(Game) > 100 ORDER BY score
SELECT player_name, AVG(score) as score FROM NBA.score_box WHERE box_year > 2004 GROUP BY player_name HAVING count(Game) > 100 ORDER BY score
Monday, February 23, 2009
Tomcat Timezone Issue
Noticed that Tomcat sometimes uses different time zone other than that of the system.
Solution is to define a TZ environment variable in the user profile and use the user to start up Tomcat.
e.g. TZ=US/Eastern
Solution is to define a TZ environment variable in the user profile and use the user to start up Tomcat.
e.g. TZ=US/Eastern
Saturday, February 21, 2009
CVS User
I used webmin to initialize the CVS repository and it was owned by root:root.
The default repository path is /var/cvs.
To enable a normal "cvsuser" write into the repository, I chown -R cvsuser.cvsgroup /var/cvs.
The default repository path is /var/cvs.
To enable a normal "cvsuser" write into the repository, I chown -R cvsuser.cvsgroup /var/cvs.
Java 6 on CentOS 5.2
Can't shutdown Tomcat because of the memory restriction when initialize VM.
After yum install jpackage-utils, it solved.
After yum install jpackage-utils, it solved.
PostgreSQL Authentication
PostgreSQL default authentication control really sucks. I modified it like this,
- su - postgres
- psql
- show hba_file;
- vi the hba_file and comment out all default settings
- add a line "local all all md5"
- now it works from command line and phpPgAdmin web screen
Install Java 6 on CentOS 5.2
- run /usr/sbin/alternatives --config java, it gives no response.
- run uname -m and it gives i386. it means it is a linux not a linux64.
- download jdk rpm from java.sun.com, at the time, sun provides JDK 6 Update 12. select the Linux and the rpm.bin
- chmod of the bin file and make it executable, run it
- Get error -bash: ./jdk-6u12-linux-i586-rpm.bin: /bin/sh: bad interpreter: Permission denied
- after some research, i realized that the /tmp is shared managed. it won't allow me to run any scripts there. so i moved the bin file to my home directory and run it, it installed the java automatically
- run rpm -qa | grep java and got jdk-1.6.0_12-fcs, run rpm -qa | grep sun also returns a bunch of packages
- run /usr/sbin/alternatives --config java, it still gives no response but run java -version, it gives the 1.6.0_12 back.
- done.
Monday, February 09, 2009
Unicode in Web Application
Let's say you store a unicode string in a database. The database encoding is UTF-8. The string is 似水流年.
In your web application, you allow users type 似水流年 and you get it from HTTP request and obtain a string.
When you compare the string obtained from request and the string stored in the database, they will not match.
What you need to do is to convert the non-unicode string to unicode. Here is one of the way, simple and elegant.
str = new String(str.getBytes("ISO-8859-1"), "UTF-8");
You would need to handle the UnsupportedEncodingException, but I doubt if there is any JVM not supporting ISO-8859-1 to UTF-8 conversion.
I am not sure if the ISO-8859-1 shall be different on different servers. I tried on my development workstation which is a Windows XP + Eclipse 3.3 + Tomcat 6 + Java 1.6 and my production server which is a Linux RH + Tomcat 6 + Java 1.6. They all work very well and so far I am OK with it hard coded.
In your web application, you allow users type 似水流年 and you get it from HTTP request and obtain a string.
When you compare the string obtained from request and the string stored in the database, they will not match.
What you need to do is to convert the non-unicode string to unicode. Here is one of the way, simple and elegant.
str = new String(str.getBytes("ISO-8859-1"), "UTF-8");
You would need to handle the UnsupportedEncodingException, but I doubt if there is any JVM not supporting ISO-8859-1 to UTF-8 conversion.
I am not sure if the ISO-8859-1 shall be different on different servers. I tried on my development workstation which is a Windows XP + Eclipse 3.3 + Tomcat 6 + Java 1.6 and my production server which is a Linux RH + Tomcat 6 + Java 1.6. They all work very well and so far I am OK with it hard coded.
Tuesday, February 03, 2009
For-Each Loop
for(Type type : types) {
... type ...
}
The For-Each loop makes Java code much more beautiful and clean than before. We shall use it any time we can.
Several exceptions,
... type ...
}
The For-Each loop makes Java code much more beautiful and clean than before. We shall use it any time we can.
Several exceptions,
- The program needs access to the iterator in order to remove the current element. The for-each loop hides the iterator, so you cannot call remove. Therefore, the for-each loop is not usable for filtering.
- Similarly it is not usable for loops where you need to replace elements in a list or array as you traverse it.
- Finally, it is not usable for loops that must iterate over multiple collections in parallel. These shortcomings were known by the designers, who made a conscious decision to go with a clean, simple construct that would cover the great majority of cases.
Wednesday, January 28, 2009
Java First Moment of a Day
Calendar cal = Calendar.getInstance();
cal.set(Calendar.HOUR_OF_DAY, 0);
cal.set(Calendar.MINUTE, 0);
cal.set(Calendar.SECOND, 0);
cal.set(Calendar.HOUR_OF_DAY, 0);
cal.set(Calendar.MINUTE, 0);
cal.set(Calendar.SECOND, 0);
Java First Moment of a Month
Calendar cal = Calendar.getInstance();
cal.set(Calendar.DAY_OF_MONTH, 1);
cal.set(Calendar.HOUR_OF_DAY, 0);
cal.set(Calendar.MINUTE, 0);
cal.set(Calendar.SECOND, 0);
cal.set(Calendar.DAY_OF_MONTH, 1);
cal.set(Calendar.HOUR_OF_DAY, 0);
cal.set(Calendar.MINUTE, 0);
cal.set(Calendar.SECOND, 0);
Java First Moment of a Year
Calendar cal = Calendar.getInstance();
cal.set(Calendar.DAY_OF_YEAR, 1);
cal.set(Calendar.HOUR_OF_DAY, 0);
cal.set(Calendar.MINUTE, 0);
cal.set(Calendar.SECOND, 0);
cal.set(Calendar.DAY_OF_YEAR, 1);
cal.set(Calendar.HOUR_OF_DAY, 0);
cal.set(Calendar.MINUTE, 0);
cal.set(Calendar.SECOND, 0);
Subscribe to:
Posts (Atom)