Archive for 2007年8月

Domino 运行在 AIX5.2上 and Batch file writing

八月 30, 2007

Domino 运行在 AIX5.2上
我建立一个java的agent,设定成’on schedule’ 和 ‘run on server’
这个agent会运行AIX上的一个.sh脚本,这个shell脚本的最后会运行另一个java程序,这第二个java程序用到domino的api,对domino的数据库进行了操作。
但是,在这第二个java程序运行的过程里,我让他输出到文件,输出的信息如下:
输出信息——————-start
Attempting session creation…

Session Creation Successful…

Accessing database : sample.nsf

Accessing database Successful..
This process “java” is unable to map the required amount of shared memory – mm=-1879048192, at=268435456  . Please refer to the documentation on how to fix this.
输出信息——————-end

(more…)

quote: Anders Hejlsberg, Herb Sutter, Erik Meijer, Brian Beckman: Software Composability and the Future of Languages [video]

八月 7, 2007

How will imperative programming languages evolve to suit the needs of developers in the age of Concurrency and Composability? What role can programming languages play in enabling true composability? What are the implications of LINQ on the furture of managed (CLS-based) and unmanaged(C++) languages? How will our imperative languages (static) become more functional (dynamic) in nature while preserving their static “experience” for developers? 
Answers to these questions and much more are to be found in this interview with some of Microsoft’s leading language designers and programming thought leaders: Anders Hejlsberg, Technical Fellow and Chief Architect of C#, Herb Sutter, Architect in the C++ language design group, Erik Meijer, Architect in both VB.Net and C# language design and programming language guru, and Brian Beckman, physicist and programming language architect working on VB.Net.
This is a great conversation with some of the industry’s most influential programming language designers. Tune in. You may be surprised by what you learn…

English version:

http://channel9.msdn.com/Showpost.aspx?postid=273697

Chinese version:

http://blog.csdn.net/hellothere/archive/2007/07/29/1715993.aspx

a reason for why the access was denied

八月 7, 2007

After I enabled the SSL for diiop, I could not create session using java code. The code I wrote is as below:

String[] arg2 = new String[1];
arg2[0] = “-ORBEnableSSLSecurity”;
Session s = NotesFactory.createSession(hostName, arg2, userName, password);

and I caught the exception below:

NotesException: Server access denied
    at lotus.domino.NotesExceptionHelper.read(Unknown Source)
    at lotus.domino.NotesExceptionHolder._read(Unknown Source)
    at lotus.priv.CORBA.iiop.RepImpl.invoke(Unknown Source)
    at lotus.priv.CORBA.portable.ObjectImpl._invoke(Unknown Source)
    at lotus.domino.corba._IObjectServerStub.createSession(Unknown Source)
    at lotus.domino.cso.Session.initSession(Unknown Source)
    at lotus.domino.cso.Session.<init>(Unknown Source)
    at lotus.domino.cso.Session.createSession(Unknown Source)
    at lotus.domino.NotesFactory.createSessionUP(Unknown Source)
    at lotus.domino.NotesFactory.createSession(Unknown Source)
    at TesterGetSession.doGetSession_2(TesterGetSession.java:58)
    at TesterGetSession.main(TesterGetSession.java:17)

The reason for this, is because, I set the ‘Name & password’ of the ‘Authentication options’ to ‘No’. And in the code, you could see that, I pass the username and the password to the method. So the access was denied.

The resolution is to set the ‘Name & password’ to ‘Yes’ under ‘Configuration’ ->’Ports’ -> ‘Internet Ports…’ -> ‘DIIOP’.

Though it is a tiny configuration issue, it is really annoying a lot if you do not know what is going on.

The below are discussions I referred to:

http://www.ibm.com/developerworks/forums/dw_thread.jsp?message=13974369&cat=9&thread=168059&treeDisplayType=threadmode1&forum=892#13974369

http://www-10.lotus.com/ldd/nd6forum.nsf/0/9dfb581044c2388785256c48003af015?OpenDocument

notice about enable SSL on Domino

八月 6, 2007

quote from Lotus Designer document:

key words: createSessionWithIOR, DIIOP_DUP_KEYRING=filename

To enable SSL (Secure Sockets Layer), use the String args[] parameter and specify “-ORBEnableSSLSecurity” as an element of the args array. For remote (IIOP) applications, the client must have access to the server’s trusted root certificate, stored in TrustedCerts.class in domino/java in the server’s data directory. This file is generated by the DIIOP task when it starts and is enabled to listen on the SSL port specified in the server document. The HTTP task delivers TrustedCerts.class to applets. For other applications, ensure that TrustedCerts.class is on the classpath.
The methods named createSessionWithIOR get an Internet session through explicit specification of the IOR. Typically this is not necessary. The createSession methods that specify a host call getIOR, which gets the IOR by querying the HTTP or DIIOP task listening on hostname:port for a file named diiop_ior.txt. Use the createSessionWithIOR methods if you have another mechanism for getting the IOR.
If only the HTTPS port can deliver the IOR, call getIOR with the String args[] parameter and specify “-createSessionWithIOR ” as an element of the args array. Then use the returned IOR in a createSessionWithIOR call.
If a file other than TrustedCerts.class contains the server’s trusted root certificate, specify “-ORBSSLCertificates=filename” as an element of the args array. The DIIOP task generates TrustedCerts.class and a duplicate file if “DIIOP_DUP_KEYRING=filename” is present as a notes.ini variable. This is useful to access two servers with different trusted root certificates.
A getIOR operation is not authenticated even with SSL.
Use a getIOR method with user and passwd parameters if anonymous access is not allowed on the HTTP or HTTPS port being accessed.
Note  The getIOR methods that take args[], user, and passwd parameters are new with Release 6.5.
The createSession methods that include an org.omg.CORBA.ORB parameter create a session using an existing ORB, which you first create with one of the createORB methods. Using one ORB for multiple sessions (connection pooling) saves network overhead. However, make sure the connection can handle all the sessions you create, and be sure to recycle when you terminate a session.
For applets, use AppletBase.openSession. For agents, use AgentBase.getSession.

this is a test 这是一个测试

八月 6, 2007

this is a test

这是一个测试

这是个测试

java class file are all the same on all platforms

八月 6, 2007

stupid… java class file are all the same on all platforms

configure SSL on Domino

八月 2, 2007

we could follow the instruction illustrated in the link below:

http://www-128.ibm.com/developerworks/lotus/library/ls-Java_access_2/index.html

SSL encryption

The previous article in this series discussed running a Java application locally or remotely. Remote calls require HTTP and DIIOP access. You can encrypt transmissions over the DIIOP port using SSL (Secure Sockets Layer). See the previous article for instructions on how to set up DIIOP. The client code signals the desire to encrypt by specifying a new second parameter in the createSession call. This parameter is a String array whose first element has -ORBEnableSSLSecurity as its value, for example:

String args[] = new String[1];args[0] = “-ORBEnableSSLSecurity”; Session s = NotesFactory.createSession(“myhost.east.acme.com:63148”, args, “Jane Smith/East/Acme”, “topS3cr3t”);

You still use a non-SSL port (63148 in the above example) to get the IOR. The actual service requests take place over the DIIOP SSL port, which is 63149 by default.

Before running the code, you must set up the server and client with a common trusted root certificate from a certificate authority. This process is best covered as a series of steps.

Step 1

Create a key ring. Open the Server Certificate Admin (certsrv.nsf) database on a Domino server and use its forms to create and populate a key ring. See Administering the Domino System, Volume 2 or the Domino Administrator Help for detailed information. For testing purposes, you can use the CertAdminCreateKeyringWithSelfCert form to create a key ring with a self-certified certificate.

Step 2

Move the keyring to the server. The keyring consists of a keyring file (KYR file) and stash file (STH file). These files are generated on the computer from which you’re accessing the Server Certificate Admin database. Move or copy the two keyring files to the computer containing the Domino server. Place them in the server’s data directory. For example, if you create a keyring with a self-certified certificate using default names and copy the files to a computer with a server whose data files are installed at C:\Lotus\Domino\Data, the server files would be:

C:\Lotus\Domino\Data\selfcert.kyr C:\Lotus\Domino\Data\selfcert.sth.

Step 3

Copy TrustedCerts.class to the client and put it in the classpath. Once the keyring files are on the server, starting or restarting the DIIOP task generates a file named TrustedCerts.class in the Domino data directory. Distribute this file to any computer from which you are going to access the server using CORBA with SSL, and put the directory containing the file in the classpath. For example, if you copy the file to C:\Lotus\TrustedCerts.class on a client, set the classpath as follows:

set classpath := %classpath%;c:\lotus

Step 4

Enable the server for SSL. In the Server document in the server’s Domino Directory, go to the Ports tab, then the Internet Ports tab. Under SSL settings, specify the SSL key file name (for example, selfcert.kyr). Go to the DIIOP tab. Ensure that the SSL port number is correct-it defaults to 63149. Enable the SSL port. Set Name & password and Anonymous authentication as desired.

The instruction above is good enough to perform a SSL test. But here is a problem I have met and fixed:Set the TrustedCerts.class to your classpath, and make your application code read this path is a really important part! I set the proper classpath there, but, my java application could not get that classpath when running in Eclipse. I didn’t realize this at first time, and wasted a lot of time on it. Finally, I call my java class using the command line. Then it works.

(more…)