Monday, December 17. 2007Book Review: PHP Oracle Web Development
The good folks from Packt Publishing were kind enough to send me a few books to review and I've been a little lax posting a review, so over the next few days I hope to have them all up. Overall I would have to say that PHP Oracle Web Development is a good book for a PHP developer needing to get up to speed quickly working with an Oracle database. I've worked with Oracle before using other languages, but never with PHP. I found the chapters progressed through the various topics in a logical and straightforward manner. It was easily to follow along, of course coding as you go, and easy to understand what was going on.
There were some features that, prior to this, I hadn't used before, such as their native XML support. Lately, I have been using DB2 and XQuery and was both surprised and glad to find the book cover some of this. Again, easy to understand and follow. After about 15 minutes, I was doing all sorts of crazy XML operations within Oracle. The only place I found the book lacking was the initial setup of the environment. This is definitely a minor nit, but something that was a bit frustrating until I got it all working. The book tends to favor a Windows installation, which usually is simple anyways. I decided, however, to install on my linux box. The missing step came when I was trying to configure the oci8 extension in PHP. I was not using the instant client and had not setup the environment, so things weren't found. After checking the oci8 config.m4 in PHP, I found it was looking for ORACLE_HOME. A little searching and I found that all I needed was to execute a shell command (included in the Oracle install) to have them properly setup: /usr/lib/oracle/xe/app/oracle/product/10.2.0/server/bin/oracle_env.sh After that, install went smoothly. Now, the only other issue I am having is trying to configure PHP to work on my Fedora 8 system using the 11.1 instant client. The configure script (using PHP 5.2 from CVS that does support this Oracle version) doesn't like it for some reason. Something to work on another day. All in all, I would definitely recommend this book, PHP Oracle Web Development, to a PHP developer needing to learn or at least have a reference book on integrating with Oracle. Updated 12/19/2007: I finally resolved the instant client issue on Fedora 8. Also fixed my typos :/ Microsoft and XML Fundamentals
I was meaning to write about some of the new openinfocard features this weekend, but instead I spent my time trying to get the openinfocard selector working against the Windows Live Beta site supporting Information Cards. I finally found the problem and really just could not believe it. A few months ago, I received a similar, yet unrelated, bug report against my own libraries. A person was using my wsse/xmlsec libs to communicate against a .NET SOAP service that required messages to be signed and told me that it would not work unless the XMLDSIG elements used a default namespace. This means that
Within my libraries, I do prefix namespaces. Unfortunately for that person, I did not believe them and stressed that it had to be a coding error either on their part or from the service provider. Note that I didn't just dismiss their report. I was unable to reproduce the issue, was not given access to test against their service, do successfully interoperate with other .NET systems, and have a large number of users implementing my code against .NET services employing encryption and digital signatures. I hadn't heard anything more and ended up forgetting about it... that is until now. Over the weekend, I spent a good amount of time comparing tokens from various selectors and trying different parameters. There were only two differences between tokens from Openinfocard and those from CardSpace. The first, which I spent most of my time on, was the timestamps. CardSpace provides a full hour for token validity. Openinfocard, on the other hand, allows the token 10 minutes of validity. I have run into a number of problems in the past due to the clock from either the client or server not being in synch. A fudge factor is usually built into the interactions (the client might set their NotBefore time to a few minutes prior to the current time, and the server might allow an extra ten minutes past the expire time), but I have seen cases, especially due to day light savings and systems not being updated, that the clocks between the client and server are too far off and the token is not considered valid when submitted. Anyways, this didn't end up being the problem. Come to find out, the Windows Live Beta site has the exact same problem when dealing with the SAML token as the bug reported I told you about before. The issue is unrelated to the client code (so thankfully it wasn't an issue in my library - written in PHP); Openinfocard, which is the selector having a problem working with Windows Live, is in fact written in Java, and also prefixes namespaces. After altering the openinfocard code to use default namespaces, building new jars, installing the new jars and restarting firefox (sounds simple, yet REALLY time consuming), I finally got Windows Live to accept my Infocard. The underlying problem itself still eludes me. All I know is that the issue lies on the server side. I have no idea if this is a problem stemming from a particular version of the .NET libraries or if a third party library is being used. Either way, I would have expected more from Microsoft. It's forgivable that a developer from a small company might use an outside library to work with digital signatures (that also happens to be buggy), but for a company that pushes the WS-* stack (XML Digital Signatures being a core component of WS-Security) and provides core libraries for working with it, this is a serious issue. It also seems to not be isolated either; as exemplified by the same issue against a .NET SOAP service. Now hopefully someone can get me some answers to where this problem stems from so in the future I have a little more insight if I personally end up encounter it when dealing with a SOAP service; or at least can provide some help to someone reporting the issue to me again. Monday, December 10. 2007Library Updates and Other Dealings
Life and work have been eating up all my time, so I have had no time to write anything about what's been going on. I finally decided to take a break from work, sit down and try to catch up with things.
Although busy, I have been updating my libraries; adding deatures, fixing bugs and trying to get some structure going. The libraries are used by a good number of projects, so I figured it was about time to make some of the changes known. First off, I started tracking versions and keeping changelogs for the different libraries (Only those that have changed since I started version tracking have changelogs right now). The libraries can all be found on my Source Code page. As for some of the specific changes.... Continue reading "Library Updates and Other Dealings"
(Page 1 of 1, totaling 3 entries)
|