354 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
You want to move to Domino? You need a plan!
Thu, Apr 17th 2014 222
Domino Design Pattern: Secret documents
Thu, Apr 17th 2014 207
SmartCloud Notes little agent helper
Wed, Apr 16th 2014 130
Mustache and CKEditor - Round two
Mon, Apr 14th 2014 115
Lotus de la Mancha
Wed, Apr 9th 2014 177
CKEditor and Mustache become friends
Tue, Apr 8th 2014 175
MongoDB to switch to IBM storage backend
Tue, Apr 1st 2014 314
Top 10
Domino Development - Back to Basics - Part 5: Finding data - Collections and Search
Thu, Jan 2nd 2014 416
Domino Development - Back to Basics - Part 7: Map Reduce Domino Style
Wed, Feb 12th 2014 372
What is your investment in Notes applications - revisited
Tue, Feb 25th 2014 345
Download Connect 2014 presentation files
Tue, Feb 4th 2014 341
Numbers are numbers, you have to see it! - Selenium edition
Sat, Feb 15th 2014 340
Domino Development - Back to Basics - Part 6: Better save than sorry - Security
Tue, Feb 4th 2014 334
MongoDB to switch to IBM storage backend
Tue, Apr 1st 2014 314
Fun with {{Mustache}} and Notes Forms
Wed, Mar 12th 2014 290
Rethinking Social Software
Sat, Mar 1st 2014 280
The perception of emptiness
Mon, Feb 10th 2014 264


OAuth, HTTP and file size limitations
Stephan H Wissel    

In the brave new world of social file sharing HTTP(s) has won. From the humble webDAV specification to Sharepoint, IBM Connections, Dropbox, UbuntuOne or the emerging industry standard CMIS all use HTTPs to access files on the backends. Since HTTP(s) is the first thing that is available when a network connection is possible and quite often (especially in public hotspots) the only thing available, this success isn't surprising
The more venerable protocols like CIFS (a.k.a. SMB), NFS or SSHFS didn't stand a chance since (rightly?) security experts block them on the corporate firewalls to prevent data leakages.
A lot of times the HTTP integration uses basic authentication, that is hazardous on HTTP, but OK on HTTPs. However providing applications with username and password makes it an update nightmare. Therefore OAuth became rapidly popular. But every fix for a problem comes with its own challenges. The challenge here is OAuth session expiry. While this is hardly an issue getting your latest tweets (140 char transmit in less that 30sec if if you only have 10 Byte/sec), is is an issue for large files.
An open bug in UbuntuOne explains it nicely: "OAuth headers used to check the validity of the request contain the timestamp of the request to prevent reply attacks .... for requests taking less than 15 minutes (the default for oauth in updown). ". If 15 min is the default you need a lot of bandwidth depending on your file size:
  • 9 kb/sec for 1 MB
  • 217 kb/sec for 25MB
  • 870 kb/sec for 100 MB
(That's effective bandwidth, not advertised one). Of course: you don't want to wait 15 minutes for a file, so your real bandwidth requirement might be actually much higher. And that's also the reason why online access to file sharing is nothing more than a band-aid, sync is the way to go.

---------------------
http://feedproxy.google.com/~r/Wisselnet/~3/IOM1pQf-VQU/SHWL-8UL7TB
May 23, 2012
64 hits



Recent Blog Posts
222


You want to move to Domino? You need a plan!
Thu, Apr 17th 2014 6:12a   Stephan H Wissel
Cloud services are all en vogue, the hot kid on the block and irressitible. So you decided to move there, but you decided your luggage has to come along. And suddenly your realize, that flipping a switch won't do the trick. Now you need to listen to the expert. The good folks at Amazon have compiled a table that gives you some idea how much it would take to transfer data: Available Internet Connection Theoretical Min. Number of Days to Transfer 1TB at 80% Network Utilization T1 [read] Keywords: domino ibm xpages database java microsoft network office wiki
207


Domino Design Pattern: Secret documents
Thu, Apr 17th 2014 6:12a   Stephan H Wissel
Domino's stronghold is security. However security is only as good as you design it. A frequent requirement in applications is to store a data set that is partially confidential and partially available for a wider audience. When you store these 2 data sets in one document, it isn't too hard to have the confidential information slip out: using the document properties in a Notes client using the document rest service the property control from openNTF In a nutshell: if you have 2 sets of data [read] Keywords: agent domino notes notes client xpages application applications openntf properties security
130


SmartCloud Notes little agent helper
Wed, Apr 16th 2014 9:11p   Stephan H Wissel
Now that we all drank the Cloud Computing CoolAid, we need to make it work. IBM's SmartCloud Notes looks enticing, since it offers 25G of eMail storage, way beyond what IT departments usually want to commit. SmartCloud Notes even allows you customisation albeit within clear limits. So before you upload your extension forms you need to plan well. One of the most unpleasant restrictions is: "No customer agents or scripts will be executed on server ", so no agent, no DOLS tasks. However you ca [read] Keywords: agent domino ibm inotes ldd lotus notes application eclipse email facebook interface java javascript server xml
115


Mustache and CKEditor - Round two
Mon, Apr 14th 2014 9:11a   Stephan H Wissel
ving just a few static values in the CK Editor drop down list really doesn't cut it. So we extend the bean today to have more flexible options. There are a few that spring to mind: List of all items in a given document List of all fields in a form (including subforms), eventually with or without the $ fields List of provided field names So here we go: Mustache and CKEdit demo The big change here is the replacement of the EL Expression mustache.sampleData wit [read] Keywords: ibm xpages database java javascript xml
177


Lotus de la Mancha
Wed, Apr 9th 2014 10:12a   Stephan H Wissel
One of my personal heroes is Don Quixote de la Mancha. He is a bat-shit crazy knight, who is true in his courtship of his Lady Dulcinea and never tired to pick a fight with a giant (windmill). His charge against the windmills, is regarded as a result of his craziness, but digging deeper you will find a nobility, worthy of a true knight: stand in for what you deem is right, regardless of the odds of success. Being true to your calling resonates with me. Wikipedia has an image of the crest of La [read] Keywords: lotus wiki
175


CKEditor and Mustache become friends
Tue, Apr 8th 2014 9:11p   Stephan H Wissel
In the beginning there was WordStar and CSV and the possibility of (then printed) personalized mass-communication arrived in the form of mail-merge. For Notes eMails that is still a challenge (the latest version of OpenOffice now seems to have a reasonable eMail-Merge, but that's off topic here) since creating the template is kind of fuzzy (a.k.a usually out of the reach of mere mortal users). XPages, Mustache and CKEditor to the rescue! The CKEditor shipping with XPages can be easily customiz [read] Keywords: ibm notes rich-text xpages email java javascript openntf openoffice wiki xml
314


MongoDB to switch to IBM storage backend
Tue, Apr 1st 2014 6:12a   Stephan H Wissel
One of the rising stars in NoSQL land is MongoDB. It is prominently featured in IBM BlueMix and in conjunction with Node.js the darling of the startup scene. However it isn't trouble free, has been called broken by design, bad for data and a folly. In a bold move to silence all critiques, the makers turned to IBM to get access to a distributed, robust and secure backend storage engine: the venerable NSF. As Bryce Nyeggen clearly stated:"But actually, that’s the Tao-like genius of MongoDB â [read] Keywords: ibm xpages google wiki
214


Communicate with a German
Tue, Apr 1st 2014 6:12a   Stephan H Wissel
It was going around for a while, how to decode what an English man actually means when he says something. A Harvard Business Review article attributes the insights to Nannette Ripmeester's research and insights. What I was missing in all those tables is the reverse translation. So here it goes: What a German saysWhat the British should hearWhat the German meant Bad idea!Please think about that some moreBad idea! But I will still drink beer with you This won't workInteresting approach, qui [read] Keywords: google linkedin




158


On a quest for the best biking application
Thu, Mar 27th 2014 9:11p   Stephan H Wissel
Preparing for my June adventure, I'm tracking my cycling progress. So far I tried Endomondo, RunKeeper and had a look at Strava. They all have their ups and downs: Endomondo doesn't provide a open data API and I never got the live broadcast working, but the UI is readable on a bike RunKeeper UI is too tiny for cycling mount, but live broadcast works nicely and the data API is open Strava doesn't seem to provide live updates, but rather tracking after the tour Battery live sucks for all of th [read] Keywords: application
201


Learning a new language or platform
Thu, Mar 27th 2014 11:11a   Stephan H Wissel
The first programming language I learned was COBOL both using a Microfocus compiler (with an innovative tool called Animator, today commonly refered to as "Source level debugger") and on an IBM System /36. Until today I think Cobol is cool, not at least since you can reuse its source code, read aloud, as tranquiliser and only in COBOL this compiles without error: PERFORM makemoney UNTIL rich. You have to read "full stop" at the end to get all COBOL nuts laughing, because when you missed it [read] Keywords: domino ibm lotusscript xpages applications development javascript mobile server wiki xml




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition