359 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
Custom REST service in XPages using a service bean
Wed, Oct 22nd 2014 186
Put an angular face on your inbox
Mon, Sep 29th 2014 323
Rendering a Notes view as JSON REST service - on your client
Thu, Sep 25th 2014 502
Keeping up with all the GIT
Thu, Sep 25th 2014 423
Collaboration in context
Wed, Sep 24th 2014 381
Creating nginx configurations for Domino SSL
Sat, Sep 20th 2014 776
Tracking down slow internet on SingTel Fibre to the home
Tue, Sep 16th 2014 181
Top 10
Domino Development - Back to Basics - Part 5: Finding data - Collections and Search
Thu, Jan 2nd 2014 1250
Creating nginx configurations for Domino SSL
Sat, Sep 20th 2014 776
Rendering a Notes view as JSON REST service - on your client
Thu, Sep 25th 2014 502
Documents vs eMails
Fri, Jul 4th 2014 468
Keeping up with all the GIT
Thu, Sep 25th 2014 423
From XML to JSON and back
Fri, Jul 11th 2014 392
Collaboration in context
Wed, Sep 24th 2014 381
Designing a REST API for eMail
Sat, Aug 9th 2014 355
Dear SingTel, please fix your routing performance!
Wed, Apr 24th 2013 353
Workflow for beginners, Standards, Concepts and Confusion
Thu, Jul 24th 2014 347


OAuth, HTTP and file size limitations
Stephan H Wissel    

In the brave new world of social file sharing HTTP(s) has won. From the humble webDAV specification to Sharepoint, IBM Connections, Dropbox, UbuntuOne or the emerging industry standard CMIS all use HTTPs to access files on the backends. Since HTTP(s) is the first thing that is available when a network connection is possible and quite often (especially in public hotspots) the only thing available, this success isn't surprising
The more venerable protocols like CIFS (a.k.a. SMB), NFS or SSHFS didn't stand a chance since (rightly?) security experts block them on the corporate firewalls to prevent data leakages.
A lot of times the HTTP integration uses basic authentication, that is hazardous on HTTP, but OK on HTTPs. However providing applications with username and password makes it an update nightmare. Therefore OAuth became rapidly popular. But every fix for a problem comes with its own challenges. The challenge here is OAuth session expiry. While this is hardly an issue getting your latest tweets (140 char transmit in less that 30sec if if you only have 10 Byte/sec), is is an issue for large files.
An open bug in UbuntuOne explains it nicely: "OAuth headers used to check the validity of the request contain the timestamp of the request to prevent reply attacks .... for requests taking less than 15 minutes (the default for oauth in updown). ". If 15 min is the default you need a lot of bandwidth depending on your file size:
  • 9 kb/sec for 1 MB
  • 217 kb/sec for 25MB
  • 870 kb/sec for 100 MB
(That's effective bandwidth, not advertised one). Of course: you don't want to wait 15 minutes for a file, so your real bandwidth requirement might be actually much higher. And that's also the reason why online access to file sharing is nothing more than a band-aid, sync is the way to go.

---------------------
http://feedproxy.google.com/~r/Wisselnet/~3/IOM1pQf-VQU/SHWL-8UL7TB
May 23, 2012
64 hits



Recent Blog Posts
186


Custom REST service in XPages using a service bean
Wed, Oct 22nd 2014 6:11a   Stephan H Wissel
Talking to your backend using JSON and REST is all the rage for contemporary development. Domino has supported, at least reading, this access for quite a while using ?ReadViewEntries[&OutputFormat=JSON]. Using Domino Access Services (DAS) this has been extended to read/write support for documents as well. However, as a result, your front-end application now needs to deal with the Domino way to present data, especially the odd use of @ in JSON keys (which e.g. jquery isn't fond of). [read] Keywords: domino ibm ldd lotus xpages application database development javascript openntf wiki xml
323


Put an angular face on your inbox
Mon, Sep 29th 2014 9:12p   Stephan H Wissel
In the last instalment I got vert.x to emit a Notes view, read from your local mail file, to be emitted as JSON stream. While that might be perfectly fine for the inner geek, normal mortals want to look (and interact) with something more pretty. The cool kids on the block for web interfaces and applications are Twitter BootStrap and AngularJS, so these will be the tools in this instalment. Not familiar with them? Go and watch some videos. Back? Let's get going. Since I'm not much of a desig [read] Keywords: admin ibm notes application applications css twitter
502


Rendering a Notes view as JSON REST service - on your client
Thu, Sep 25th 2014 11:13a   Stephan H Wissel
My next goal after getting the basic connection to Notes working is to be able to serve a potential API. Still making friends with the non-blocking approach of vert.x, I'm taking baby steps forward. In this round I want to be able to deliver a view or folder as JSON string. On a Domino server that is easy. You can use ?ReadViewEntries&OutputFormat=JSON. On a Notes client you have to do it yourself. In round one I will ignore categorized views (that's for the next time), but I already will [read] Keywords: domino lotus notes notes client application database java openntf server
423


Keeping up with all the GIT
Thu, Sep 25th 2014 6:13a   Stephan H Wissel
Unless you stuck in the last century, you might have noticed, that the gold standard for version control is GIT. Atlassian likes it, IBM DevOps supports it and of course the Linux Kernel is build with it. The prime destination for opensource projects is GitHub, with BitBucket coming in strong too. Getting the code of a project you work with (and I bet you do - jquery anyone) is just a git clone away. Of course that opens the challenge to keep up with all the changes and updates. While in the pr [read] Keywords: ibm linux network wiki ubuntu
381


Collaboration in context
Wed, Sep 24th 2014 10:12a   Stephan H Wissel
Harry, a storm is coming, at least if you follow Cary Youman. Nothing less that the way we collaborate will be, again, a focus for IBM. The need has not found a definite solution. The attempt to reinvent eMail is starving in the incubator. Great minds try to reinvent the conversation (and looks suspiciously like Wave). So what is so tricky about collaboration? In short it is context, the famous 5 W. In our hyperconnected world context can get big rather fast: [read] Keywords: collaboration ibm email openntf twitter wiki
776


Creating nginx configurations for Domino SSL
Sat, Sep 20th 2014 1:12p   Stephan H Wissel
Websites need to be secure, so the SHA-1 cipher is coming to an end. Despite best efforts, Domino is stuck with this outdated Cipher. While you can, on Windows, hide Domino behind IHS, I find nginx easier to tame. Jesse explains how to configure nginx as the Domino proxy. So all is good, expecially since he also covered High availability. But when you have a lot of sites, that's a lot of typing (and copy & paste from the Internet site documents). Mustache to the rescue! I've written abou [read] Keywords: domino ibm java server
181


Tracking down slow internet on SingTel Fibre to the home
Tue, Sep 16th 2014 8:12p   Stephan H Wissel
SingTel makes big claims about the beauty of their fibre offering. I do not experience the claimed benefits. So I'm starting to track down what is happening. Interestingly when you visit SpeedTest, it shows fantastic results. I smell rat. So I ran a test with Pocketinet in Walla Walla, WA. SpeedTest claims a 5ms ping response, but when I, immediate before or after such a test, issue a ping -c5 www.pocketinet.com I get results rather in the range of 200-230ms. Ein Schelm wer böses dab [read] Keywords: ibm google server wiki




210


Foundation of Software Development
Fri, Sep 12th 2014 6:13a   Stephan H Wissel
When you learn cooking, there are a few basic skills that need to be in place before you can get started: cutting, measuring, stiring and understanding of temperature's impact on food items. These skills are independent from what you want to cook: western, Chinese, Indian, Korean or Space Food. The same applies to software development. Interestingly we try to delegate these skills to ui designers, architects, project managers analyst or infrastructure owners. To be a good developer, you don't [read] Keywords: ibm development wiki
212


Flow, Rules, Complexity and Simplicity in Workflow
Wed, Sep 3rd 2014 6:13a   Stephan H Wissel
When I make the claim "Most workflows are simple", in return I'm hit with bewildered looks and the assertion: "No, ours are quite complex". My little provocation is quite deliberate, since it serves as an opening gambit to discuss the relation between flow, rules and lookups. All workflows begin rather simple. I'll take a travel approval workflow as a sample (resemblance of workflows of existing companies would be pure coincidence). The explanation is simple: "You request approval from [read] Keywords: google
248


Rethinking the MimeDocument data source
Mon, Sep 1st 2014 12:13p   Stephan H Wissel
Tim (we miss you) and Jesse had the idea to store beans in Mime documents, which became an OpenNTF project. I love that idea and was musing how to make it more "domino like". In its binary format, a serialized bean can't be used for showing view data, nor can one be sure that it can be transported or deserialized other than through the same class version as the creator (this is why Serialized wants to have a serialid). With a little extra work, that becomes actually quite easy: Enter JAXB. [read] Keywords: domino lotus notes xpages email java linkedin openntf oracle profile xml




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition