357 Lotus blogs updated hourly. Who will post next? Home | Downloads | Events | Pods | Blogs | Search | myPL | About 
 
Latest 7 Posts
Warriors of Light
Sun, Jul 20th 2014 140
Adventures with vert.x, 64Bit and the IBM Notes client
Thu, Jul 17th 2014 134
Cycle where?
Sun, Jul 13th 2014 163
From XML to JSON and back
Fri, Jul 11th 2014 234
The folly of root cause analysis
Wed, Jul 9th 2014 172
Documents vs eMails
Fri, Jul 4th 2014 318
The taxi loyalty program isn't working and how to fix it
Mon, Jun 16th 2014 187
Top 10
Domino Development - Back to Basics - Part 5: Finding data - Collections and Search
Thu, Jan 2nd 2014 935
Let's ditch IBM Notes and Domino
Thu, May 29th 2014 671
Domino Development - Back to Basics - Part 7: Map Reduce Domino Style
Wed, Feb 12th 2014 502
Download Connect 2014 presentation files
Tue, Feb 4th 2014 473
Numbers are numbers, you have to see it! - Selenium edition
Sat, Feb 15th 2014 469
What is your investment in Notes applications - revisited
Tue, Feb 25th 2014 459
MongoDB to switch to IBM storage backend
Tue, Apr 1st 2014 452
CRM > Sales Tracking
Sun, May 5th 2013 449
Domino Development - Back to Basics - Part 6: Better save than sorry - Security
Tue, Feb 4th 2014 443
You want to move to Domino? You need a plan!
Thu, Apr 17th 2014 428


OAuth, HTTP and file size limitations
Stephan H Wissel    

In the brave new world of social file sharing HTTP(s) has won. From the humble webDAV specification to Sharepoint, IBM Connections, Dropbox, UbuntuOne or the emerging industry standard CMIS all use HTTPs to access files on the backends. Since HTTP(s) is the first thing that is available when a network connection is possible and quite often (especially in public hotspots) the only thing available, this success isn't surprising
The more venerable protocols like CIFS (a.k.a. SMB), NFS or SSHFS didn't stand a chance since (rightly?) security experts block them on the corporate firewalls to prevent data leakages.
A lot of times the HTTP integration uses basic authentication, that is hazardous on HTTP, but OK on HTTPs. However providing applications with username and password makes it an update nightmare. Therefore OAuth became rapidly popular. But every fix for a problem comes with its own challenges. The challenge here is OAuth session expiry. While this is hardly an issue getting your latest tweets (140 char transmit in less that 30sec if if you only have 10 Byte/sec), is is an issue for large files.
An open bug in UbuntuOne explains it nicely: "OAuth headers used to check the validity of the request contain the timestamp of the request to prevent reply attacks .... for requests taking less than 15 minutes (the default for oauth in updown). ". If 15 min is the default you need a lot of bandwidth depending on your file size:
  • 9 kb/sec for 1 MB
  • 217 kb/sec for 25MB
  • 870 kb/sec for 100 MB
(That's effective bandwidth, not advertised one). Of course: you don't want to wait 15 minutes for a file, so your real bandwidth requirement might be actually much higher. And that's also the reason why online access to file sharing is nothing more than a band-aid, sync is the way to go.

---------------------
http://feedproxy.google.com/~r/Wisselnet/~3/IOM1pQf-VQU/SHWL-8UL7TB
May 23, 2012
99 hits



Recent Blog Posts
140


Warriors of Light
Sun, Jul 20th 2014 11:15a   Stephan H Wissel
Inspired by Paulo Coelho's manual for the Warrior of the Light: Warriors of Light We were born from the stars Descended from the heavens Armed with compassion Determined to end the suffering Subjected to the human condition Battling ignorance with wisdom Laying our lives for the liberation from illusion When you look in the mirror - remember! You are one of us. [read] Keywords:
134


Adventures with vert.x, 64Bit and the IBM Notes client
Thu, Jul 17th 2014 8:12a   Stephan H Wissel
The rising star of web servers currently is node.js, not at least due to the cambrian explosion in available packages with a clever package management system and the fact that "Any application that can be written in JavaScript, will eventually be written in JavaScript" (according to Jeff Atwood). When talking to IBM Domino or IBM Connections node.js allows for very elegant solutions using the REST APIs. However when talking to a IBM Notes client, it can't do much since an external program ne [read] Keywords: connections domino ibm lotus notes notes client application development eclipse google java javascript oracle python wiki ubuntu
163


Cycle where?
Sun, Jul 13th 2014 1:12p   Stephan H Wissel
I like to cycle, I do that often and from time to time I have fun with traffic participants. One of the interesting challenges are multi-lane crossings (note to my overseas readers: Singapore follows the British system of driving on the left, so cyclists are supposed to cycle on the left edge of the road - which makes me edgy in some situations. So for right driving countries, just flip the pictures) where the outer lane allows more than one direction. Like these: Road rules do require the [read] Keywords: google wiki
234


From XML to JSON and back
Fri, Jul 11th 2014 8:12p   Stephan H Wissel
In the beginning there was csv and the world of application neutral (almost) human readable data formats was good. Then unrest grew and the demand for more structure and contextual information grew. This gave birth to SGML (1986), adopted only by a few initiated. Only more than a decade later (1998) SGML's offspring XML took centre stage. With broad support for schemas, transformation and tooling the de facto standard for application neutral (almost) human readable data formats was established [read] Keywords: application java javascript server wiki xml xslt
172


The folly of root cause analysis
Wed, Jul 9th 2014 6:12a   Stephan H Wissel
IT support's dealing with management is a funny business. Whenever something goes wrong, support teams engage in "defensive blaming" and the elusive quest for a root cause. I've seen this quest (and blaming god and country along the way if it doesn't appear) taking priority over problem resolution and prevention. The twisted thought is: "If I'm not sure about the (single) root cause, I can't neither fix nor prevent it from happening again". Why is that a folly? It paralyses: If a pe [read] Keywords: application database google wiki
318


Documents vs eMails
Fri, Jul 4th 2014 6:14a   Stephan H Wissel
With a public sector customer I had an interesting discussion on non-repudiation, messaging and regulatory control. We were discussing how to ensure awareness of information that has behavioural or legal consequences. While "I didn't know" is hardly a viable defence, relying on the other party to keep themselves updated is just asking for trouble. In a collaborative environment, where a regulator sees itself primarily as the facilitator of orderly conduct and only as policing the conduct as s [read] Keywords: domino database email microsoft server wiki xml




187


The taxi loyalty program isn't working and how to fix it
Mon, Jun 16th 2014 10:11a   Stephan H Wissel
Singapore is a little like New York: train and taxis are a mainstay of the daily commute. So the taxi market is highly regulated and fiercely competitive. As no surprise taxi companies try to bind customers before they loyalty switches to alternative bookings or the disruptors. So Comfort & CityCab started CabRewards. After all loyalty cards work well for their inventor. In a smart move, instead of creating a new piece of plastic, Comfort teamed up with ezLink Singapore's leading provider [read] Keywords: admin administration application mobile wiki
671


Let's ditch IBM Notes and Domino
Thu, May 29th 2014 7:11p   Stephan H Wissel
Finally you decided it is time to move on, legacy no longer means "tried and tested" but "we need to move one" to you. After all you never really liked Cher. Notes data is available via LotusScript, dotNet (through the COM bridge), in Java, Corba, C++, XML, REST, MIME, so how hard can it be? Actually not very hard, you just need to: Find sutiable replacement application platform(s) Rewrite the applications (don't dream: there is no such thing as "migrate an app") Migrate your users Migr [read] Keywords: domino ibm lei lotusscript notes richtext xpages application applications community database db2 enterprise google integration java linux mobile server wiki xml
250


Value, Features and Workflows
Mon, May 12th 2014 6:11a   Stephan H Wissel
In sales school we are taught to sell value. Initially that approach was designed to defang the threat of endless haggling over price, but it took an extra twist in the software industry. Since software companies rely on user's desire to "buy the next version" to secure revenue from maintenance and upgrade sales, a feature war was the consequence. As a result, buyers frequently request feature comparison tables, driving the proponents of "value & vision" up the wall. It also creates te [read] Keywords: ibm notes application archive email outlook server wiki
428


You want to move to Domino? You need a plan!
Thu, Apr 17th 2014 6:12a   Stephan H Wissel
Cloud services are all en vogue, the hot kid on the block and irressitible. So you decided to move there, but you decided your luggage has to come along. And suddenly your realize, that flipping a switch won't do the trick. Now you need to listen to the expert. The good folks at Amazon have compiled a table that gives you some idea how much it would take to transfer data: Available Internet Connection Theoretical Min. Number of Days to Transfer 1TB at 80% Network Utilization T1 [read] Keywords: domino ibm xpages database java microsoft network office wiki




Created and Maintained by Yancy Lent - About - Blog Submission - Suggestions - Change Log - Blog Widget - Advertising - Mobile Edition