I have become a Manager

I have become an Engineering Operations Manager since early 2020 (of course with the help from my Special Mind Power Technique derived from Ancient Text of Confucianism) 

I am now managing 12 Senior Engineers, including 4 Leads, for ID&F products, hosted services & cloud services. 

Since then, I spent most of my time managing the people and the services. I have not got much time in developing something. Hence this space has been idle for some time. 

Today, I get to know there was one programming competition organized by Panasonic back in year 2007. Someone provided the winner list in Lowyat forum. Therefore I further studied the current status of the winners and came out with the table below. 

Rank	Name	College	Current Status	Current Company	Location	Remark
1st prize winner	Tan Aik Keong	MMU	Founder	Agmo Studio	MY
2nd prize winner	Chooi Kah Wai	APIIT	Technical Lead	PathDAO	MY
3rd prize winner	Simon Lim Hao Wooi	UTAR	Software Engineer	Canva	AU
Outstanding winner	Gan Eng Chin	UM	Senior Software Engineer	Automattic	MY	One of the early engineers in Experian CheetahMail
Outstanding winner	Fong Kha Chun	UM
Outstanding winner	Kwan Toh Choong	Curtin U of Tech	Digital Platform Design Manager	Shell	MY	11 years in Shell
Outstanding winner	Lee Chee Cheong	MMU				Last job as Technical Manager at iRadar Sdn Bhd
Outstanding winner	Tee Shu Hui	UTM	Senior Firmware Development Engineer	Micron Tech	SG
Merit Winners	Tan Kian Tat	MMU	Self-Employed			SAP Consultant since grad
Merit Winners	Lim Fang-Yin	UTAR				Active in Quora
Merit Winners	New Chin Jian	UM
Merit Winners	Choong You Qi	MMU	Staff Android Engineer	Setel	MY
Merit Winners	Chan Kin Meng	MMU	Founder CEO	Gameconomy	MY	Web3.0 Gaming
Merit Winners	Siew Lead Choon	UM				SAP?
Merit Winners	Yeoh Yan Pore	USM	GM	IHS Group
Merit Winners	Ernest Eg Ket Lung	USM
Merit Winners	Chan Chen Shyang	Curtin U of Tech	IP Consultant	Nokia	MY	Nokia till today
Merit Winners	Ahmad Irshad B. Abdul Hamid	UniTen	Software Engineer	Sage	MY
Merit Winners	Chua Fook Ching	MMU	Business & Integration Arch Specialist (SAP)	Accenture	MY
Merit Winners	Khor Yit Kean	TARC

Oracle SOA Composite SCAC-50012 error during Build

Earlier on my head was spinning for trying to resolve this SCAC-50012 error. JDeveloper throws out this error while building the SOA Composite. 

The compiler suggests me to go to a specific location for the scac.log file. It said the log should contain the detail for the error. 

Well yes there is error detail in the log. It says "could not initialize variable" and "the schema processor cannot find the element " blar blar. So I go ahead and check the blar blar WSDLs + XSDs. They all look perfect. So what the fuck is going on?

So I started all the "long troubleshooting process" which basically means multiple times of "Trial and Error". I removed this WSDL reference, removed that "Invoke Activity". For each change I will compile the whole thing. So I repeated this for every change. Just to narrow down where exactly has gone wrong. 

I did not perform all this in one day as I have other higher priority tasks to take care of. But on and off I will come back to this one as this problem slowly becomes a needle that keeps poking me every time the user asking for an enhancement for this particular SOA Composite. 

So today finally I managed to 'gotcha' the culprit that caused this bloody issue. It is due to the reference to a specific XSD in one of the WSDLs consumed by my SOA Composite is invalid. 

Lesson learnt. Next time the same issue comes to you, please don't "TRUST" the scac.log file. Just examine every WSDLs or XSDs in your Project. Some references may be invalid already.

Fixed Length File Without Delimiter and BeanIO

What happened is I have this IBM Mainframe's CobolCopyBook and I need to read a number of fields from there.

For your information the CobolCopyBook is a FixedLength file which has NO Delimiter.

My problem is that in my environment I have to stick to the BeanIO framework for the parsing. That means I cannot use the normal BufferedReader + substring way which is considered NOT SO ELEGANT way to solve this problem.

Also this is the first time I am using BeanIO. I found that the existing FixedLength utilities in BeanIO, such as the FixedLengthReader expects each line has a Carriage Return (CR or \r) or Line Feed (LF or \n). But it also allows the user to specify a "delimiter" to determine when to assume a Line.

Unfortunately in my use case, as I mentioned earlier , my file does not have any delimiter. Basically it is one string of characters. Worst still is one of the field always has the CR or LF character in it! What will happen is the BeanIO's reader will consider whatever after the CR or LF character is a brand new Line but the fact it is NOT!

To summarize, I have 2 problems here.
1) No delimiter to determine a new line
2) One of the field contains Carriage Return and Line Feed 

I was cracking head for these two problems and my colleague came out with some brilliant ideas. They suggested me to use OuterBean which contains the Target Bean as a Segment. Segment as one annotation is another BeanIO feature that does all the grouping or nested bean stuff. This approach will solve the "No Delimiter to break line" issue.

Another colleague suggested to create a custom java.io.Reader that extends from java.io.Reader and implements my own "read()" method. Because in the end BeanIO is going to invoke the "read()" method from the Reader object that is passed into its internal classes. So inside this read() method I will check if the character is either a Carriage Return or a Line Feed then I will return a space means I am actually replacing \n and \r with space. This will solve my second problem where the Carriage Return or Line Feed will cause BeanReader to take the characters after it as a new line.

So now I managed to fix these two problems with the OuterBean approach and Customized java.io.Readar approach. However this is not so complete because I don't like the replacing carriage return and line feed character with space.

public class CustomerOuterUserBean {

    @Segment(name="customerUserBeans", collection=ArrayList.class, minOccurs=0, maxOccurs=-1, type=CustomerUserBean.class )

    private List customerUserBeans = new ArrayList();

public class NpiFilterReader extends FilterReader {

    public NpiFilterReader(Reader in) {
        super(in);
    }

    @Override
    public int read() throws IOException {
        int read = super.read();
        if (read == '\r' || read == '\n')
            return ' ';

        return read;
    }

So I continued the journey and in the end I found a very very simple solution for these two issues.

What I did is to create a custom RecordParserFactory which manipulates a custom RecordReader and I overwrite the read() method for the custom RecordReadear. The read() method in the custom RecordReader  looks like follows:

public class MyFixedLengthRecordReader extends FixedLengthReader

    public String read() throws IOException, RecordIOException {

        char[] buffer = new char[300];

        if(in.read(buffer, 0, 300) != -1){

            return new String(buffer);

        }      

        return null;

    }

Note that in my use case my line is fixed at 300 characters per line.

This is the most elegant yet simple solution! Thank Divine!

Secure Web Services using Oracle Enterprise Manager Fusion Middleware Control

Ok. Recently I have been working on Web Service Security.

My web services are running on Oracle Enterprise Manager Fusion Middleware Control.

The security part has the following break down:

1) Authentication
Whether the service consumer is a trusted one. I am using the username-token to achieve this.

2) Authorization
In this case the service consumer is trusted. However it may not have the right to invoke the particular web service operation.

3) Transport Layer Security
TLS or SSL is generally used for transport layer protection. The idea is to encrypt every data during the transmitting process. I am yet to implement this.And I am not sure if I really need to do this in my enterprise environment. The reason is our web services are in a secure network environment. Our service consumers are all internal applications. So I am not going to cover the detail for this part in this post.

Ok. What we need to know next is all the WS-* stuff. This could take some time for you to read. And along the reading process you might get even more confusion. So I will tell you what not to be confused here, as follows:

WS-Policy VS WS-Security. WS-Policy and WS-Security are two different entities. WS-Policy is a Language, whereas WS-Security is a Conceptual Framework. 

Next we are going into the technical detail. Diagrams are not available because I am lazy to remove all the sensitive company and application name:

Scenario:
Create two users to call a particular web service and to invoke different service operations respectively.

1) You need to be aware, that for Oracle Enterprise Manager Fusion Middleware Control, the "User and Group" setup are controlled by Oracle Weblogic. The whole Oracle Enterprise Manager itself is running on Oracle Weblogic. So we are going to access two different "Portals", one is the Oracle Weblogic Administrative Console and another one is the Oracle Enterprise Manager.

2) Now our first step is to create a new user. Go to Oracle Weblogic Administrative Console -> Security Realm -> User and Group. Create your user there. Very easy. Just fill in the blanks only.

3)  I am not going to cover the "Group" because I want to keep this as simple as possible. Everything will be just "User". The "Group" is useful if you want to group different users into the same group and then instead of granting permission to multiple users you just need to grant permission to one group.

4) Now you don't need the Oracle Weblogic Administrative Console anymore. Close it kill it leave it fuck it. Our next focus is to login to the Oracle Enterprise Manager for the remaining steps.

5) I assume you have deployed your web service (to be exact, it is SOA composite exposed as a web service) using the Oracle Enterprise Manager.

6) Right click on your "domain" that hosts your SOA composite,  you will see "Web Service" appearing in the context menu. Go there and look for your particular web service and click it to go to the detail page. 

7) Go to the "policies" tab. Here you can attach any policies you like to your web service. In our case we should attach "oracle/binding_permission_authorization_policy" for Web Service Endpoint Authorization.

8) At the same tab, we must also attach a username token policy for "Authentication". Just attach any policy with the name username token. But of course you have to do this carefully. 

9) Ok. we are done with the "Attaching Policy" now. Next, go to your "domain" again. Right click on your domain and you will see "application policies" and "application roles". Using the "application roles", you can create a "role" that can consists of multiple users or groups for easier management. In our case I will just skip the "application roles" to make things simple. So we will just go straight to the "application policies".

10) At the application policies, Create an Application Grant. choose the user that you set up at step 2 as your "Grantee".

11) At the same page again, there is a section for "permission". Put something as follows:
Permission Class - oracle.wsm.security.WSFunctionPermission
Resource Name - your web service NAMESPACE/service name. Remember, it's the namespace, not endpoint address.
Permission Actions - your web service operation

Done. Now the Authorization part is completed.

12)  It is testing time now. I suggest you to create another user who is not granted any permission to the particular web service.  In fact I successfully made two different users to access to the same one web service but each of them are only authorized to invoke one particular service operation.

13) Where do you pass the username and password? In your SOAP Header. Remember to include the below part in your SOAP message.

My first Codenvy experience

Last year I have asked Divine to give me a chance to learn Cloud Development and recently my intention has got manifested. Thanks Divine! What happened was I was given a short assignment to quickly build one Web Application to read a CSV file and then display the data to webpage. The web application offers one function to the user, which is to allow users to select a specific date to filter the CSV data.

The thing about Codenvy is it puts everything on CLOUD! What I like most is the IDE itself is integrated with a lot of handy tools such as PAAS platforms and GitHub! 

What you need to do is just sign up! Then start coding! I picked up Spring MVC & JQuery in just one day! Imagine how this WEB IDE helped us to pick up new skill fast! Anyway of course my strong foundation in JavaScript and Java have contributed to my speed learning also. 

Here I list down my views on using Web IDE Codenvy: 

Pros

1. The IDE is fully integrated with PAAS platforms and Github. 
2. Code from anywhere with Internet and Browser! Your code will always be in the CLOUD! 
3. IDE provides the appropriate directory structures and libraries with some sample code! This plus the fully integrated environment help the developer to avoid spending time in setting up the coding environment. 

Cons

1. No auto suggestion. If you are using local IDE, you will find the auto suggestion helpful! With auto suggestion feature you don't need to go back to the API doc to find out if a certain variable or method is available to certain class. You just type dot and it will just pop out the selection list for you. Unfortunately Codenvy does not have this feature. 
2. You cannot print to Console. Somehow System.out.print does not work for Codenvy. You will not be able to see anything in the console if you are using the System.out.print command. 
3. No instant compilation. Instant compilation is very important to developer. I have wasted a lot of time to figure out what's wrong with my code to cause the compilation error without the help of instant compilation function. I strongly suggest Codenvy to include this feature in future because this is too important! 
4. You cannot use Call Hierarchy. Call Hierarchy is one of my favorite way to understand a program flow easily! It is very helpful when the developer needs to troubleshoot the program.  

Now I am serious about Design Pattern

I know it is kinda late. I have been writing program following a code structure defined by some other team many years back and somehow I did not go find out what are the design patterns.

As you all know design patterns are meant to solve common programming problems in the area of program's stucture, program's behaviour and etc. I have studied all the design patterns before but without really using them, I do not rally remember them too much. The problem is whether  is if design pattern really needed in the developer's environment.

Recently I found out that actually I did use design pattern without me knowing about it. LOL. What I can identify now is the Bridge Design Pattern where in my code I created a lot of interfaces to group all the commonly used methods from different classes together. For the detail explanation of the Bridge Design Pattern you may just read about it here ---> Bridge Design Pattern

In fact, I have also used the Factory Design Pattern. This helps optimize the program's memory consumption by reducing the number of times of "instantiation". For details you may just read up Factory Design Pattern.

By the way there are something called "Architectural Pattern" aslo. This is useful for higher level end to end solution.