Categories
bdg dev2dev Plumtree • BEA AquaLogic Interaction • Oracle WebCenter Interaction

BEA Participate

A quiet little announcement was made last week: BEA plans to host an ALUI (formerly Plumtree) and ALBPM (formerly Fuego) user conference! Suprisingly, I don’t see any references on BEA’s web site, on dev2dev or really anywhere else about it, so I thought I would take a minute to promote the conference here.

Could this be a response to some customer and integrator concerns that there weren’t enough AL* breakout sessions at BEA World 2006? Possibly. Could this be the final nail in the coffin that was once called the “Unified Portal Roadmap.” I’m not sure.

Regardless, you can bet that I’ll be there along with several other folks from bdg. Stayed tuned for more information here about how we’ll be involved as an event sponsor, exhibitor and perhaps even as a presenter. I expect that we’ll have a lot of fun, share a great deal of what we know about ALUI and learn a great deal more from ALUI customers and other BEA partners.

The full extent of the information that currently exists about this conference can be found at http://www.bea.com/participate. We’ll be watching that space for more info and also posting several more times about our specific role in the conference. I suggest you do the same.

One obvious question any customer or partner should ask is: if I’m getting my budget together for 2007 conferences, should I attend BEA World or BEA Participate? If you’re a current ALUI or ALBPM customer, it’s a no brainer: attend BEA Participate. But what if you’re a prospect who is considering a portal or SOA solution from BEA? If you can afford it, I would say attend both!

Comments

Comments are listed in date ascending order (oldest first)

  • Now I’m officially confused. Very weird that these are separate unless they’re using BEA World as a venue for “technical building blocks” and “Participate” to sell business collaboration / process solutions – that’s the only way I can see this.

    I have to be careful how I word this, so if the tone comes across in any way negative, well… that’s not my intention. IMO I would not attend BEA World again if it’s a repeat of last year’s.

    I loved Odyssey – it was well organized, had _great_ sessions targeted toward user education and productivity, and was all about the customer – sharing best practices, discussing common problems, and engaging in one-on-one w/ engineers and product managers. Sessions were focused on empowering the customer and making sure they were just a bit better at their jobs when they left. It was always worthwhile and our entire team (repeatedly) came away saying “glad we went.” Awesome stuff all around and did a lot to let the customers sell the solutions to other customers (always a better way to go).

    In attending BEA World last year I got the constant nagging sensation that it was a big (overt) sales conference and not really about the user and how to better utilize tools. ALUI was barely even on the map (which really bothers me). I didn’t have the sense that my needs were being addressed as much as in previous years and I really didn’t come away with anything “tangible” I could take back to justify the fee. The customer keynotes were cool, but beyond that we struggled to find value.

    Doing something with a “Participate” focus thing is a _great_ idea on the part of BEA if it’s about targeting the customer and helping understand how to succeed with the tools (and make friends along the way ;). Keywords: using the tools to succeed in business. That, IMO, was always the point to me in attending.

    Obi-wan – hear me. This should really be incorporated into BEA World for the benefit of your current and prospective customers. It will really boost the value of BEA World and do something to hammer home the fact that BEA and Plumtree are one company with one comprehensive suite (something Jay Simons’ web conference last year did a great job of explaining). Separating things like this … well… I get it, but it does imply a continued level of separation that customers expressed concern with last year.

    That said – and I sincerely hope that didn’t come across as negative – I’m excited to see what 2007 brings for the new products. Seeing a bit of what they’re cooking up, it’s nice to users finally getting past a lot of the geekware bits and into things they can build and use w/o IT bottlenecks. Very cool. Buy three 🙂

    Posted by: ewwhitley on February 12, 2007 at 7:28 AM

  • It’s not Obi-wan here, but Christine Wan and we’re definitely listening! BEA organized Participate to directly address the needs of business and IT users working with ALUI and ALBPM products. This is very much a forum for customers to gather and share best practices, to go deep with product managers and engineers and to hear the latest on new product developments.

    And it is an important complement to BEAWorld, providing much richer detail on these two specific product lines and more focus on bringing these specific users together in a forum where they can share experiences and ideas. The announcement last week was just a Save-the-Date. Stayed tuned, you’ll see a lot more information to come on the bea.com homepage and bea.com/participate.

    Posted by: cwan on February 12, 2007 at 2:09 PM

  • Hi, Christine 🙂 Very cool – I’m glad to hear this. We loved the “interactive” and focused nature of the Odyssey sessions. You guys did such a good job on that I think we just kinda got spoiled and expected something on that order for BEA World last year. That’s what happens when you make us too happy year after year 😉

    Posted by: ewwhitley on February 12, 2007 at 7:51 PM

  • I know that many customers I spoke with during and after BEAWorld echoed the same sentiment of being “underwhelmed” simply from being spoiled by Odysseys past. Along those same lines, an Advanced Developer Conference either as part of Particpate, an extension to it or separate from it would be awesome as well. I know that may be hard to do as part of this initial effort but it would be great at some point. We are definitely excited about it and all of this just builds anticipation until May.

    Posted by: kurtanderson on February 15, 2007 at 10:05 PM

Categories
bdg dev2dev Plumtree • BEA AquaLogic Interaction • Oracle WebCenter Interaction

WLP + Adrenaline = ALI?

I recall sitting in a meeting in 1998 where we were discussing how to aggregate portlet content into a portal page. We talked a lot about iframes but couldn’t consider them as a serious integration option because of security, scalability/performance, caching and portal-to-portlet communication. Instead, we spent the next year building and testing the HTTPGadgetProvider, which later came to be called the “(Massively) Parallel Portal Engine.” (The term “Massively” was later dropped and I believe the name “Parallel Portal Engine” or PPE for short finally stuck.) I won’t go into details about how the PPE works, but if you’re interested, you can check out this great page in edocs that sums it up nicely.

So anyway, iframes are certainly reasonble way to build a portal in a day. But, in terms of building a robust enterprise portal that can actually withstand the demands of more than say, ten users, and that will pass even the most rudimentary security evaluation, iframes are complete nonsense.

So, today, during my lunch break, I attended Peter Laird’s Webinar, which he advertised in his nascent blog. It was all about enterprise mashups, a topic by which I’m very much intrigued. (Recall that PTMingle, my winning entry in the 2005 Plumtree Odyssey “Booth of Pain” coding competition was a mashup between Hypergraph, Google Maps, del.icio.us and Plumtree User Profiling.)

Imagine my surprise when Peter described how you can mash up Google “Gadgets” and other resources available via URLs using Adrenaline, a “new” technology from the WLP team based on, of all things, iframes. It was like entering a worm hole and being transported back to 1998. (I was single again, I had no kids, I was thinner and I had more hair on my head . . . and less on my back.) But the weird thing about this parallel universe is that BEA engineers were telling me that iframes were a great way to mashup enterprise web content and that intranets all over the world could benefit from this revolutionary concept. Intranets? You mean the things that everybody replaced with portals in the last millennium? Iframes? I must have been dreaming . . . .

When I finally came back to my senses, a few things occurred to me.

First of all, it’s 2007. Portals are a thing of the past. For some of us, that will be a hard pill to swallow. But let’s face it, innovators have moved on to blogging, wikis, tagging/folksonomies and lots of other nice web 2.0 sites that all have rounded corners. The bleeding edge folks have decided that many is smarter than any. The rest of the world will catch up soon.

Secondly, if you are still building a portal or composite application of any flavor, iframes are not a viable solution. They fall short in the following ways:

Portal-to-Portlet Communication

Say you want to send information (like the name of the current user) down to a portlet running in an iframe. Hmmm, the request for an iframe comes from the browser, not from the portal. So, if anything needs to be passed into the iframe, I guess you have to put in in the URL in the request for the iframe. That’s great, but that URL is now visible in the page’s source. So a simple, “Hello [your name]” portlet where the portlet gets the name from the portal is doable. But what about passing a password? That information would need to go first to the browser and then back to the remote tier, which, from a security standpoint, is a complete showstopper.

Security

Let’s talk a little more about security. Since you’re using an iframe, the requests aren’t proxied by the portal. Instead, a page of HTML gets sent from the portal to the browser and then the browser turns around and makes requests to all the iframes on that page. Since the portal isn’t serving as a proxy, it can’t control what you do and don’t have rights to see, so security is completely thrown out of the window. (Or should I say, thrown out of the iframe?) Moreover, in an enterprise deployment, the portal usually sits in the DMZ and proxies requests out to bits and pieces of internal systems in order to surface them for extranet users. If you’re using iframes, every bit of content needs to be visible from an end user’s browser. So what’s to stop an end-user from scraping the URL out of a portal page and hitting a portlet directly? Nothing! (If I understand what I’m reading correctly, the WLP team is calling this a feature. I would call it a severe security risk.)

Scalability/Performance

Yes, this approach will work for Google Gadgets. But Google has more money than pretty much everyone. They can afford to spend frivolously on anything, including hardware. However, the rest of the world actually cares about the kind of load you put on a system when you create a “mashup.” A page consisting of five iframes is like five users hitting the sites with five separate requests, separate sessions and separate little “browsers.” If any of the iframes forces a full-page refresh or if the user does the unthinkable and say, moves to another page, every request is reissued and the mashup content is regenerated. This simply does not scale beyond a few users, unless you have as much money and as much hardware as Google does.

Caching

A properly designed portal or content aggregation engine will only issue requests to portlets when necessary. In other words, each remote portlet will only get a request if it needs to be loaded because the portal doesn’t have a cached entry. Unfortunately, you can’t do this with iframes because the portal doesn’t even know they exist. (Remember, all requests for iframe content go directly from the browser to the remote content, bypassing the portal entirely.)

What baffles me is why a company would acquire another company with a revolutionary technology (the PPE) and then start from ground zero and build a technology that does the same thing but without a portal-to-portlet communication model (preferences), security, scalability or caching. If consumers weren’t already confused, now they most certainly are.

As technologists, I hope you can see through the hype about Adrenaline and consider a product that actually allows you to mash up web content in a scalable and secure way and has been doing so since 1999. It’s called AquaLogic Interaction and it’s sold by a company we all know and love called BEA.

Comments

Comments are listed in date ascending order (oldest first)

  • I just discovered that the BID/AquaLogic (formerly Plumtree, Fuego, Flashline, etc.) folks are having another webinar, entitled “Harnessing Enterprise Mash-ups with Security and Control.” This webinar (I hope) will show:
    1. how ALI has been handling mashups since before mashups was even a buzzword and
    2. how Project Runner enables next generation mashups that allow you to invoke back-end applications and provision security, branding, SSO, etc. without actually funneling everything through the portal.

    If you were at today’s webinar and you’re now wondering how to do mashups with more robustness and security, then I hope you’ll attend this webinar. By all means, it’s just the responsible thing to do in order to offer customers different integration options when creating their mashups.

    Posted by: bucchere on January 10, 2007 at 7:31 PM

  • I’d like to add a couple points of clarity from BID product management. First of all, we’re happy to have passionate developers, but I fear this post may give the wrong impression about some of BEA’s technology and plans.

    WLP Adrenaline, ALUI, and project Runner are all complementary technologies that have a very exciting future when applied to problems such as Enterprise Mashups. You’ll be hearing more about them from BEA over the coming months through various venues, including Webinars targeted at WLP-specific use cases (such as Peter’s excellent talk) and ALUI use cases (including tomorrow’s Runner Webinar). There will also be the usual blogging and other activities.

    Just as WLP and ALUI product teams are aligned, these different technologies are aligned. Adrenaline offers WLP customers a way to extend their reach in fundamentally new ways, and Peter will expound on some technical subtleties to address some of Chris’ concerns. Runner, too, is very exciting, enabling a completely different set of use cases. As the details unfold we’ll demonstrate how well aligned these technologies are — just wait until you see them working together!

    – David Meyer

    Posted by: dmeyer on January 10, 2007 at 10:41 PM

  • Just for those that don’t know about Adrenaline, here’s an article introducing Adrenaline.

    Posted by: jonmountjoy on January 11, 2007 at 12:19 PM

  • Chris,

    As David writes, BEA is moving ahead with multiple approaches to address the enterprise mashup space. My webinar covered the approach WLP is taking, and in no way implied that ALUI is not also a viable player in this space. We offer our customers a choice of products, and different products make sense to different customers.

    As for the specific issues you raised:

    ** Technical Reply

    Good technical points, but I think you overemphasized the role of iframes within WLP. Let me cover the two places we showed the use of iframes:

    Use Case 1: injecting a portlet into a legacy webapp

    Demo: An iframe was used in the demo to inject a portlet into a legacy static html page with almost no modification to that page (one line change).

    WLP does support an alternative approach – an Ajax streamed portlet. I simply did not have time to demo it. Also, this is not a portal use case for including external non-portal content into a Portal; instead it is the inverse, which is to publish existing portal content into legacy web applications . It was intended to show a very inexpensive way to energize a dated application until it is rationalized into a portal. The focus here is on minimizing cost of supporting legacy, while building portlets in transit to a portal solution.

    Use Case 2: WLP as a Mashup composition framework

    Demo: Iframes were used to pull in non-WSRP capable components (e.g. Google Gadgets) onto a WLP page

    First, as background info, the WLP architecture supports the rendering of various types of portlets:

    • Local portlets (deployed within the webapp, JSF, JPF, etc)
    • WSRP portlets – an advanced remoting approach which handles security, inter-portlet communication, etc…
    • Iframe portlets – an available remoting approach
    • WLP partners with Kapow for remote clipped portlets (similar to the ALUI approach)

    In regards to this use case, you brought up specific concerns:

    Security

    Concerns about shared authentication were noted in my talk. If components come from outside the enterprise, there is no easy solution to that problem, regardless of what product you are using. However, I spoke of a couple approaches in the webinar, including SAML.

    If those components come from inside the enterprise, the security hacks you were referring to are generally not necessary. Our customers that expect SSO have a web SSO solution (typically, cookie powered, not password in the URL powered) in place within the enterprise.

    Caching/Performance

    The most serious concerns of yours appear to be performance related. Specifically, the concern is that a full page refresh of a page that contains N number of iframes will cause an N+1 number of requests. To expand on your concern, I will add that this is not only seen in pages with iframes, but also pages that use Ajax to pull in data. I would say that there are several reasons why this does not invalidate WLP’s approaches:

    1. Mashup pages with lots of iframe portlets approach

    Google Personalized Home Page makes use of iframes to implement their mashup framework. Many of the Gadgets on the page are rendered with an iframe. But you are mistaken in saying that this scales because Google is throwing tons of hardware at the problem. The iframe Gadgets rendered in GPHP are rendered not by Google, but by 3rd party gadget hosting servers around the world. Google does NOT have to process those iframe Gadget requests, it is a distributed approach. Likewise, you could create a WLP page where most of the portlets are iframe portlets that hit a distributed set of servers, if that makes sense. Or…

    2. Mashup pages with a mixture of portlets

    The 2nd demo in my webinar wasn’t showing a page with all iframe portlets. Rather, what the demo was showing was a WLP page with a couple of iframe portlets mixed in with local portlets. As shown above, WLP supports a number of portlet types, and a good approach is to build pages that are a mixture of that set.

    3. Ajax helps minimize page refreshes

    Your concern about iframe performance stems from the case in which the entire page refreshes. With the usage of Ajax becoming common, plus with WLP 9.2 built in support for auto-generating Ajax portlets, this impact can be minimized. Page refreshes are becoming more rare. With WLP 10.0, which releases in a few months, the Ajax support has been expanded to support Ajax based portal page changes, further reducing the liklihood of a page refresh.

    4. The “Bleeding Edge” guys are also using browser based mashup approaches

    You referred to the “Bleeding Edge” technologists in your blog as the people that are doing things correctly. What are they doing? Some of the time, those guys are doing browser based Mashups. They often use a combination of iframes and Ajax from the browser to implement their mashups. So the same approach that you dislike is already in common use across the web.

    ** Market Reply

    You state “Portals are a thing of the past”. An interesting opinion, but just that. IT cannot afford web sprawl, and so a framework for rationalization will always be in demand whether you call it a Portal or something new.

    New technologies continue to provide alternatives to existing methodologies and portals are no different. However, one thing that has distinguished portal frameworks is their ability to embrace new technologies. Struts, WSRP, JSF are all examples of this as are the Web 2.0 constructs like mashups and rich interfaces based on Ajax. This is all good news as the enterprise has a wealth of options to choose from.

    Posted by: plaird on January 11, 2007 at 2:56 PM

  • I must say, as a customer and developer, it’s great plumtree (I mean BEA, or is it Oracle) management allows you guys to express your own opinions. It so happens I’ve spent quite a bit of time trying to get JBoss Seam (and Ice Faces) to work with Aqualogic 6.1. I’ve been looking at the IFrame route, because the gateway stuff just isn’t working (it doesn’t properly rewrite the URLs for the Ajax stuff). I’ve come to hate the gateway. I bet it was a great idea before Ajax, but now it seems like almost every web 2.0 application is incompatible (needs major modification to get it to work). Or maybe I just don’t understand how to get it to work. Is there any good documentation on it? I’m hoping for some major improvements when 6.5 comes out though.

    Posted by: cmann50 on April 4, 2008 at 2:28 PM

Categories
bdg Plumtree • BEA AquaLogic Interaction • Oracle WebCenter Interaction

Podcast Episode 4: bdg’s take on BEA’s Unified Portal Roadmap

bdg-podcastI’m very pleased to announce that we’ve finally laid down the fourth episode of our podcast, nearly a year after Episode 3!

A lot has happened, a lot has changed, but a few things have stayed the same, including our trivia contest. Check out this episode’s question and e-mail us at [email protected] if you think you know the answer.

A good chunk of this episode covers bdg’s take on BEA’s Unified Portal Roadmap. You can read this press release if you want to get the official word from BEA Systems. Again, I want to remind everyone that I don’t work for BEA, so any opinions expressed on this blog or in the podcast are solely those of Chris Bucchere and bdg.

Enjoy the latest addition to the podcast and be sure to leave me a comment here if you like what you hear (or if you don’t).

Categories
Plumtree • BEA AquaLogic Interaction • Oracle WebCenter Interaction Software Development

Is Plumtree an “open” platform?

“We call this re-imagining Radical Openness. Radical Openness is our strategy to offer both J2EE and .NET versions of our entire application management framework, new points of integration for synchronizing the Enterprise Web environment with systems of record as well as desktop tools, and the ability to embed Enterprise Web services in any Web application,” Kunze continued. “Ultimately, we believe the way applications are being developed is fundamentally changing, and that with the Enterprise Web, applications can be developed in greater volumes, at lower cost, and on a wider variety of platforms than ever before.” –John Kunze, CEO, Plumtree, Inc. (excerpted from a 2003 press release).

bdg‘s response to this is that in some ways it is and in some ways it isn’t.

Plumtree is Open:

  • It runs on Windows (.NET or Java) or Solaris (Java)
  • It can embed portlets from anything that speaks HTTP(S)
  • It uses SOAP over HTTP for Crawlers, Authentication, Profiling and Search
  • It uses other nice, open-ish technologies like XML, SQL, HTML, CSS, Javascript
  • It runs on SQL Server or Oracle

Plumtree isn’t Open:

  • It only runs on only Windows and Solaris, not AIX, HP-UX, Linux, or any other *nix
  • It’s entire codebase, though highly pluggable and configurable, is proprietary
  • It uses proprietary headers (CSP, which stands for Content Server Protocol, no relation to Plumtree’s Content Server, don’t ask 🙂 to communicate information to and from portlets*
  • It only runs on SQL Server and Oracle, not MySQL or any other RDBMS

*Plumtree does support both WSRP and JSR-168 through plug-ins, though they limit functionality to some degree (more on this later).

I should preface all of this by saying that I still believe Plumtree is far and away the “best” portal solution for most mid- to large-size corporate intranets and even extranets for a whole host of reasons. I mean really, why would I bet my company on it if I didn’t?

However, it’s easy to confuse “open” with “pluggable” when they are in fact very different. When I hear things like, “my web service is written in Ruby on Rails, but .NET, Java and PHP clients use it all the time,” then I think “open.” (And no, if you’re wondering, I’ve never actually heard that, not even from Dave Thomas.) When I hear, “sure, you can replace the page navigation in my presentation layer, but only if do it with Tapestry” then I think “pluggable.”

Plumtree’s UI is pluggable; their WS/PRC server, EDK, CWS, AWS/PWS and SWS architectures are open; and their Portlets are, well, a little of both: they’re very open in that you can write them in anything that speaks HTTP(S), but only if you do it with their proprietary headers, but then, well, you can use JSR-168 or WSRP to get around that, but then, well, you can’t get all the functionality like Adaptive Portlets . . . .

When it comes to Plumtree’s Portlets (or Gadgets as they used to be called), it almost sounds like I’m arguing with myself.

In summary, if you’re looking for a proprietary product that’s built on some open standards that you can extend using open standards (sometimes) but that only runs on certain platforms, well, then Plumtree is for you.

While I’m not in the business of making excuses for Plumtree, I must say that every time a company with a proprietary enterprise software product needs to support a new OS or browser or database or “thingy” they need to run that combination through a testing matrix that grows exponentially each time you add a new “thingy” to it. That is a royal pain in the proverbial backside.

The complexity of the testing matrix alone is a great argument for open sourcing everything. (And yes, I understand that open and open source are not the same thing.) While I do see merit in commercial, proprietary software, I assure you that if Plumtree’s code base were open source it would already be running wild on Linux. Why? Because I would have compiled it myself. 🙂