In my previous post, I was talking about the JSON-P standard for mashups. It's very handy, but more of a "convention" than a true standard... Nevertheless, it's very popular, including support in jQuery and Twitter. In this post I'm going to discuss what some consider to be the modern alternative to JSON-P: Cross-Origin Resource Sharing, or CORS for short.

Lets say you had two applications, running at app1.example.com and app2.example.com. They both support AJAX requests, but of course, they are limited to the "Same-Origin Policy." This means app1 can make AJAX requests to app1, but not to app2. Let's further assume that you'd like to make a mashup of these two app at mashup.example.com.

No problem! In order to enable cross-origin AJAX, you simply need to make sure app1 and app2 send back AJAX requests with this HTTP header:

This is easily done, by adding one line to the Apache httpd.conf file on app1 and app2:

DONE! Now, with standard AJAX calls you can host a HTML page on mashup.example.com and connect to app1> and app2 using nothing but JavaScript! There are about a half dozen additional Cross-origin HTTP header that you can set... including what methods are allowed (GET/POST), how long to cache the data, and how to deal with credentials in the request... naturally, not all browsers support all headers, so your mileage may vary!

Not to mention, because the XmlHttpObject is used, CORS has much better error handling than JSON-P. If there's an error accessing a file, you can catch that error, and warn the end user. Contract that with JSON-P, where there's no built-in way to know when you can't access a file. You can build your own error handling, but there's no standard.

Nevertheless, I still prefer JSON-P for mashups. Why? Well, it boils down to two things: performance, and security. I'll be covering the specifics in part 3 of this port.

In a recent project, I had a client who wanted to resurface Oracle UCM content on another web page. The normal process would be to use some back-end technology -- like SOAP, CIS, or RIDC -- to make the connection. But, as a lark, I thought it would be more fun to do this purely as a mashup. I would need to tweak UCM to be more "mashup-friendly" -- I'll be sharing the code (eventually) -- but first I needed to do some research on the best mashup "standard" out there.

UCM supports JSON, but that's not enough for a true mashup. The problem is that even though UCM can send back JSON encoded responses, you cannot access this data from a different web page. This is because of the "Same-Origin Policy" in AJAX. Basically, you can make an AJAX call back to the originating server, but you cannot make it to a different server. This is quite annoying, because then you can't "mash-up" UCM content onto another web page using just JavaScript. The best mashup APIs -- like Google Maps -- can't use AJAX because of this limitation.

Many developers consider this 'security' feature quite odd, because it's totally okie-kosher to include JavaScript from other people's web sites... so why not AJAX? Knowing full well that this was kind of stupid, some developers came up with a 'convention' for fixing it: "padded JSON," or JSON-P. This means 'padding' a standard JSON response with a callback, and then calling that callback function with the response. For example, if you called the PING_SERVER service with JSON enabled, with a URL like so:

You would get back the following JavaScript response:

You would then use the standard AJAX XmlHttpResponse object, parse this JSON data, then do something with the message. My jQuery Plugin for UCM does exactly this... but of course has the limitation that it will only work on HTML pages served up by UCM. You can use fancy proxies to bypass this limitation, but it's a pain.

Instead, if UCM supported 'padded JSON', the process would be different. The URL would look something like this:

And the JavaScript would instead look like this:

In this case, the callback=processData parameter triggers the server to 'wrap' the JSON response into a call to the function processData. Then, instead of using the XmlHttpResponse object, you'd use good old-fashioned remote scripting. Like so:

Notice how we define a function on the page called 'processData.' When the UCM response returns, it will call that function with our response data. The beauty here is that you can put this JavaScript on any web page in your enterprise, and connect directly with UCM with nothing but JavaScript. Pretty nifty, eh?

Now... JSONP is a good idea, but it's about 5 years old... A lot of newer browsers support a slightly different standard: Cross-Origin Resource Sharing. It's an actual standard, unlike JSON-P which is more of a convention... the purpose is to safely allow some site to violate the silly "Same-Origin Policy". I'll be covering CORS in part 2 of this post, including the security enhancement. But, in part 3 I'll explain why I still prefer JSON-P, provided you add some extra security.

I gave two presentations at Oracle Open World this month... one on Integrating WebCenter Content: Five Tips to Try, and Five Traps to Avoid! I broke it down into the big sections: contribution, consumption, metadata, security, and integrations. Special thanks to IOUG for sponsoring this talk!

My second talk was a case study based on a big project that completed recently, integrating WebLogic Portal, UCM, E-Business Suite, Autonomy IDOL, and a whole bunch of other stuff to make a global e-commerce web site. The client is in a highly regulated industry, and I was unable to get permission to use their name... but if you're curious about the details ping me!

The WebCenter Portal team has put together a VirtualBox virtual machine to showcase the WebCenter Portal product. You can download it from Oracle. It's a big one: clocking in at 30 GB, so pack a lunch before downloading it.

The install instructions are pretty good for Windows and Linux clients... but if you're on a Mac (like me), it's missing one important tip. The file REAVDD-HOL-WC.ovf contains the information needed to import the files into a VirtualBox VM... but if you're running the free version of VirtualBox, it chokes on the import every time. The culprit is this line:

If you're on Windows, and have a D drive, this works fine... but if you're on a Mac (and probably Linux), this will break the import. The fix? Use this XML instead:

And re-do the import... you'll need to re-set-up sharing once it's running. But at least now it will have a valid path!

NOTE: This is just meant to be a sandbox for testing integrations, and the like. It's not meant to be placed into a production environment... but, like all demo code, I'm sure I'l find it floating around in production eventually... and have to make it work.

I was always a bit little skeptical about the initial mobile offerings for UCM and WebCenter. They never impressed me, because I felt strongly that these apps were fundamentally flawed in their design...

Why? Because they focused on being Mobile Applications instead of Mobile Web. The first time I held an iPhone, I noticed that it was running a browser that supported HTML5. The first Android was the same. This was at a time where HTML5 support was rare on desktop browsers, and few developers knew how to use it. Nevertheless, I predicted years ago that it would be the future... HTML5 was so powerful, that Flash and native mobile apps were unnecessary for 95% of applications. Many clients asked my advice on mobile apps, and my answer was always the same: "Skip native apps, and focus on the mobile web!"

This week, Oracle announced their next generation of the ADF Mobile toolkit... and (as I predicted) they are going the same route! Native code is no longer the focus: previously, you would create an ADF component, and it would be compiled down into native iOS or Android controls. No more! The next version will compile to HTML5 and be rendered in the mobile browser!

How can this be? With a technology called PhoneGap. It allows you to create your application in nothing but HTML5, render it in a browser, and still access native functionality (camera, location, files) with JavaScript functions. It's basically a wrapper around the built-in HTML5 browser, plus a plug-in library, which together give you an extremely powerful development environment. The next generation of ADF Mobile will be an ADF wrapper around PhoneGap, plus a few extra goodies (that I'm not allowed to talk about yet!). They call these hybrid applications because they are mostly HTML5, with a tiny bit of native code mixed in.

Well, what about those candy-coated user interfaces? How do I get those? The same way as always: mobile JavaScript toolkits. There are several available that can make very attractive interfaces, that render in any smartphone:

• jQTouch
• jQuery Mobile
• Sencha Touch

If you prefer to roll-your-own UI, I'd recommend Zepto as a minimalist framework instead...

What's next for the web, then? I believe that mobile application development will be the biggest driver for the adoption of HTML5 browsers. Yes, probably only 10% of mobile phones are HTML5-enabled smart phones... but people cycle through cell phones every 2 years. Compared that to the enterprise, some of which stubbornly refuse to upgrade from IE6!

I'd bet 90% of Americans will have a HTML5 mobile phone, before 90% of them are off IE6! Sad, but true... but good news for mobile developers!

UPDATE: Dang it! Just as soon as I blog about this, Adobe goes and purchases PhoneGap! What does this mean for Oracle? Tough to say... it's probably a good thing, since most of PhoneGap is open source. The only piece that's not Open Source is their nifty build engine. But, since Oracle already owns their own build engines (jDeveloper and Eclipse plugin), this is not a stumbling block.

UPDATE 2: It appears that Adobe has done "The Right Thing" and is submitting PhoneGap to the Apache group, and re-branding it as Project Callback. This will hep cement it as "the standard" toolkit for mobile app development.

PowerPoint is a necessary evil... everybody is expected to give presentations in it, but few people are good at it. They cram too much information into one slide, and pack them full of data that might better go in a report. Presentations work best when used to persuade, it's an awkward tool when you try to educate. There's a reason PowerPoint was banned by the Pentagon:

"PowerPoint is dangerous because it can create the illusion of understanding and the illusion of control" -- Brig. Gen. H. R. McMaster

But alas... we're still stuck with PowerPoint... so we should probably make the best of it!

One of the ways to make PowerPoint presentations more compelling is to tell a story... unfortunately, most people are pretty bad at telling stories as well. There's an entire industry created around corporate storytelling that trains people how to engage your audience with a full-fledged story... but there's an even simpler approach. The creators of South Park stumbled on a formula that they still use to assemble stories:

These same rules can apply to making a PowerPoint presentation flow like a story.

You initially assemble your main points -- which is usually the hard part. Then, when assembling your points to tell a story, try to transition between your points with the word "therefore," or the word "but." Like so:

• Slide 1
• therefore...
• Slide 2
• but...
• Slide 3
• therefore...
• Slide 4
• but...

Simple, no? You'll be surprised how much better your presentations will "flow" from one point to the next with this method.

Naturally, not all presentations can fit into this pattern... for example, "Top 10" presentations flow numerically from one point to another... so if people doze off they can pick up the next chunk at the start. Also, there may be times where the dreaded "and then" transition is needed, such as when a point needs to be communicated over several slides.

Nevertheless, if you try hard to use better transitions, your story will be more compelling, and PowerPoint will be one notch less evil.

Open World is barely a month away! I'll be heading there early for some Oracle ACE briefings and the like... I'm normally a "broadcast only" Twitter user, but when I'm at conferences I check it all the time, and tweet with location services on. If you want to meet up, just message me!

@bex

I have a couple of sessions this year... unfortunately they are all on Thursday! Dang it! I was hoping to leave the conference early -- since Michelle and I are having our first kid, and her due date is a few weeks after Open World. Alas, the scheduling gods were not with me:

• Session: 10843
  • Creating a Global E-Commerce Site with Oracle E-Business Suite and Oracle Fusion Middleware
  • Thursday, 12:00 PM, Intercontinental - Intercontinental Ballroom B
• Session: 9539
  • Integrating ECM into Your Enterprise: 5 Techniques to Try and 5 Traps to Avoid
  • Thursday, 03:00 PM, Intercontinental - Telegraph Hill

I know picking Open World sessions can be a bit of a baffling ordeal... so if you're pressed for time, I'll suggest a few tips. If you want to see WebCenter based content, check out the WebCenter partner sessions. Lots of good stuff there. If you're curious about non-WebCenter products but don't know where to start, I'd recommend the Oracle ACE sessions over just about everything else. ACE sessions are a good bet: speakers are usually very knowledgeable, very passionate, and very excited to share what they know. Translation: minimal marketing fluff. You don't get the title "Oracle ACE" by being a self-promoting fool!

Well... at least most of the time Oracle ACE's aren't self-promoting fools... there are exceptions.

I've been in Seattle for about a year now... because of my travel schedule, I haven't had a chance to do much networking with the local tech community. Until last night, that is!

I asked some of the guys from Minne* back in Minneapolis if there was anything like their group out here in Seattle. Graeme pointed me to a few twitter feeds and stuff to get started.

I decided to follow Seattle 2.0 on Twitter, which pointed me to the Hops-and-Chops happy hour. Thursdays at 7pm at the Auto Battery, a bar that Yelp tagged as "LOUD". Hrm... I wasn't quite sure what to expect when I arrived: how will I know it's them??? Luckily there was one big table with skinny 20-somethings, and I overheard the words "Ruby" and "Rails", so I introduced myself.

One of the guys -- Leo -- told me about his experience the first time he came there. His technique was to wear a painfully geeky t-shirt and walk around until somebody invited him to have a drink. Nifty trick...

The Hops-and-Chops crew appeared to be 70/30 blend of geeks to entrepreneurs. Two guys there said this was typical, and also pointed me to Seattle Lean Coffee... but they warned that there weren't going to be very many developers at that one: more entrepreneurs and "connectors". Not surprising... I'd wager these factors kept the techies away:

• morning meeting
• mandatory pants
• no beer

The Hops-and-Chops guys are also having a BBQ on Monday as well, and with luck it wont be rained out! Hopefully I'll eventually stumble upon something more like Minne* around here. My first reaction to the Seattle scene is that there appear to be tons of miscellaneous meetups and not much central co-ordination. A few dozen folks here and there, and maybe a big event with a few hundred... Meanwhile, back in Minneapolis, the last MinneBar un-conference sold out 1200 tickets!

The Seattle Bar Camp was held a few weeks back. I was bummed to miss it... But, since I was in Budapest at the time, I had a good excuse!

If anybody has any other recommendations, please leave it in the comments... then hopefully there will be a Part II in this series!

CORRECTION: looking around I now think they were pointing me to Open Coffee and not Lean Coffee... I'll check out both of 'em just to be safe.

Jump The Shark: (verb) a term to describe a moment when something that was once great has reached a point where it will now decline in quality and popularity.

Oracle MIX is a social software app to connect people in the Oracle universe. It was launched back in 2007 by The Apps Lab so people could network and stay connected during (and after) Open World. It was at the time the largest JRuby on Rails site out there. It's a decent site, and you Oracle monkeys should check it out...

I believe in 2008, they decided to try something new: allow the community to "suggest a session" for Open World. They had ten slots at Open World, and everybody was encouraged to submit a session for consideration, and vote on what they liked. The ten sessions with the most votes would get to present at Open World.

This was also a great idea... It was the ideal place for sessions outside the mainstream to get a voice at Open World... technology that might be too "bleeding edge" for a general audience, but is the bread-and-butter of geeks who only hit one conference per year. Social software, mashups, open source, installing Oracle on a Roomba... you get the idea. If you want to do a mainstream talk about a mainstream product, then submit it through the normal channels to the Open World committee... If your session isn't picked, then it probably wasn't good enough.

This model worked fine in 2008, 2009, and 2010... but I think something went really REALLY haywire this year...

MIX, being an open community, allowed people to take the voting data and mash it up in interesting ways... Greg Rahn over at Structured Data did exactly this, and presented his data analysis of the votes. Just looking at the data I saw a lot of anomalies, but to me the smoking gun is this:

• Number of users who voted for exactly one author: 828
• Number of users who voted for ALL sessions by EXACTLY one author: 826

Well, that ain't right... once you dig further, you see what probably happened: the Oracle MIX community has been invaded by a spammer...

Specifically... somebody out there has a mailing list with a few hundred people, and contacted them all asking for votes. Probably repeatedly. I don't know about others in the MIX community, but I personally got three such emails begging for votes... One of them was so shady it probably violated Oracle's Single-Sign-On policy. The line between self-promotion and SPAM is fuzzy... but it was clearly crossed by a lot of people this year.

I know what you're thinking... must be sour grapes, eh? But no, I did not submit a MIX session. Oracle was kind enough to approve both of my Open World presentations this year, so I thought the gracious thing to do would be to leave the MIX sessions for the community... so I'm very disappointed in the behavior of these people.

The rules as-is are broken... based on Greg's data, 200 people at Microsoft could all vote for sessions like "Reason #6734 Why Microsoft Rocks and Oracle People are Big Fat Stupid Heads"... and they'd win every slot.

All communities have this problem... once they become popular, they become valuable. Once they become valuable, some people try to extract more value than their fare share. Many large sites implement some form of moderation or karma points to keep cheating to a minimum... I think it's about time MIX did the same. I have a few ideas for "guidelines":

1. promotion via tweets and blogs is allowed and encouraged
2. mass communication via emails or social networks will be considered "social spam," and grounds for disqualification
3. "down-voting" like Digg should be enabled to further prevent spammers from carpet-bombing their way to the top
4. sessions should be outside of mainstream Oracle talks: sessions similar to ones given at Open World are discouraged
5. a maximum of two talks can be submitted on behalf of an individual, organization, or community group
6. a maximum of one talk can be selected on behalf of an individual, organization, or community group

Of course, this isn't perfect... the top 10 slots could still go to people with 1000 employees, and therefore 1000 reliable votes! Probably the ideal situation is to randomly select some Oracle ACEs to be the judges every year, based on community input. Not ideal, but really hard to rig...

So... how many of you feel like you were "spammed" this year?

UPDATE: Oracle is soliciting opinions for what worked and what didn't this year. If you have an opinion about what should be fixed, please leave a comment on their blog or contact Tim Bonnemann directly.

In case you weren't able to make it to IOUG Collaborate last month, you can feel free to peruse my presentations in the privacy of your own home ;-)

My first one was on UCM implementation patterns... or in general, what customizations/integrations are common for UCM, and how do we do them? That was pretty well attended:

I also presented on the Top 10 Security Vulnerabilities in web applications. This is my own take on the popular OWASP Top Ten presentations on the same subject. Many thanks to the OWASP people for compiling the top ten, and getting the word out about security:

In addition to these two, I gave presentations on managing a multi-language web site, and a fourth one on the next generation of Oracle Collaboration Tools, also known as Oracle Fusion UX Applications. Oracle was kind enough to give me a sneak peek at Fusion UX, and I was quite impressed, and volunteered to help spread the word.

Enjoy!

It's less than one week away!

I'm giving 4 presentations at Collaborate 2011 this year, but by some cruel, cruel, cruel twist of fate, all four of my presentations are on Wednesday... Seriously, like back-to-back starting at 8am. Yeesh! I apologize in advance if I bump into you on Wednesday and then run away... I won't have much time to chat with this schedule:

• 8:00am: Implementation Patterns for Oracle Universal Content Management
• 9:15am: Fusion Applications User Experience: Transforming Work into Insight
• 10:30am: Top 10 Security Vulnerabilities in Web Applications
• 1:00pm: Creating and Maintaining an International Web Site

Talk about variety! I'll start you off with some general UCM information, then show off the next generation of hyper-connected Oracle collaboration tools, followed with a reality check about how evil hackers read your email, and wind down the day with practical tips about managing a ginormous global web site.

If you'd like to meet up and talk tech, come on over to the Bezzotech booth! We're at booth 850, which is just in front of the big Oracle demo pods... we'll have videos of the software we'll be launching soon ;-)

If you want to meet up, follow me (@bex) on Twitter. I'll be sharing my location frequently...

Finally!

For those of you who don't know, the HowToComponents are a collection of "basic-advanced" customizations to Oracle UCM/ECM. They are very small samples that show off how to plug-in custom Java code. Everything from custom IdocScript, custom security checks, custom services, and Java filters. I originally made them about 10 years ago (while working at Stellent) to help people kick-start projects that needed to build upon them to make more advanced customizations.

A lot of things changed over the years... luckily, the HowToComponents still (mostly) work! I was mainly surprised that a 10-year old Yahoo web service still reliably delivers stock quotes... Mostly we just recompiled and repackaged them, with a few changes...

First, a new security feature in 11g requires a token to be present in every we request. So, we needed to add this code on pretty much all of the web forms:

<input type="hidden" name="idcToken" value="<$idcToken$>"/>

Also, the code for adding new items to the menus changed quite a bit... look at the resources CoreMenuItems and CoreMenuItemRelationships in each component for some sample code.

Also, the DynamicPrefix component no longer uses the validateStandard filter event to change the Content ID upon check-in... that's because in 11g you have to use the new event preComputeDocName. You can still use validateStandard for most metadata alteration/validation... but the dDocName is special and needs to be treated differently.

FYI, to compile these components for 11g, be sure to use the correct To compile, the libraries are here:

<Fusion-Middleware-Home>/Oracle_ECM1/ucm/idc/jlib/idcserver.jar

These components are only "semi-official." The folks I know at Oracle didn't have time to polish these up for 11g, so we at Bezzotech decided to step up and do it ourselves. The code is licensed as Apache 2.0 code... which in short means: do whatever you want, except blame us for what you did!

You may download the HowToComponents from the Bezzotech Library page. You can download previous versions (7.5/10gr3) of the HowToComponents from the Oracle UCM Samples page.

Enjoy!

I'm generally considered a "cynic" when it comes to the value of Artificial Intelligence in general (and the Semantic Web nonsense in particular). This tends to get me into heated disagreements with people who have careers in the field... or those who cling to Jetsons-type fantasies of having Rosie the Robot doing their dishes.

I frequently respond, "you already have a robot that washes dishes. It's named Maytag."

The most recent breakthrough in the field is the highly impressive computer named "Watson," which after several years, and millions of dollars of R&D, was able to beat Ken Jennings at Jeopardy... or to be more accurate, the computer was faster than a human at clicking the buzzer when it came to answering questions that were from previous episodes of Jeopardy.

Interesting? Of course! Practical in any measurable way? No...

Let me be clear: the human language "fact mining" technology in Watson is impressive. And many have discussed the possibility that it could be used by doctors or lawyers or hedge-fund managers who need to react quickly to find the "right" answer. Well, I got a couple of monkey wrenches for ya:

1. There is rarely "one right answer" in medicine for why you have a tummy-ache.
2. Other than patient history, there is no study that says greater access to information would yield to better patient health... and a great number that have found the exact opposite. Like the explosion of unnecessary surgery since the invention of MRIs.
3. If a lawyer or hedge fund manager ever used Watson to uncover "the truth," it wouldn't take long for somebody else to make software to game the system, making it practically worthless without massive human intervention (not unlike Google's losing battle against SEO Spammers)

I could go on and on... or I could just point out that after IBM's Deep Blue 2 defeated Kasparov at chess, IBM shut down the program, denying Kasparov the rematch he wanted. Why? Well, Deep Blue 2 was incredibly expensive to build and maintain... and other than good PR for IBM's hardware, the machine had practically no value.

Why does it have no value? Because with a laptop and $50 worth of software, just about any experienced chess player could beat Deep Blue, or it's rival Hydra. These machines just did brute-force analysis, and didn't have a "hint" about what strategy would be optimal. Somebody who knew what he was doing -- aided with a very small shell script -- could beat any supercomputer on the planet. Which is kind of the point I've been trying to make all along:

Artificial Intelligence isn't impossible, its just impractical. Deeply, deeply, deeply impractical...

The point is not that human minds are better than robots. It's just that until my Roomba has some petty cash to spend -- and a desire for something other than electricity -- the economy will be driven by human needs. Whereas it would be cool to have a general-purpose supercomputer that looks like a human and does your dishes, or beats the pants off of you at Jeopardy, it's always going to be more cost-effective to create single-purpose machines that increase human ability to meet human needs...

So... what kinds of tools would these be? Let's talk medicine: what kinds of software would actually improve human health? It seems pretty obvious: keep patient history in a secure, portable repository... and have your doctors read it!! Or perhaps a big database of drugs, and how they interact with other drugs, to ensure no side-effects? Or, perhaps a database of standard medical processes and procedures that have scientifically proven their efficacy? Or maybe slap an RFID chip in the leg to be amputated to avoid hospital error? Any of those would cost a heck of a lot less money than the Watson project and yield immediate benefits...

Watson is -- quite frankly -- a solution in search of a problem...

There's always been a lot of buzz around the concept of Enterprise 2.0... We know all about the features, but what are the benefits? What are people actually doing with it, and how successful are these projects? Should you be concerned about the potential risks?

Andy MacMillan -- Oracle VP and collaborator on my second book -- will be presenting a free webinar about Putting Enterprise 2.0 to work, along with Doug Miles of AIIM:

When: Jan 26, 2011 2:00 PM - 3:00 PM EST
Where: Online!

They'll be presenting AIIM's latest market research on the subject... I'm hoping to see some hard numbers about who is doing what, what works, and why...

Don't forget to register for the conference!

Happy new year! Most people use the first post of the year to go over their own blog statistics of popular posts... but since my blog's fiscal year ends in April, I decided to do new years resolutions instead. Below are 5 ECM maintenance tasks that I'd recommend:

1) Test your backup plan!

Yes, I'm certain you have one -- whether it's written in stone or just in the minds of your administrators -- but the only way to be sure you have a backup plan is to simulate an outage, and see how long it takes you to get up and running.

2) Eliminate some metadata fields

You know you have them... custom fields that seemed to make sense at the time, but now are not used at all. Go through your custom fields, see which ones are commonly used, and which ones are not. Odds are good that you can eliminate the unused ones... although be sure to make a backup before you delete information!

3) Normalize your metadata model

This is similar to #2 above... How many metadata fields are either blank, or only have the default data? Do you really need them? Do you still have items tagged as being authored by people who are no longer employees? Isn't it about time to simplify and clarify the values in your option list, and re-tag all items with the new values?

4) Audit the security access of your users

Who has what access to which pieces of content? If you are like most people, a lot of your users -- especially power users and test users -- have more access than they really need. Be sure to go through your LDAP repository, and make sure people don't have more access than needed.

5) Create a report of popular content

One good way to improve user adoption is by creating reports on "what's hot." Another option is to run reports to see what people have the most popular content, and then share with your team. There's nothing like a little competition to encourage people to contribute higher quality content ;-)

What additional resolutions would you recommend? Find the comments...

Quick announcement...

This Thursday -- November 11th -- Oracle is having a web conference on One-Click Web Content Management. This is the principle behind the new Universal Content Management 11g release for Site Studio. If you're curious about what's new in UCM 11g for your existing applications, you should register for the event.

This is the technology behind what was once called Open WCM, and is now called Site Studio for eXternal Applications (SSXA). These are a collection of web services that allow you to embed new or existing Site Studio content into new or existing applications with JSP taglibraries. The primary benefit here is that if you want the ability to change the text on a web application -- without having to redeploy your WARs, JARs, or EARs -- just plop down a couple of tags, and you're good to go! This is one of my favorite new features in UCM 11g...

The web conference is at 11am PST / 2pm EST... join if you can!

This year was the first time that Java One and Oracle Open World occurred at the same time... which meant I got to meet a lot of folks who reeeeeeeeeaaaallllly looooooooooooooove jaaaaaaaaavaaaaaaa. Naturally, they are a bit skittish about Oracle now being Java's primary caretaker. A lot of their attitude comes from fear, uncertainty, and doubt... so I'd like to give my thoughts.

Firstly... I'd like to make it clear that people seem to be holding Oracle to a higher standard than other companies... Let's compare Java to 2 other relatively popular languages:

• .NET: The backbone of new Microsoft applications. Changes to the language are fully controlled by one company, but with an open source implementation (Mono) --
• Objective C: The backbone of all Apple products (OS X, iPod, iPhone, iPad). Changes to the language are fully controlled by one company, but with an open source implementation (Cocotron)
• Java: The backbone of most enterprise software. Changes to the language are fully controlled by one company, but with several open source implementations (Apache Harmony and Open JDK being two)

Why are people only freaking out about the last one on that list?

The new Open JDK initiative is a good start... this was announced at Java One 2010, but it appears that Oracle has been working on it for quite some time. It's also very telling that IBM Joined the Open JDK initiative.

Some are afraid that Oracle will drop the Java Community Process (JCP) and go their own way. Well... perhaps. Will Java grow better and faster without the JCP? Based on how long Sun took to get Java 1.6 out the door, I'd wager that Oracle is probably going to streamline the process... the roadmap for Java 1.7 and 1.8 is pretty aggressive, and Oracle seems dedicated to speeding up the development cycle. That of course means that not everything you want will be in Java 1.7... but on the plus side, you'll get it faster!

Also... I want to make this clear: Oracle is far too invested in Java to think they can ignore building a consensus.

Think about it... Java is popular because it is a nice blend openness and enterprise sponsorship. According to some estimates, Oracle software revenue is 2/3 reliant on Java. What would happen if they tried to skip the consensus-building aspect of the Java community? Folks like IBM, HP, SAP, Intel, AMD, and Google might start looking elsewhere for their platform of choice... If this were to happen, Java would become less popular... They might fork Java, or just do something completely different. That path would ultimately hurt Oracle, and they are smart enough to know it.

Does Oracle's ownership of Java give it an advantage? Of course! Oracle will be putting cool new features into Java that Oracle customers want, and Oracle Java products that use these new features will have a head start... not to mention access to the original engineers. This feedback loop does benefit Oracle's Java applications, but it also ensures better Java.

But we need to keep this in perspective... Oracle is just one of several organizations that pay developers to improve Java, and an organization's true influence on open source projects is directly proportional to the number of great developers they dedicate to it... If Google or IBM decided that they absolutely needed new features in Java 1.7, there's a very simple solution: hire developers that can make it happen. If your company is paying for the code, it's a heck of a lot easier to get the community to agree with your ideas...

In all, I think Oracle's dedication to rapid releases of Java is a good thing... They have said they want to update the JCP, but have also said that they will continue to build consensus. Also, it would be bad for Java, and bad for Oracle for them to not build consensus... and everybody knows it.

Since the Oracle 11g launch, they've been shuffling around where their samples are. And if you Google for them, you'll find nothing but broken links. Luckily, if you search for "10gr4" on Oracle's site, you will eventually find your way down to the official Oracle Site Studio Samples page.

There's a few viewlets, some documentation, and some sample web sites that demonstrate the 10gr4/11g way of designing web sites. It's a much better process than the old 7.5/10gr3 way of designing sites, but it will take some time to wrap your head around it.

Probably some time soon they'll have some info on one-click WCM with existing web applications... but that might take a few more weeks ;-)

It's alive! I put together this presentation to help folks who might have questions about how to create and maintain a website in multiple languages, and multiple countries. Big surprise: it depends!!! This presentation gives you some warnings, and a lot of questions you need to ask in order to get started.

I talked through a bunch of problems and risks, and how to mitigate them... I also covered a few ways to help cut the costs of translation, including the crowd-sourcing approach with Lingotek's software. I came across those guys a few months back, and thought that it was a pretty good idea: engage your employees, partners, and the rest of your community to help you select what items to translate, and actually do the translation. We recently made an integration with the UCM system: send Bezzotech an email if you want to learn more...