TIBCO BW6 Application Version

Versioning is very important within TIBCO BusinessWorks 6.x (BW6).

One approach to managing EAR file versioning is to incorporate the version into the EAR file name. For example, ApplicationName.application_1.0.0.

However, there are limitations to this approach.

  • you are dependent upon the accuracy of the person or process that created the EAR file and named it
  • it doesn’t include the qualifier portion of the version
  • if you are using a version control system for the EAR file then you don’t want the file name to change between versions

Luckily, EAR files follow the same standard as JAR files. The following code snippet will query the EAR file for the “Bundle-Version” and output it

import java.io.IOException;
import java.util.jar.*;

public class EarVersion {
   public static void main(String[] args) {
       JarFile jf = null;
       Manifest mf = null;
       Attributes att = null;
       try {
           jf = new JarFile(args[0]);
       } catch (IOException e) {
           e.printStackTrace();
       }

       try {
           mf = jf.getManifest();
       } catch (IOException e) {
           e.printStackTrace();
       }

       att = mf.getMainAttributes();

       System.out.print(att.getValue("Bundle-Version"));
   }
}

If you run this against an EAR file you will get an output that looks like 1.0.0.2019030110473, assuming that the application Version: (in TIBCO BusinessStudio for BusinessWorks) is set to “1.0.0.qualifier”.

You can use this in the following Windows command script to set a variable with the major.minor version number. (This example assumes that you generated the ear-version.jar file from the code snippet above and that your TIBCO HOME is c:\tibco.)

SET JAVA_HOME=c:\tibco\tibcojre64\1.8.0
SET PATH=%PATH%;%JAVA_HOME%\bin
FOR /F “usebackq tokens=1-2 delims=.” %%G IN (java -jar ear-version.jar %appname%.ear) DO set appversion=%%G.%%H

The value of the variable appversion would be 1.0 for a full version value of 1.0.0.2019030110473.

The application’s major.minor version number is required for the following common bwadmin operations.

  • backup
  • start
  • stop
  • undeploy

A deployed application’s major.minor version number can also be queried using the following Windows command script.

cd /d c:\tibco\bw\6.5\bin
FOR /F “usebackq tokens=2” %%i IN (`bwadmin show -d %domain% application ^| findstr %appname%`) DO set appversion=%%i


Linux and X11

I run my Linux servers with a minimal install and no user interface. This usually doesn’t cause an issue because I can do 99+% of my work from the command line. Even most of the applications I use have “-console” interfaces.

However, every once in a while, like once/year, I run into an application that only runs with a graphical user interface. When this happens I go into my “how did I do this the last time.” Very simply, it turns out.

I run RHEL 7.x on VMware Workstation 10 on a Windows 7 laptop. It is an i7 quad-core CPUwith 32 GB RAM and (2) 1 Tb SSD drives. It does the job fairly well.

A solution to the problem that works well for me is:

1) Download and install XMing (notes are available here) on Windows 7 laptop.

2) Run XMing and then view the log file.

Xming view log

The IP address is shown in the file as “XdmcpRegisterConnection: newAddress 172.20.10.3”. It is also the IP (one of them anyways) for the laptop that can be determined in several ways.

The DISPLAY value is shown in the file as “DISPLAY=127.0.0.1:0.0”.

Combine the 2 so that you get DISPLAY=172.20.10.3:0.0.

3) Use Putty, from Windows 7 laptop, y to open a SSH connection with X11 forwarding.

Putty

4) On the Linux server enter “export DISPLAY=172.20.10.3:0.0” on the command line.

5) Now you can run the application that requires a graphical user interface.

 

Integration Strategy Template

The Integration strategy provides the technical strategy that will be used to connect service providers and partners that are part of the quickly growing digital business ecosystem.

Strategic goals and drivers include:

  • Technology and product implementation flexibility
  • Development community support and ease of use
  • Connect internal and external service providers to internal and external service consumers
  • Partner management
  • Centralized policy definition and enforcement with minimal impact to service providers and consumers
  • Security and protection for both services being exposed to consumers (outside – in) and services being consumed from providers (inside – out)
  • Insight, monitoring and advanced analytics
  • Fault tolerant, high availability, multi data center deployment
  • Continuous integration / continuous deployment automation
  • Conformance with enterprise architecture and technology standards

For most companies this integration strategy provides a good starting point to enable their digital business efforts.

Bill’s Rules of Integration

I provide expert guidance an many enterprise-wide integration projects.

Here are my top non-technical rules for success:

  1. The details matter
  2. Attention to the details matter even more
  3. Neatness counts
  4. The code is only as good as the analysis
  5. Remove the need for “paper” documentation
  6. Use the tools
  7. Follow a structured development process
  8. Follow a structured change control process
  9. “Outside” governance is important until the team becomes self-governing

Strategies for Migrating Applications to the Cloud

TIBCO Software has adopted a cloud first strategy. However, there are many companies who have large portfolios of applications that aren't running in the cloud. Options to deal with these applications are:

  • Replace: As mentioned above, this is when you replace an application on premise via a SaaS offering. An example of this is when users adopt Salesforce
  • Rehost: This is when you “lift and shift” your application from your own systems onto a cloud infrastructure as a service (IaaS) platform without modifying the applications
  • Refactor: Similar to rehosting, you modify the application so that it can begin to take advantage of basic cloud capabilities
  • Rearchitect: This is when you significantly change the application so you can benefit from cloud-native capabilities
  • Rebuild: In this option, you start from scratch and build the application specifically to take advantage of cloud-native capabilities of the platform you are going to leverage

These are similar to the following six common application migration strategies described by Stephen Orban of Amazon AWS.

  1. Rehosting
  2. Replatforming
  3. Repurchasing
  4. Refactoring/Rearchitecting
  5. Retire
  6. Retain

John Zachman Introduction to Enterprise Architecture

John Zachman gave a very good presentation on Enterprise Architecture and The Zachman Framework at The Open Group, San Diego, Feb. 2015. A transcript of the presentation (without visuals) is also available. The presentation is about 1 hour long.

It is my opinion that everyone that is interested in general management operations should take the time to watch this video.

Even if:

  • you think that Enterprise Architecture is a waste of time you will learn something
  • you think that Enterprise Architecture is an IT concern you will learn something
  • you think you know The Zachman Framework you will learn something

One of his final points that I have strongly believed in for many years is that Enterprise Architecture should become a General Management Operational Process and not simply an IT exercise.

The Concise Definition of The Zachman Framework by: John A. Zachman provides a quick overview of The Zachman Framework but I strongly recommend watching the video first.

A further discussion of single variable models can be found in Zachman’s article “Architecture Artifacts vs Application Development Artifacts.” At the time of this post it could be found online here and here.

RHEL 7 Network Manager

In RHEL 7 the default networking service is provided by NetworkManager. NetworkManager is a dynamic network control and configuration daemon that attempts to keep network devices and connections up and active when they are available.

The NetworkManager Command Line tool, nmcli, is used to control the NetworkManager.

Two good nmcli resources are from Red Hat product documentation and CertDepot.

Example – create a DHCP network connection:

  • nmcli c add type ethernet con-name nat-conn ifname ens33
  • nmcli c up nat-conn
  • more /etc/sysconfig/network-scripts/ifcfg-nat-conn
  • ip addr show

Information Security and Cybersecurity

Overview

Information Security is defined by SANS as:

the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption.

U.S. Code Title 44, Chapter 35, Subchapter III, Section 3542 also defines information security.

(1) The term “information security” means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide—
(A) integrity, which means guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity;
(B) confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and
(C) availability, which means ensuring timely and reliable access to and use of information.

 Cybersecurity is defined in ITU-T X.1205 as:

the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following: Availability, Integrity (which may include authenticity and non-repudiation), and Confidentiality

Digital Authentication

A significant part of information security integrity and confidentiality is ensuring that only authorized persons are able to view and modify the information. Authentication is one part of this. NIST’s Digitial Authentication Guideline, SP 800-63, provides guidance on digital authentication to federal agencies.

The latest revision, SP 800-63-3 has been split into a suite of documents organized as follows:

SP 800-63-3 Digital Authentication Guideline – Provides an overview of general authentication frameworks, for using authenticators, credentials, and assertions together in an information system, and possible methods of selecting discrete assurance levels. This document is informative.

SP 800-63A Enrollment and Identity Proofing – Provides guidelines on processes by which an individual is enrolled in an identity system and identity proofed. This document contains both normative and informative material.

SP 800-63B Authentication and Lifecycle Management – Provides guidelines on the selection, use, and management of authenticators (formerly called tokens) to authenticate a remote subscriber to an identity system at specified authenticator assurance levels. This document contains both normative and informative material.

SP 800-63C Federation and Assertions – Provides guidelines on the use of federated identity and assertions to convey the results of authentication processes to a relying party. This document contains both normative and informative material.

Internet of Things (IoT)

Internet of Things (IoT) ecosystems expose a large attack surface. Configuring tens or hundreds of connected devices can be time consuming and expensive. Doing the same for 30 billion devices will require a more efficient approach.

The Industrial Internet Consortium has released the Industrial Internet Security Framework Technical Report which is the result of the collective cybersecurity wisdom of members from over 25 different organizations.

The European Union Agency for Network and Information Security has released a study on “Cyber security and resilience for Smart Hospitals” (11/24/2016). They identify mitigation techniques and good practices when IoT components are used within a healthcare organization.