Search Results

Search found 337 results on 14 pages for 'cas'.

Page 14/14 | < Previous Page | 10 11 12 13 14 

• How to Implement Single Sign-On between Websites

  - by hmloo

  Introduction Single sign-on (SSO) is a way to control access to multiple related but independent systems, a user only needs to log in once and gains access to all other systems. a lot of commercial systems that provide Single sign-on solution and you can also choose some open source solutions like Opensso, CAS etc. both of them use centralized authentication and provide more robust authentication mechanism, but if each system has its own authentication mechanism, how do we provide a seamless transition between them. Here I will show you the case. How it Works The method we’ll use is based on a secret key shared between the sites. Origin site has a method to build up a hashed authentication token with some other parameters and redirect the user to the target site. variables Status Description ssoEncode required hash(ssoSharedSecret + , + ssoTime + , + ssoUserName) ssoTime required timestamp with format YYYYMMDDHHMMSS used to prevent playback attacks ssoUserName required unique username; required when a user is logged in Note : The variables will be sent via POST for security reasons Building a Single Sign-On Solution Origin Site has function to 1. Create the URL for your Request. 2. Generate required authentication parameters 3. Redirect to target site. using System; using System.Web.Security; using System.Text; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { string postbackUrl = "http://www.targetsite.com/sso.aspx"; string ssoTime = DateTime.Now.ToString("yyyyMMddHHmmss"); string ssoUserName = User.Identity.Name; string ssoSharedSecret = "58ag;ai76"; // get this from config or similar string ssoHash = FormsAuthentication.HashPasswordForStoringInConfigFile(string.Format("{0},{1},{2}", ssoSharedSecret, ssoTime, ssoUserName), "md5"); string value = string.Format("{0}:{1},{2}", ssoHash,ssoTime, ssoUserName); Response.Clear(); StringBuilder sb = new StringBuilder(); sb.Append("<html>"); sb.AppendFormat(@"<body onload='document.forms[""form""].submit()'>"); sb.AppendFormat("<form name='form' action='{0}' method='post'>", postbackUrl); sb.AppendFormat("<input type='hidden' name='t' value='{0}'>", value); sb.Append("</form>"); sb.Append("</body>"); sb.Append("</html>"); Response.Write(sb.ToString()); Response.End(); } } Target Site has function to 1. Get authentication parameters. 2. Validate the parameters with shared secret. 3. If the user is valid, then do authenticate and redirect to target page. 4. If the user is invalid, then show errors and return. using System; using System.Web.Security; using System.Text; public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (User.Identity.IsAuthenticated) { Response.Redirect("~/Default.aspx"); } } if (Request.Params.Get("t") != null) { string ticket = Request.Params.Get("t"); char[] delimiters = new char[] { ':', ',' }; string[] ssoVariable = ticket.Split(delimiters, StringSplitOptions.None); string ssoHash = ssoVariable[0]; string ssoTime = ssoVariable[1]; string ssoUserName = ssoVariable[2]; DateTime appTime = DateTime.MinValue; int offsetTime = 60; // get this from config or similar try { appTime = DateTime.ParseExact(ssoTime, "yyyyMMddHHmmss", null); } catch { //show error return; } if (Math.Abs(appTime.Subtract(DateTime.Now).TotalSeconds) > offsetTime) { //show error return; } bool isValid = false; string ssoSharedSecret = "58ag;ai76"; // get this from config or similar string hash = FormsAuthentication.HashPasswordForStoringInConfigFile(string.Format("{0},{1},{2}", ssoSharedSecret, ssoTime, ssoUserName), "md5"); if (string.Compare(ssoHash, hash, true) == 0) { if (Math.Abs(appTime.Subtract(DateTime.Now).TotalSeconds) > offsetTime) { //show error return; } else { isValid = true; } } if (isValid) { //Do authenticate; } else { //show error return; } } else { //show error } } } Summary This is a very simple and basic SSO solution, and its main advantage is its simplicity, only needs to add a single page to do SSO authentication, do not need to modify the existing system infrastructure.

  Read the article

• MVVM Light Toolkit throws an System.IO.FileLoadException

  - by joebeazelman

  I'm running VS 2010 along with Expression Blend 4 beta. I created a MVVM Light project from the supplied templates and I get a System.IO.FileLoadException when I try to view the MainWindow.Xaml in VS 2010 designer window. The template already references System.Windows.Interactivity. Here are the details of the exception: System.IO.FileLoadException Could not load file or assembly 'System.Windows.Interactivity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Operation is not supported. (Exception from HRESULT: 0x80131515) at System.Reflection.RuntimeAssembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) at System.Reflection.RuntimeAssembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks) at System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection, Boolean suppressSecurityChecks) at System.Reflection.Assembly.Load(AssemblyName assemblyRef) at MS.Internal.Package.VSIsolationProviderService.RemoteReferenceProxy.VsReflectionResolver.GetRuntimeAssembly(Assembly reflectionAssembly) at Microsoft.Windows.Design.Metadata.ReflectionMetadataContext.CachingReflectionResolver.GetRuntimeAssembly(Assembly reflectionAssembly) at Microsoft.Windows.Design.Metadata.ReflectionMetadataContext.Microsoft.Windows.Design.Metadata.IReflectionResolver.GetRuntimeAssembly(Assembly reflectionAssembly) at MS.Internal.Metadata.ClrAssembly.GetRuntimeMetadata(Object reflectionMetadata) at Microsoft.Windows.Design.Metadata.AttributeTableContainer.d_c.MoveNext() at Microsoft.Windows.Design.Metadata.AttributeTableContainer.GetAttributes(Assembly assembly, Type attributeType, Func`2 reflectionMapper) at MS.Internal.Metadata.ClrAssembly.GetAttributes(ITypeMetadata attributeType) at MS.Internal.Design.Metadata.Xaml.XamlAssembly.get_XmlNamespaceCompatibilityMappings() at Microsoft.Windows.Design.Metadata.Xaml.XamlExtensionImplementations.GetXmlNamespaceCompatibilityMappings(IAssemblyMetadata sourceAssembly) at Microsoft.Windows.Design.Metadata.Xaml.XamlExtensions.GetXmlNamespaceCompatibilityMappings(IAssemblyMetadata source) at MS.Internal.Design.Metadata.ReflectionProjectNode.BuildSubsumption() at MS.Internal.Design.Metadata.ReflectionProjectNode.SubsumingNamespace(Identifier identifier) at MS.Internal.Design.Markup.XmlElement.BuildScope(PrefixScope parentScope, IParseContext context) at MS.Internal.Design.Markup.XmlElement.ConvertToXaml(XamlElement parent, PrefixScope parentScope, IParseContext context, IMarkupSourceProvider provider) at MS.Internal.Design.DocumentModel.DocumentTrees.Markup.XamlSourceDocument.FullParse(Boolean convertToXamlWithErrors) at MS.Internal.Design.DocumentModel.DocumentTrees.Markup.XamlSourceDocument.get_RootItem() at Microsoft.Windows.Design.DocumentModel.Trees.ModifiableDocumentTree.get_ModifiableRootItem() at Microsoft.Windows.Design.DocumentModel.MarkupDocumentManagerBase.get_LoadState() at MS.Internal.Host.PersistenceSubsystem.Load() at MS.Internal.Host.Designer.Load() at MS.Internal.Designer.VSDesigner.Load() at MS.Internal.Designer.VSIsolatedDesigner.VSIsolatedView.Load() at MS.Internal.Designer.VSIsolatedDesigner.VSIsolatedDesignerFactory.Load(IsolatedView view) at MS.Internal.Host.Isolation.IsolatedDesigner.BootstrapProxy.LoadDesigner(IsolatedDesignerFactory factory, IsolatedView view) at MS.Internal.Host.Isolation.IsolatedDesigner.BootstrapProxy.LoadDesigner(IsolatedDesignerFactory factory, IsolatedView view) at MS.Internal.Host.Isolation.IsolatedDesigner.Load() at MS.Internal.Designer.DesignerPane.LoadDesignerView() System.NotSupportedException An attempt was made to load an assembly from a network location which would have caused the assembly to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch. See http://go.microsoft.com/fwlink/?LinkId=155569 for more information.

  Read the article

• Where to put default-servlet-handler in Spring MVC configuration

  - by gigadot

  In my web.xml, the default servlet mapping, i.e. /, is mapped to Spring dispatcher. In my Spring dispatcher configuration, I have DefaultAnnotationHandlerMapping, ControllerClassNameHandlerMapping and AnnotationMethodHandlerAdapter which allows me to map url to controllers either by its class name or its @Requestmapping annotation. However, there are some static resources under the web root which I also want spring dispatcher to serve using default servlet. According to Spring documentation, this can be done using <mvc:default-servlet-handler/> tag. In the configuration below, there are 4 candidate locations that I marked which are possible to insert this tag. Inserting the tag in different location causes the dispatcher to behave differently as following : Case 1 : If I insert it at location 1, the dispatcher will no longer be able to handle mapping by the @RequestMapping and controller class name but it will be serving the static content normally. Cas 2, 3 : It will be able to handle mapping by the @RequestMapping and controller class name as well as serving the static content if other mapping cannot be done successfully. Case 4 : It will not be able to serve the static contents. Therefore, Case 2 and 3 are desirable .According to Spring documentation, this tag configures a handler which precedence order is given to lowest so why the position matters? and Which is the best position to put this tag? <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd"> <context:annotation-config/> <context:component-scan base-package="webapp.controller"/> <!-- Location 1 --> <!-- Enable annotation-based controllers using @Controller annotations --> <bean id="annotationUrlMapping" class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping"/> <!-- Location 2 --> <bean id="controllerClassNameHandlerMapping" class="org.springframework.web.servlet.mvc.support.ControllerClassNameHandlerMapping"/> <!-- Location 3 --> <bean id="annotationMethodHandlerAdapter" class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter"/> <!-- Location 4 --> <mvc:default-servlet-handler/> <!-- All views are JSPs loaded from /WEB-INF/jsp --> <bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/> <property name="prefix" value="/WEB-INF/jsp/"/> <property name="suffix" value=".jsp"/> </bean> </beans>

  Read the article

• Exchange Server 2007 Setup

  - by AlamedaDad

  Hi, I'm working on a upgrade to Exchange 2007 and I wanted to get some advise on hardware choices. We currently have an Exchange 2003 STD server with 400 users split between 6 AD Sites, that is housed on a single server. We need to move to a redundant, fault tolerant system to support our users. I'm planning on installing 2 Dell 1950 servers with W2k8-std to act as CAS and Hub servers, with NLB to allow abstraction of the actual server name to the users. There won't be an edge system since we have a Barracuda box already that will handle in/out spam/virus filtering. Backend I'm planning on 2 mailbox servers which will be Dell 2950s with 16GB RAM, 2 either dual-core or quad-core CPUs and 6 300GB SAS drives in some RAID config. These systems will be clustered using W2k8 Ent clustering and running CCR in Exchange. My questions are as follows: Is 16GB enough RAM for serving that many mailboxes along with the windows clustering and ccr? I'm trying to figure out disk layouts and I'm unsure of whether to use all local disk or some local and some SAN, via an OpenFiler iSCSI server. The SAN would be a Dell 2850 with 6 - 300GB SCSI drives and a PERC controller to slice as I want, with 8GB RAM. Option 1: 2 drives, RAID 1 - OS 2 drives, RAID 1 - Logs 2 drives, RAID 1 - Mail stores Option 2: 2 drives, RAID 1 - OS and logs 4 drives, RAID 5 - Mail Stores and scratch space for eseutil. Option 3: 2 drives, RAID 1 - OS 2 drives, RAID 1 - Logs 2 drives, RAID 0 - scratch space ~300GB iSCSI volume for mail stores Option 4: 2 drives, RAID 1 - OS 4 drives, RAID 5 - scratch space ~300GB iSCSI volume for mail stores ~300GB iSCSI volume for logs I have 2 sockets for CPUs and need to chose between dual and quad cores. The dual core have faster clocks but less cache and I'm thinking older architecture. Am I better off with more cores and cache while sacraficing clock speed? I am planning on adding the new E2K7 cluster to the E2K3 server and then move each mailbox over, all at once, then remove the old server. This seems more complicated than simply getting rid of the 2003 server and then adding the 2007 cluster and restoring the mailboxes using PowerControls or exmerge. The migration option lets me do this on my time, where a cutover means it all needs to work at once. If I go with the cutover method, how can I prebuild the servers and add them to the domain right after removing the 2003 server, or can't I? I think the answer is no and the migration is my only real option if I want to prebuild. I need to also migrate about 30GB of Public Folders. Is there anything special about this, other than specifying in the E2K7 install that I want older Outlook clients and PF's setup? I guess I could even keep the E2K3 server to host just the PFs? Lastly, if I have a mix of Outlook 200, 2003 and 2007 what do I need to do to make sure they all have access to the GAL and OAB? At time of cutover, we'll be at like 90% 2007, but we will have some older stuff around. My plan is to use Outlook Anywhere on laptops that are used outside the physical network. Are there any gotchas involved in that? I'm even thinking about using is for all Outlook clients, does anyone do that? The reason I'm considering it is that our WAN is really VPN tunnels over internet connections, so not a fully messhed, stable WAN. Thank you all very much for the assistance in advance and I look forward to discussion of these points! Regards...Michael

  Read the article

• Exchange Mail Flow

  - by Tuck918

  Hello. I have a question. We have one Exchange 2003 server and two Exchange 2007 servers. Most all of our mailboxes are on 2007 but we do still have one shared mailbox, unity mailbox and a journling mailbox on 2003. Public Folders have been set to replicate to 2007. I have set up a send connector on 2007 with a cost of 1. Receive connectors have Anonymous Users checked on 2007. On 2003 there are two connectors: the Internet Email connector and the connector that connects 2003 to 2007. We have a SPAM filtering device that email goes through before it is handed off to Exchange. The SPAM filtering device is set to send email to one of our Exchange 2007 servers. Here is my question/problem: Even though the SPAM filtering device is set to forward email to Exchange 2007, somehow all of our email is still going through the Exchange 2003 server before it finally hits the users mailboxes on the Exchange 2007 server. How can I change it so that all email goes directly to Exchange 2007 and never routes through Excahnge 2003 both ways, inbound and outbound? Would also like to add: In the EMC under Org- Hub- Send Connector there are two connectors. One is the "Internet Connector" from the 2003 box and the other is the new one I created. THe address space on the 2003 one is set to a cost of 2, no smart hosts and the 2003 box is listed as the Source Server. THe other Send Connector has an address space of 1, no smart host and has the 2 excahnge 2007 servers listed as the source servers. In EMC under Server- Hub- my two exchange 2007 servers are listed. Each one has 2 receive connectors. Both Recieve Connectors are setup the same way. THe Default Receive Connector has Anonymous Users checked. The other Recieve Connector is labled "Client" and I am not sure what it does or why its there. Anonymous Users are not checked. No smart hosts configured on 2003. Additional details Currently we have 3 excahnge servers. One exchange 2003 server and two excahnge 2007 servers. THe exchange 2003 server is the acting "bridgehead" serverand all email is routing through this server, inbound and outbound. We are wanting to decommission this server and use our two exchange 2007 servers as our mailbox servers. All of of user mailboxes are already on one of the exchange 2007 boxes and we want to put whats left on the exchange 2003 box on our other excahnge 2007 box. Both excahnge 2007 servers are currently CAS, HT and MB servers. We have a SPAM filtering device that sits between our excahnge servers and the firewall and have it configured to send messages to one of the excahgne 2007 servers but when we look at the message headers we can see that messgaes are still being routed to the excahnge 2003 box. We want to bypass the exchange 2003 in the routing process as it is dying and is starting to have major issues so everytime it goes down our email is down. Is there possible some sort of AD routing link/site link stuff going on?

  Read the article

• Self-signed certificates for a known community

  - by costlow

  Recently announced changes scheduled for Java 7 update 51 (January 2014) have established that the default security slider will require code signatures and the Permissions Manifest attribute. Code signatures are a common practice recommended in the industry because they help determine that the code your computer will run is the same code that the publisher created. This post is written to help users that need to use self-signed certificates without involving a public Certificate Authority. The role of self-signed certificates within a known community You may still use self-signed certificates within a known community. The difference between self-signed and purchased-from-CA is that your users must import your self-signed certificate to indicate that it is valid, whereas Certificate Authorities are already trusted by default. This works for known communities where people will trust that my certificate is mine, but does not scale widely where I cannot actually contact or know the systems that will need to trust my certificate. Public Certificate Authorities are widely trusted already because they abide by many different requirements and frequent checks. An example would be students in a university class sharing their public certificates on a mailing list or web page, employees publishing on the intranet, or a system administrator rolling certificates out to end-users. Managed machines help this because you can automate the rollout, but they are not required -- the major point simply that people will trust and import your certificate. How to distribute self-signed certificates for a known community There are several steps required to distribute a self-signed certificate to users so that they will properly trust it. These steps are: Creating a public/private key pair for signing. Exporting your public certificate for others Importing your certificate onto machines that should trust you Verify work on a different machine Creating a public/private key pair for signing Having a public/private key pair will give you the ability both to sign items yourself and issue a Certificate Signing Request (CSR) to a certificate authority. Create your public/private key pair by following the instructions for creating key pairs.Every Certificate Authority that I looked at provided similar instructions, but for the sake of cohesiveness I will include the commands that I used here: Generate the key pair.keytool -genkeypair -alias erikcostlow -keyalg EC -keysize 571 -validity 730 -keystore javakeystore_keepsecret.jks Provide a good password for this file. The alias "erikcostlow" is my name and therefore easy to remember. Substitute your name of something like "mykey." The sigalg of EC (Elliptical Curve) and keysize of 571 will give your key a good strong lifetime. All keys are set to expire. Two years or 730 days is a reasonable compromise between not-long-enough and too-long. Most public Certificate Authorities will sign something for one to five years. You will be placing your keys in javakeystore_keepsecret.jks -- this file will contain private keys and therefore should not be shared. If someone else gets these private keys, they can impersonate your signature. Please be cautious about automated cloud backup systems and private key stores. Answer all the questions. It is important to provide good answers because you will stick with them for the "-validity" days that you specified above.What is your first and last name?  [Unknown]:  First LastWhat is the name of your organizational unit?  [Unknown]:  Line of BusinessWhat is the name of your organization?  [Unknown]:  MyCompanyWhat is the name of your City or Locality?  [Unknown]:  City NameWhat is the name of your State or Province?  [Unknown]:  CAWhat is the two-letter country code for this unit?  [Unknown]:  USIs CN=First Last, OU=Line of Business, O=MyCompany, L=City, ST=CA, C=US correct?  [no]:  yesEnter key password for <erikcostlow>        (RETURN if same as keystore password): Verify your work:keytool -list -keystore javakeystore_keepsecret.jksYou should see your new key pair. Exporting your public certificate for others Public Key Infrastructure relies on two simple concepts: the public key may be made public and the private key must be private. By exporting your public certificate, you are able to share it with others who can then import the certificate to trust you. keytool -exportcert -keystore javakeystore_keepsecret.jks -alias erikcostlow -file erikcostlow.cer To verify this, you can open the .cer file by double-clicking it on most operating systems. It should show the information that you entered during the creation prompts. This is the file that you will share with others. They will use this certificate to prove that artifacts signed by this certificate came from you. If you do not manage machines directly, place the certificate file on an area that people within the known community should trust, such as an intranet page. Import the certificate onto machines that should trust you In order to trust the certificate, people within your known network must import your certificate into their keystores. The first step is to verify that the certificate is actually yours, which can be done through any band: email, phone, in-person, etc. Known networks can usually do this Determine the right keystore: For an individual user looking to trust another, the correct file is within that user’s directory.e.g. USER_HOME\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs For system-wide installations, Java’s Certificate Authorities are in JAVA_HOMEe.g. C:\Program Files\Java\jre8\lib\security\cacerts File paths for Mac and Linux are included in the link above. Follow the instructions to import the certificate into the keystore. keytool -importcert -keystore THEKEYSTOREFROMABOVE -alias erikcostlow -file erikcostlow.cer In this case, I am still using my name for the alias because it’s easy for me to remember. You may also use an alias of your company name. Scaling distribution of the import The easiest way to apply your certificate across many machines is to just push the .certs or cacerts file onto them. When doing this, watch out for any changes that people would have made to this file on their machines. Trusted.certs: When publishing into user directories, your file will overwrite any keys that the user has added since last update. CACerts: It is best to re-run the import command with each installation rather than just overwriting the file. If you just keep the same cacerts file between upgrades, you will overwrite any CAs that have been added or removed. By re-importing, you stay up to date with changes. Verify work on a different machine Verification is a way of checking on the client machine to ensure that it properly trusts signed artifacts after you have added your signing certificate. Many people have started using deployment rule sets. You can validate the deployment rule set by: Create and sign the deployment rule set on the computer that holds the private key. Copy the deployment rule set on to the different machine where you have imported the signing certificate. Verify that the Java Control Panel’s security tab shows your deployment rule set. Verifying an individual JAR file or multiple JAR files You can test a certificate chain by using the jarsigner command. jarsigner -verify filename.jar If the output does not say "jar verified" then run the following command to see why: jarsigner -verify -verbose -certs filename.jar Check the output for the term “CertPath not validated.”

  Read the article

• Lock-Free, Wait-Free and Wait-freedom algorithms for non-blocking multi-thread synchronization.

  - by GJ

  In multi thread programming we can find different terms for data transfer synchronization between two or more threads/tasks. When exactly we can say that some algorithem is: 1)Lock-Free 2)Wait-Free 3)Wait-Freedom I understand what means Lock-free but when we can say that some synchronization algorithm is Wait-Free or Wait-Freedom? I have made some code (ring buffer) for multi-thread synchronization and it use Lock-Free methods but: 1) Algorithm predicts maximum execution time of this routine. 2) Therad which call this routine at beginning set unique reference, what mean that is inside of this routine. 3) Other threads which are calling the same routine check this reference and if is set than count the CPU tick count (measure time) of first involved thread. If that time is to long interrupt the current work of involved thread and overrides him job. 4) Thread which not finished job because was interrupted from task scheduler (is reposed) at the end check the reference if not belongs to him repeat the job again. So this algorithm is not really Lock-free but there is no memory lock in use, and other involved threads can wait (or not) certain time before overide the job of reposed thread. Added RingBuffer.InsertLeft function: function TgjRingBuffer.InsertLeft(const link: pointer): integer; var AtStartReference: cardinal; CPUTimeStamp : int64; CurrentLeft : pointer; CurrentReference: cardinal; NewLeft : PReferencedPtr; Reference : cardinal; label TryAgain; begin Reference := GetThreadId + 1; //Reference.bit0 := 1 with rbRingBuffer^ do begin TryAgain: //Set Left.Reference with respect to all other cores :) CPUTimeStamp := GetCPUTimeStamp + LoopTicks; AtStartReference := Left.Reference OR 1; //Reference.bit0 := 1 repeat CurrentReference := Left.Reference; until (CurrentReference AND 1 = 0)or (GetCPUTimeStamp - CPUTimeStamp > 0); //No threads present in ring buffer or current thread timeout if ((CurrentReference AND 1 <> 0) and (AtStartReference <> CurrentReference)) or not CAS32(CurrentReference, Reference, Left.Reference) then goto TryAgain; //Calculate RingBuffer NewLeft address CurrentLeft := Left.Link; NewLeft := pointer(cardinal(CurrentLeft) - SizeOf(TReferencedPtr)); if cardinal(NewLeft) < cardinal(@Buffer) then NewLeft := EndBuffer; //Calcolate distance result := integer(Right.Link) - Integer(NewLeft); //Check buffer full if result = 0 then //Clear Reference if task still own reference if CAS32(Reference, 0, Left.Reference) then Exit else goto TryAgain; //Set NewLeft.Reference NewLeft^.Reference := Reference; SFence; //Try to set link and try to exchange NewLeft and clear Reference if task own reference if (Reference <> Left.Reference) or not CAS64(NewLeft^.Link, Reference, link, Reference, NewLeft^) or not CAS64(CurrentLeft, Reference, NewLeft, 0, Left) then goto TryAgain; //Calcolate result if result < 0 then result := Length - integer(cardinal(not Result) div SizeOf(TReferencedPtr)) else result := cardinal(result) div SizeOf(TReferencedPtr); end; //with end; { TgjRingBuffer.InsertLeft } RingBuffer unit you can find here: RingBuffer, CAS functions: FockFreePrimitives, and test program: RingBufferFlowTest Thanks in advance, GJ

  Read the article

• 2 way SSL between SOA and OSB

  - by Johnny Shum

  If you have a need to use 2 way SSL between SOA composite and external partner links, you can follow these steps. Create the identity keystores, trust keystores, and server certificates. Setup keystores and SSL on WebLogic Setup server to use 2 way SSL Configure your SOA composite's partner link to use 2 way SSL Configure SOA engine two ways SSL In this case,  I use SOA and OSB for the test.  I started with a separate OSB and SOA domains.  I deployed two soap based proxies on OSB and two composites on SOA.  In SOA, one composite invokes a OSB proxy service, the other is invoked by the OSB.  Similarly,  in OSB,  one proxy invokes a SOA composite and the other is invoked by SOA. 1. Create the identity keystores, trust keystores and the server certificates Since this is a development environment, I use JDK's keytool to create the stores and use self signing certificate.  For production environment, you should use certificates from a trusted certificate authority like Verisign.    I created a script below to show what is needed in this step.  The only requirement is when creating the SOA identity certificate, you MUST use the alias mykey. STOREPASS=welcome1KEYPASS=welcome1# generate identity keystore for soa and osb.  Note: For SOA, you MUST use alias mykeyecho "creating stores"keytool -genkey -alias mykey -keyalg "RSA" -sigalg "SHA1withRSA" -dname "CN=soa, C=US" -keystore soa-default-keystore.jks -storepass $STOREPASS -keypass $KEYPASS keytool -genkey -alias osbkey -keyalg "RSA" -sigalg "SHA1withRSA" -dname "CN=osb, C=US" -keystore osb-default-keystore.jks -storepass $STOREPASS -keypass $KEYPASS# listing keystore contentsecho "listing stores contents"keytool -list -alias mykey -keystore soa-default-keystore.jks -storepass $STOREPASSkeytool -list -alias osbkey -keystore osb-default-keystore.jks -storepass $STOREPASS# exporting certs from storesecho "export certs from  stores"keytool -exportcert -alias mykey -keystore soa-default-keystore.jks -storepass $STOREPASS -file soacert.derkeytool -exportcert -alias osbkey -keystore osb-default-keystore.jks -storepass $STOREPASS -file osbcert.der # import certs to trust storesecho "import certs"keytool -importcert -alias osbkey -keystore soa-trust-keystore.jks -storepass $STOREPASS -file osbcert.der -keypass $KEYPASSkeytool -importcert -alias mykey -keystore osb-trust-keystore.jks -storepass $STOREPASS -file soacert.der  -keypass $KEYPASS SOA suite uses the JDK's SSL implementation for outbound traffic instead of the WebLogic's implementation.  You will need to import the partner's public cert into the trusted keystore used by SOA.  The default trusted keystore for SOA is DemoTrust.jks and it is located in $MW_HOME/wlserver_10.3/server/lib.   (This is set in the startup script -Djavax.net.ssl.trustStore).   If you use your own trusted keystore, then you will need to import it into your own trusted keystore. keytool -importcert -alias osbkey -keystore $MW_HOME/wlserver_10.3/server/lib/DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase  -file osbcert.der -keypass $KEYPASS If you do not perform this step, you will encounter this exception in runtime when SOA invokes OSB service using 2 way SSL Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target  2.  Setup keystores and SSL on WebLogic First, you will need to login to the WebLogic console, navigate to the server's configuration->Keystore's tab.   Change the Keystores type to Custom Identity and Custom Trust and enter the rest of the fields. Then you navigate to the SSL tab, enter the fields in the identity section and expand the Advanced section.  Since I am using self signing cert on my VM enviornment, I disabled Hostname verification.  In real production system, this should not be the case.   I also enabled the option "Use Server Certs", so that the application uses the server cert to initiate https traffic (it is important to enable this in OSB). Last, you enable SSL listening port in the Server's configuration->General tab. 3.  Setup server to use 2 way SSL If you follow the screen shot in previous step, you can see in the Server->Configuration->SSL->Advanced section, there is an option for Two Way Client Cert Behavior,  you should set this to Client Certs Requested and Enforced. Repeat step 2 and 3 done on OSB.  After all these configurations,  you have to restart all the servers. 4.  Configure your SOA composite's partner link to use 2 way SSL You do this by modifying the composite.xml in your project, locate the partner's link reference and add the property oracle.soa.two.way.ssl.enabled.   <reference name="callosb" ui:wsdlLocation="helloword.wsdl">    <interface.wsdl interface="http://www.examples.com/wsdl/HelloService.wsdl#wsdl.interface(Hello_PortType)"/>    <binding.ws port="http://www.examples.com/wsdl/HelloService.wsdl#wsdl.endpoint(Hello_Service/Hello_Port)"                location="helloword.wsdl" soapVersion="1.1">      <property name="weblogic.wsee.wsat.transaction.flowOption"                type="xs:string" many="false">WSDLDriven</property>   <property name="oracle.soa.two.way.ssl.enabled">true</property>    </binding.ws>  </reference> In OSB, you should have checked the HTTPS required flag in the proxy's transport configuration.  After this,  rebuilt the composite jar file and ready to deploy in the EM console later. 5.  Configure SOA engine two ways SSL Oracle SOA Suite uses both Oracle WebLogic Server and Sun Secure Socket Layer (SSL) stacks for two-way SSL configurations. For the inbound web service bindings, Oracle SOA Suite uses the Oracle WebLogic Server infrastructure and, therefore, the Oracle WebLogic Server libraries for SSL.  This is already done by step 2 and 3 in the previous section. For the outbound web service bindings, Oracle SOA Suite uses JRF HttpClient and, therefore, the Sun JDK libraries for SSL.  You do this by configuring the SOA Engine in the Enterprise Manager Console, select soa-infra->SOA Administration->Common Properties Then click at the link at the bottom of the page:  "More SOA Infra Advances Infrastructure Configuration Properties" and then enter the full path of soa identity keystore in the value field of the KeyStoreLocation attribute.  Click Apply and Return then navigate to the domain->security->credential. Here, you provide the password to the keystore.  Note: the alias of the certficate must be mykey as described in step 1, so you only need to provide the password to the identity keystore.   You accomplish this by: Click Create Map In the Map Name field, enter SOA, and click OK Click Create Key Enter the following details where the password is the password for the SOA identity keystore. 6.  Test and Trouble Shooting Once the setup is complete and server restarted, you can deploy the composite in the EM console and test it.  In case of error,  you can read the server log file to determine the cause of the error.  For example, If you have not setup step 5 and test 2 way SSL, you will see this in the log when invoking OSB from BPEL: java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: oracle.fabric.common.FabricInvocationException: Unable to access the following endpoint(s): https://localhost.localdomain:7002/default/helloword ####<Sep 22, 2012 2:07:37 PM CDT> <Error> <oracle.soa.bpel.engine.ws> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0AFDAEF20610F8FD89C5> ............ <11d1def534ea1be0:-4034173:139ef56d9f0:-8000-00000000000002ec> <1348340857956> <BEA-000000> <got FabricInvocationException sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target If you have not enable WebLogic SSL to use server certificate in the console and invoke SOA composite from OSB using two ways SSL, you will see this error: ####<Sep 22, 2012 2:07:37 PM CDT> <Warning> <Security> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <11d1def534ea1be0:-51f5c76a:139ef5e1e1a:-8000-00000000000000e2> <1348340857776> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from localhost.localdomain - 127.0.0.1. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.> ####<Sep 22, 2012 2:07:37 PM CDT> <Warning> <Security> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <11d1def534ea1be0:-51f5c76a:139ef5e1e1a:-8000-00000000000000e4> <1348340857786> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from localhost.localdomain - 127.0.0.1. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.> ####<Sep 22, 2012 2:27:21 PM CDT> <Warning> <Security> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <11d1def534ea1be0:-51f5c76a:139ef5e1e1a:-8000-0000000000000124> <1348342041926> <BEA-090497> <HANDSHAKE_FAILURE alert received from localhost - 127.0.0.1. Check both sides of the SSL configuration for mismatches in supported ciphers, supported protocol versions, trusted CAs, and hostname verification settings.> References http://docs.oracle.com/cd/E23943_01/admin.1111/e10226/soacompapp_secure.htm#CHDCFABB   Section 5.6.4 http://docs.oracle.com/cd/E23943_01/web.1111/e13707/ssl.htm#i1200848

  Read the article

• CodePlex Daily Summary for Thursday, July 31, 2014

  CodePlex Daily Summary for Thursday, July 31, 2014Popular ReleasesDbEntry.Net (Leafing Framework): DbEntry.Net 4.2: DbEntry.Net is a lightweight Object Relational Mapping (ORM) database access compnent for .Net 4.0+. It has clearly and easily programing interface for ORM and sql directly, and supoorted Access, Sql Server, MySql, SQLite, Firebird, PostgreSQL and Oracle. It also provide a Ruby On Rails style MVC framework. Asp.Net DataSource and a simple IoC. DbEntry.Net.v4.2.Setup.zip include the setup package. DbEntry.Net.v4.2.Src.zip include source files and unit tests. DbEntry.Net.v4.2.Samples.zip ...Recaptcha for .NET: Recaptcha for .NET v1.5: What's NewMinor bug fixes Support for legacy .NET framework 4.0 and ASP.NET MVC 4. Support for .NET Framework 4.5.1.Azure Storage Explorer: Azure Storage Explorer 6 Preview 1: Welcome to Azure Storage Explorer 6 Preview 1 This is the first release of the latest Azure Storage Explorer, code-named Phoenix. What's New?Here are some important things to know about version 6: Open Source Now being run as a full open source project. Full source code on CodePlex. Collaboration encouraged! Updated Code Base Brand-new code base (WPF/C#/.NET 4.5) Visual Studio 2013 solution (previously VS2010) Uses the Task Parallel Library (TPL) for asynchronous background operat...Wsus Package Publisher: release v1.3.1407.29: Updated WPP to recognize the very latest console version. Some files was missing into the latest release of WPP which lead to crash when trying to make a custom update. Add a workaround to avoid clipboard modification when double-clicking on a label when creating a custom update. Add the ability to publish detectoids. (This feature is still in a BETA phase. Packages relying on these detectoids to determine which computers need to be updated, may apply to all computers).VG-Ripper & PG-Ripper: PG-Ripper 1.4.32: changes NEW: Added Support for 'ImgMega.com' links NEW: Added Support for 'ImgCandy.net' links NEW: Added Support for 'ImgPit.com' links NEW: Added Support for 'Img.yt' links FIXED: 'Radikal.ru' links FIXED: 'ImageTeam.org' links FIXED: 'ImgSee.com' links FIXED: 'Img.yt' linksDynamics AX Development tools: Version 1.0.0: Alpha release of the package. I am just combining greate community tools into a package. I have not go through testing every function of the tools. However, feel free to point out if you found any bugs!Asp.Net MVC-4,Entity Framework and JQGrid Demo with Todo List WebApplication: Asp.Net MVC-4,Entity Framework and JQGrid Demo: Asp.Net MVC-4,Entity Framework and JQGrid Demo with simple Todo List WebApplication, Overview TodoList is a simple web application to create, store and modify Todo tasks to be maintained by the users, which comprises of following fields to the user (Task Name, Task Description, Severity, Target Date, Task Status). TodoList web application is created using MVC - 4 architecture, code-first Entity Framework (ORM) and Jqgrid for displaying the data.Waterfox: Waterfox 31.0 Portable: New features in Waterfox 31.0: Added support for Unicode 7.0 Experimental support for WebCL New features in Firefox 31.0:New Add the search field to the new tab page Support of Prefer:Safe http header for parental control mozilla::pkix as default certificate verifier Block malware from downloaded files Block malware from downloaded files audio/video .ogg and .pdf files handled by Firefox if no application specified Changed Removal of the CAPS infrastructure for specifying site-sp...SuperSocket, an extensible socket server framework: SuperSocket 1.6.3: The changes below are included in this release: fixed an exception when collect a server's status but it has been stopped fixed a bug that can cause an exception in case of sending data when the connection dropped already fixed the log4net missing issue for a QuickStart project fixed a warning in a QuickStart projectYnote Classic: Ynote Classic 2.8.5 Beta: Several Changes - Multiple Carets and Multiple Selections - Improved Startup Time - Improved Syntax Highlighting - Search Improvements - Shell Command - Improved StabilityHead First C#: The Quest: The Quest: Stable release of "The Quest" game ( Lab 2 from Head First C#, 3rd edition)TCP/IP Adapter BizTalk 2013: TCPIP Adapter for BizTalk 2013 - Version 1.0: Version 1.0 This is an updated version of the BizTalk 2010 TCP/IP adapter. References have been updated and a new setup (ISLE) has been used. Follow the installation instructions below to install the adapter. Still want to automate step 4, but haven't got to it yet. Installation instructions Make sure to close the BizTalk Administration Console. Just to make sure everything gets refreshed after installation. Download and install the setup. The setup makes sure the adapter will be regis...gicon: gicon HTTP service v1.0.0: core: 1.0.0.26592 service: 1.0.0.27190 Github: http://rynnwang.github.io/gicon/ Github.io: http://rynnwang.github.io/gicon/ Codeplex: http://gicon.codeplex.com .NET required: 2.0 or above. Installation notes: 1. You need to run intallutil command to install ifunction.GuidIconHttpService.exe file as Windows Service 2. You need to update ifunction.GuidIconHttpService.exe.config file in the folder to set correct HTTP URI prefixes. In release zip by default, it is set as http://localhost:20000...TEBookConverter: 1.2: Fixed: Could not start convertion in some cases Fixed: Progress show during convertion was truncated Fixed: Stopping convertion didn't reset program titlenewmail_OutlookCOM: newmail_OutlookCOM: First Stable ReleaseSharePoint - Data View Web Part Documenter: Data View Web Part Documenter 1.0: .NET Framework 4 Client Profile required for this to run on your PC. Please see the documentation for running the tool.LOL zmena skinu klienta: LOL jednoduchý menic skinu klienta: Jednoduchý prográmek, který ušetrí cas pri zmene klienta. Nemusí se proklikáva18541855 adresáru :)SSRS Plus+: Latest - SSRS Plus Application and Source Code: This release contains the Beta version with significant changes in comparison to the old release which I am keeping for legacy reasons. At some point a changeover will be made once it has been confirmed that my branch is stable and Mr Bagwan is in agreement also.CS-Script Source: Release v3.8.4: CSScript.Evaluator is migrated to Mono v3.3.0 Added aggregating //css_ignore_ns from the imported scripts cs-script.7z - CS-Script Suite (binaries, documentation, samples) cs-script.ExtensionPack.7z - CS-Script Extension Pack (additional binaries and samples) cs-scriptDocs.7z - CS-Script DocumentationDotSpatial: DotSpatial 1.7: DotSpatial.Full - includes all DotSpatial libraries, extensions and DemoMap application DotSpatial.Core - includes only DotSpatial core libraries Entire list of changes see in the issue tracker. Main changes: Improved common stability, optimized memory and speed when loading and rendering shapefiles, fixed some memory leaks in rasters and shape layers. Simplified plugin infrastructure. Now there are predefined implementations for all required components (IStatusControl, IDockManager, IHead...New ProjectsBrilliantORM: ????ORM??，??SQL?????????。???????????。Crafter: ?????? ??? ????Dotnetnuke xblog // Blog, Article, Events, Documents: xBlog is a blog program based on DNN, it has powerful functions and unique design style. In addition to article management function which common blog module hasIn Plain Sight: Embedding plain text into an image so one can hide the text "In Plain Sight". A cursory view into the world of Steganography.JS Koans Visual Studio Friendly Version: A Version of JS koans loaded into Visual StudioMy Troop First: just adding to the siteOFX Parser: Biblioteca desenvolvida em C# que traduz arquivos OFX e gera a instância de uma classe que representa o arquivo. Um exemplo de uso está disponível, assim como aOrchard Custom Code module: This module adds a very simple tool to add custom code in front-end pages head and foot.SPB Export to KeePass Import Conversion: A simple script to convert the .xml-file by konste's "SPB Wallet Export" (https://spbwalletexport.codeplex.com/) into an import format accepted by KeePass 2The unTroublemaker: The unTroublemaker is a troubleshooter program that helps your project quickly find and fix missing dependency issues using simple XML-based specifications.

  Read the article

• Elfsign Object Signing on Solaris

  - by danx

  Elfsign Object Signing on Solaris Don't let this happen to you—use elfsign! Solaris elfsign(1) is a command that signs and verifies ELF format executables. That includes not just executable programs (such as ls or cp), but other ELF format files including libraries (such as libnvpair.so) and kernel modules (such as autofs). Elfsign has been available since Solaris 10 and ELF format files distributed with Solaris, since Solaris 10, are signed by either Sun Microsystems or its successor, Oracle Corporation. When an ELF file is signed, elfsign adds a new section the ELF file, .SUNW_signature, that contains a RSA public key signature and other information about the signer. That is, the algorithm used, algorithm OID, signer CN/OU, and time stamp. The signature section can later be verified by elfsign or other software by matching the signature in the file agains the ELF file contents (excluding the signature). ELF executable files may also be signed by a 3rd-party or by the customer. This is useful for verifying the origin and authenticity of executable files installed on a system. The 3rd-party or customer public key certificate should be installed in /etc/certs/ to allow verification by elfsign. For currently-released versions of Solaris, only cryptographic framework plugin libraries are verified by Solaris. However, all ELF files may be verified by the elfsign command at any time. Elfsign Algorithms Elfsign signatures are created by taking a digest of the ELF section contents, then signing the digest with RSA. To verify, one takes a digest of ELF file and compares with the expected digest that's computed from the signature and RSA public key. Originally elfsign took a MD5 digest of a SHA-1 digest of the ELF file sections, then signed the resulting digest with RSA. In Solaris 11.1 then Solaris 11.1 SRU 7 (5/2013), the elfsign crypto algorithms available have been expanded to keep up with evolving cryptography. The following table shows the available elfsign algorithms: Elfsign Algorithm Solaris Release Comments elfsign sign -F rsa_md5_sha1   S10, S11.0, S11.1 Default for S10. Not recommended* elfsign sign -F rsa_sha1 S11.1 Default for S11.1. Not recommended elfsign sign -F rsa_sha256 S11.1 patch SRU7+   Recommended ___ *Most or all CAs do not accept MD5 CSRs and do not issue MD5 certs due to MD5 hash collision problems. RSA Key Length. I recommend using RSA-2048 key length with elfsign is RSA-2048 as the best balance between a long expected "life time", interoperability, and performance. RSA-2048 keys have an expected lifetime through 2030 (and probably beyond). For details, see Recommendation for Key Management: Part 1: General, NIST Publication SP 800-57 part 1 (rev. 3, 7/2012, PDF), tables 2 and 4 (pp. 64, 67). Step 1: create or obtain a key and cert The first step in using elfsign is to obtain a key and cert from a public Certificate Authority (CA), or create your own self-signed key and cert. I'll briefly explain both methods. Obtaining a Certificate from a CA To obtain a cert from a CA, such as Verisign, Thawte, or Go Daddy (to name a few random examples), you create a private key and a Certificate Signing Request (CSR) file and send it to the CA, following the instructions of the CA on their website. They send back a signed public key certificate. The public key cert, along with the private key you created is used by elfsign to sign an ELF file. The public key cert is distributed with the software and is used by elfsign to verify elfsign signatures in ELF files. You need to request a RSA "Class 3 public key certificate", which is used for servers and software signing. Elfsign uses RSA and we recommend RSA-2048 keys. The private key and CSR can be generated with openssl(1) or pktool(1) on Solaris. Here's a simple example that uses pktool to generate a private RSA_2048 key and a CSR for sending to a CA: $ pktool gencsr keystore=file format=pem outcsr=MYCSR.p10 \ subject="CN=canineswworks.com,OU=Canine SW object signing" \ outkey=MYPRIVATEKEY.key $ openssl rsa -noout -text -in MYPRIVATEKEY.key Private-Key: (2048 bit) modulus: 00:d2:ef:42:f2:0b:8c:96:9f:45:32:fc:fe:54:94: . . . [omitted for brevity] . . . c9:c7 publicExponent: 65537 (0x10001) privateExponent: 26:14:fc:49:26:bc:a3:14:ee:31:5e:6b:ac:69:83: . . . [omitted for brevity] . . . 81 prime1: 00:f6:b7:52:73:bc:26:57:26:c8:11:eb:6c:dc:cb: . . . [omitted for brevity] . . . bc:91:d0:40:d6:9d:ac:b5:69 prime2: 00:da:df:3f:56:b2:18:46:e1:89:5b:6c:f1:1a:41: . . . [omitted for brevity] . . . f3:b7:48:de:c3:d9:ce:af:af exponent1: 00:b9:a2:00:11:02:ed:9a:3f:9c:e4:16:ce:c7:67: . . . [omitted for brevity] . . . 55:50:25:70:d3:ca:b9:ab:99 exponent2: 00:c8:fc:f5:57:11:98:85:8e:9a:ea:1f:f2:8f:df: . . . [omitted for brevity] . . . 23:57:0e:4d:b2:a0:12:d2:f5 coefficient: 2f:60:21:cd:dc:52:76:67:1a:d8:75:3e:7f:b0:64: . . . [omitted for brevity] . . . 06:94:56:d8:9d:5c:8e:9b $ openssl req -noout -text -in MYCSR.p10 Certificate Request: Data: Version: 2 (0x2) Subject: OU=Canine SW object signing, CN=canineswworks.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:d2:ef:42:f2:0b:8c:96:9f:45:32:fc:fe:54:94: . . . [omitted for brevity] . . . c9:c7 Exponent: 65537 (0x10001) Attributes: Signature Algorithm: sha1WithRSAEncryption b3:e8:30:5b:88:37:68:1c:26:6b:45:af:5e:de:ea:60:87:ea: . . . [omitted for brevity] . . . 06:f9:ed:b4 Secure storage of RSA private key. The private key needs to be protected if the key signing is used for production (as opposed to just testing). That is, protect the key to protect against unauthorized signatures by others. One method is to use a PIN-protected PKCS#11 keystore. The private key you generate should be stored in a secure manner, such as in a PKCS#11 keystore using pktool(1). Otherwise others can sign your signature. Other secure key storage mechanisms include a SCA-6000 crypto card, a USB thumb drive stored in a locked area, a dedicated server with restricted access, Oracle Key Manager (OKM), or some combination of these. I also recommend secure backup of the private key. Here's an example of generating a private key protected in the PKCS#11 keystore, and a CSR. $ pktool setpin # use if PIN not set yet Enter token passphrase: changeme Create new passphrase: Re-enter new passphrase: Passphrase changed. $ pktool gencsr keystore=pkcs11 label=MYPRIVATEKEY \ format=pem outcsr=MYCSR.p10 \ subject="CN=canineswworks.com,OU=Canine SW object signing" $ pktool list keystore=pkcs11 Enter PIN for Sun Software PKCS#11 softtoken: Found 1 asymmetric public keys. Key #1 - RSA public key: MYPRIVATEKEY Here's another example that uses openssl instead of pktool to generate a private key and CSR: $ openssl genrsa -out cert.key 2048 $ openssl req -new -key cert.key -out MYCSR.p10 Self-Signed Cert You can use openssl or pktool to create a private key and a self-signed public key certificate. A self-signed cert is useful for development, testing, and internal use. The private key created should be stored in a secure manner, as mentioned above. The following example creates a private key, MYSELFSIGNED.key, and a public key cert, MYSELFSIGNED.pem, using pktool and displays the contents with the openssl command. $ pktool gencert keystore=file format=pem serial=0xD06F00D lifetime=20-year \ keytype=rsa hash=sha256 outcert=MYSELFSIGNED.pem outkey=MYSELFSIGNED.key \ subject="O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com" $ pktool list keystore=file objtype=cert infile=MYSELFSIGNED.pem Found 1 certificates. 1. (X.509 certificate) Filename: MYSELFSIGNED.pem ID: c8:24:59:08:2b:ae:6e:5c:bc:26:bd:ef:0a:9c:54:de:dd:0f:60:46 Subject: O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com Issuer: O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com Not Before: Oct 17 23:18:00 2013 GMT Not After: Oct 12 23:18:00 2033 GMT Serial: 0xD06F00D0 Signature Algorithm: sha256WithRSAEncryption $ openssl x509 -noout -text -in MYSELFSIGNED.pem Certificate: Data: Version: 3 (0x2) Serial Number: 3496935632 (0xd06f00d0) Signature Algorithm: sha256WithRSAEncryption Issuer: O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com Validity Not Before: Oct 17 23:18:00 2013 GMT Not After : Oct 12 23:18:00 2033 GMT Subject: O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:bb:e8:11:21:d9:4b:88:53:8b:6c:5a:7a:38:8b: . . . [omitted for brevity] . . . bf:77 Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption 9e:39:fe:c8:44:5c:87:2c:8f:f4:24:f6:0c:9a:2f:64:84:d1: . . . [omitted for brevity] . . . 5f:78:8e:e8 $ openssl rsa -noout -text -in MYSELFSIGNED.key Private-Key: (2048 bit) modulus: 00:bb:e8:11:21:d9:4b:88:53:8b:6c:5a:7a:38:8b: . . . [omitted for brevity] . . . bf:77 publicExponent: 65537 (0x10001) privateExponent: 0a:06:0f:23:e7:1b:88:62:2c:85:d3:2d:c1:e6:6e: . . . [omitted for brevity] . . . 9c:e1:e0:0a:52:77:29:4a:75:aa:02:d8:af:53:24: c1 prime1: 00:ea:12:02:bb:5a:0f:5a:d8:a9:95:b2:ba:30:15: . . . [omitted for brevity] . . . 5b:ca:9c:7c:19:48:77:1e:5d prime2: 00:cd:82:da:84:71:1d:18:52:cb:c6:4d:74:14:be: . . . [omitted for brevity] . . . 5f:db:d5:5e:47:89:a7:ef:e3 exponent1: 32:37:62:f6:a6:bf:9c:91:d6:f0:12:c3:f7:04:e9: . . . [omitted for brevity] . . . 97:3e:33:31:89:66:64:d1 exponent2: 00:88:a2:e8:90:47:f8:75:34:8f:41:50:3b:ce:93: . . . [omitted for brevity] . . . ff:74:d4:be:f3:47:45:bd:cb coefficient: 4d:7c:09:4c:34:73:c4:26:f0:58:f5:e1:45:3c:af: . . . [omitted for brevity] . . . af:01:5f:af:ad:6a:09:bf Step 2: Sign the ELF File object By now you should have your private key, and obtained, by hook or crook, a cert (either from a CA or use one you created (a self-signed cert). The next step is to sign one or more objects with your private key and cert. Here's a simple example that creates an object file, signs, verifies, and lists the contents of the ELF signature. $ echo '#include <stdio.h>\nint main(){printf("Hello\\n");}'>hello.c $ make hello cc -o hello hello.c $ elfsign verify -v -c MYSELFSIGNED.pem -e hello elfsign: no signature found in hello. $ elfsign sign -F rsa_sha256 -v -k MYSELFSIGNED.key -c MYSELFSIGNED.pem -e hello elfsign: hello signed successfully. format: rsa_sha256. signer: O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com. signed on: October 17, 2013 04:22:49 PM PDT. $ elfsign list -f format -e hello rsa_sha256 $ elfsign list -f signer -e hello O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com $ elfsign list -f time -e hello October 17, 2013 04:22:49 PM PDT $ elfsign verify -v -c MYSELFSIGNED.key -e hello elfsign: verification of hello failed. format: rsa_sha256. signer: O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com. signed on: October 17, 2013 04:22:49 PM PDT. Signing using the pkcs11 keystore To sign the ELF file using a private key in the secure pkcs11 keystore, replace "-K MYSELFSIGNED.key" in the "elfsign sign" command line with "-T MYPRIVATEKEY", where MYPRIVATKEY is the pkcs11 token label. Step 3: Install the cert and test on another system Just signing the object isn't enough. You need to copy or install the cert and the signed ELF file(s) on another system to test that the signature is OK. Your public key cert should be installed in /etc/certs. Use elfsign verify to verify the signature. Elfsign verify checks each cert in /etc/certs until it finds one that matches the elfsign signature in the file. If one isn't found, the verification fails. Here's an example: $ su Password: # rm /etc/certs/MYSELFSIGNED.key # cp MYSELFSIGNED.pem /etc/certs # exit $ elfsign verify -v hello elfsign: verification of hello passed. format: rsa_sha256. signer: O=Canine Software Works, OU=Self-signed CA, CN=canineswworks.com. signed on: October 17, 2013 04:24:20 PM PDT. After testing, package your cert along with your ELF object to allow elfsign verification after your cert and object are installed or copied. Under the Hood: elfsign verification Here's the steps taken to verify a ELF file signed with elfsign. The steps to sign the file are similar except the private key exponent is used instead of the public key exponent and the .SUNW_signature section is written to the ELF file instead of being read from the file. Generate a digest (SHA-256) of the ELF file sections. This digest uses all ELF sections loaded in memory, but excludes the ELF header, the .SUNW_signature section, and the symbol table Extract the RSA signature (RSA-2048) from the .SUNW_signature section Extract the RSA public key modulus and public key exponent (65537) from the public key cert Calculate the expected digest as follows:     signaturepublicKeyExponent % publicKeyModulus Strip the PKCS#1 padding (most significant bytes) from the above. The padding is 0x00, 0x01, 0xff, 0xff, . . ., 0xff, 0x00. If the actual digest == expected digest, the ELF file is verified (OK). Further Information elfsign(1), pktool(1), and openssl(1) man pages. "Signed Solaris 10 Binaries?" blog by Darren Moffat (2005) shows how to use elfsign. "Simple CLI based CA on Solaris" blog by Darren Moffat (2008) shows how to set up a simple CA for use with self-signed certificates. "How to Create a Certificate by Using the pktool gencert Command" System Administration Guide: Security Services (available at docs.oracle.com)

  Read the article

• ??Database Replay Capture????

  - by Liu Maclean(???)

  Database Replay?11g??????,??workload capture??????????????,???????? ??Workload Capture???????: ???????????????,???????2????,??????,???????????OLTP???????capture 10????1G???? ?????: ????????????????????? ??startup restrict????,?????????? ??capture???restrict?? ????????????? ???????????????: ??scn???????? ???????? ???????? Capture???????????workload????? ???????SYSDBA?SYSOPER????OS?? ????: ?TPCC???capture??????4.5% ????session????64KB??? ???Workload Capture?????????? ????????2?, ??RAC????workload capture  file??????????????,??start_capture????? ????session????64KB???,??????????????workload  capture file????Server Process??????,?????????parse???execution????,Server Process??LOGON?LOGOFF?SQL??????????PGA?,???WCR Capture PG?WCR Capture PGA?,?PGA?????????????????,Server Process???????????WCR???,?????WCR???Server Process??’WCR: capture file IO write’????? ?WCR?????????: SQL> select * from v$version; BANNER -------------------------------------------------------------------------------- Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production PL/SQL Release 11.2.0.3.0 - Production CORE 11.2.0.3.0 Production TNS for Linux: Version 11.2.0.3.0 - Production NLSRTL Version 11.2.0.3.0 - Production SQL> select name from v$event_name where name like '%WCR%'; NAME ---------------------------------------------------------------- WCR: replay client notify WCR: replay clock WCR: replay lock order WCR: replay paused WCR: RAC message context busy WCR: capture file IO write WCR: Sync context busy latch: WCR: sync latch: WCR: processes HT 11g????????WCR???LATCH 1* select name,gets from v$latch where name like '%WCR%' SQL> / NAME GETS ------------------------------ ---------- WCR: kecu cas mem 3 WCR: kecr File Count 37 WCR: MMON Create dir 1 WCR: ticker cache 0 WCR: sync 495 WCR: processes HT 0 WCR: MTS VC queue 0 7 rows selected. ????????????Database Replay Capture????? 1. ????capture dbms_workload_capture.start_capture CREATE OR REPLACE DIRECTORY dbcapture AS '/home/oracle/dbcapture'; execute dbms_workload_capture.start_capture('CAPTURE','DBCAPTURE',default_action=>'INCLUDE'); SQL> select id,name,status,start_time,end_time,connects,user_calls,dir_path from dba_workload_captures where id = (select max(id) from dba_workload_captures) ; ID ---------- NAME -------------------------------------------------------------------------------- STATUS START_TIM END_TIME CONNECTS ---------------------------------------- --------- --------- ---------- USER_CALLS ---------- DIR_PATH -------------------------------------------------------------------------------- 1 CAPTURE IN PROGRESS 08-DEC-12 11 ID ---------- NAME -------------------------------------------------------------------------------- STATUS START_TIM END_TIME CONNECTS ---------------------------------------- --------- --------- ---------- USER_CALLS ---------- DIR_PATH -------------------------------------------------------------------------------- 167 /home/oracle/dbcapture 2. ?? capture file?? [oracle@mlab2 dbcapture]$ ls -lR .: total 8 drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 cap drwxr-xr-x 3 oracle oinstall 4096 Dec 8 07:24 capfiles -rw-r--r-- 1 oracle oinstall 0 Dec 8 07:24 wcr_cap_00001.start ./cap: total 4 -rw-r--r-- 1 oracle oinstall 91 Dec 8 07:24 wcr_scapture.wmd ./capfiles: total 4 drwxr-xr-x 12 oracle oinstall 4096 Dec 8 07:24 inst1 ./capfiles/inst1: total 40 drwxr-xr-x 2 oracle oinstall 4096 Dec 8 08:31 aa drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 ab drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 ac drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 ad drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 ae drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 af drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 ag drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 ah drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 ai drwxr-xr-x 2 oracle oinstall 4096 Dec 8 07:24 aj ./capfiles/inst1/aa: total 316 -rw-r--r-- 1 oracle oinstall 1762 Dec 8 07:25 wcr_c6cdah0000001.rec -rw-r--r-- 1 oracle oinstall 16478 Dec 8 07:28 wcr_c6cf1h0000002.rec -rw-r--r-- 1 oracle oinstall 1772 Dec 8 07:29 wcr_c6cjdh0000004.rec -rw-r--r-- 1 oracle oinstall 1535 Dec 8 07:29 wcr_c6cnah0000005.rec -rw-r--r-- 1 oracle oinstall 1821 Dec 8 07:41 wcr_c6cpfh0000007.rec -rw-r--r-- 1 oracle oinstall 1815 Dec 8 07:33 wcr_c6cq6h000000a.rec -rw-r--r-- 1 oracle oinstall 1535 Dec 8 07:34 wcr_c6cxmh000000h.rec -rw-r--r-- 1 oracle oinstall 1427 Dec 8 07:41 wcr_c6cxvh000000j.rec -rw-r--r-- 1 oracle oinstall 1425 Dec 8 07:41 wcr_c6czph000000k.rec -rw-r--r-- 1 oracle oinstall 2398 Dec 8 07:49 wcr_c6dqfh000000q.rec -rw-r--r-- 1 oracle oinstall 259321 Dec 8 08:35 wcr_c6du7h000000r.rec -rw-r--r-- 1 oracle oinstall 0 Dec 8 07:55 wcr_c6f6yh000000t.rec -rw-r--r-- 1 oracle oinstall 0 Dec 8 08:28 wcr_c6h3qh0000013.rec ./capfiles/inst1/ab: total 0 ./capfiles/inst1/ac: total 0 ./capfiles/inst1/ad: total 0 ./capfiles/inst1/ae: total 0 ./capfiles/inst1/af: total 0 ./capfiles/inst1/ag: total 0 ./capfiles/inst1/ah: total 0 ./capfiles/inst1/ai: total 0 ./capfiles/inst1/aj: total 0 [oracle@mlab2 dbcapture]$ cd ./capfiles/inst1/aa [oracle@mlab2 aa]$ ls -l total 316 -rw-r--r-- 1 oracle oinstall 1762 Dec 8 07:25 wcr_c6cdah0000001.rec -rw-r--r-- 1 oracle oinstall 16478 Dec 8 07:28 wcr_c6cf1h0000002.rec -rw-r--r-- 1 oracle oinstall 1772 Dec 8 07:29 wcr_c6cjdh0000004.rec -rw-r--r-- 1 oracle oinstall 1535 Dec 8 07:29 wcr_c6cnah0000005.rec -rw-r--r-- 1 oracle oinstall 1821 Dec 8 07:41 wcr_c6cpfh0000007.rec -rw-r--r-- 1 oracle oinstall 1815 Dec 8 07:33 wcr_c6cq6h000000a.rec -rw-r--r-- 1 oracle oinstall 1535 Dec 8 07:34 wcr_c6cxmh000000h.rec -rw-r--r-- 1 oracle oinstall 1427 Dec 8 07:41 wcr_c6cxvh000000j.rec -rw-r--r-- 1 oracle oinstall 1425 Dec 8 07:41 wcr_c6czph000000k.rec -rw-r--r-- 1 oracle oinstall 2398 Dec 8 07:49 wcr_c6dqfh000000q.rec -rw-r--r-- 1 oracle oinstall 259321 Dec 8 08:35 wcr_c6du7h000000r.rec -rw-r--r-- 1 oracle oinstall 0 Dec 8 07:55 wcr_c6f6yh000000t.rec -rw-r--r-- 1 oracle oinstall 0 Dec 8 08:28 wcr_c6h3qh0000013.rec [oracle@mlab2 aa]$ ls -l |wc -l 14 ???????14??? 3. ??LOGON????Server Process [oracle@mlab2 ~]$ sqlplus / as sysdba SQL*Plus: Release 11.2.0.3.0 Production on Sat Dec 8 08:37:40 2012 Copyright (c) 1982, 2011, Oracle. All rights reserved. Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production With the Partitioning, Automatic Storage Management, OLAP, Data Mining and Real Application Testing options ?????wcr?? [oracle@mlab2 aa]$ ls -ltr total 316 -rw-r--r-- 1 oracle oinstall 1762 Dec 8 07:25 wcr_c6cdah0000001.rec -rw-r--r-- 1 oracle oinstall 16478 Dec 8 07:28 wcr_c6cf1h0000002.rec -rw-r--r-- 1 oracle oinstall 1772 Dec 8 07:29 wcr_c6cjdh0000004.rec -rw-r--r-- 1 oracle oinstall 1535 Dec 8 07:29 wcr_c6cnah0000005.rec -rw-r--r-- 1 oracle oinstall 1815 Dec 8 07:33 wcr_c6cq6h000000a.rec -rw-r--r-- 1 oracle oinstall 1535 Dec 8 07:34 wcr_c6cxmh000000h.rec -rw-r--r-- 1 oracle oinstall 1425 Dec 8 07:41 wcr_c6czph000000k.rec -rw-r--r-- 1 oracle oinstall 1427 Dec 8 07:41 wcr_c6cxvh000000j.rec -rw-r--r-- 1 oracle oinstall 1821 Dec 8 07:41 wcr_c6cpfh0000007.rec -rw-r--r-- 1 oracle oinstall 2398 Dec 8 07:49 wcr_c6dqfh000000q.rec -rw-r--r-- 1 oracle oinstall 0 Dec 8 07:55 wcr_c6f6yh000000t.rec -rw-r--r-- 1 oracle oinstall 0 Dec 8 08:28 wcr_c6h3qh0000013.rec -rw-r--r-- 1 oracle oinstall 259321 Dec 8 08:35 wcr_c6du7h000000r.rec -rw-r--r-- 1 oracle oinstall 0 Dec 8 08:37 wcr_c6hp4h0000018.rec ??????wcr_c6hp4h0000018.rec ??? SQL> select spid from v$process where addr = ( select paddr from v$session where sid=(select distinct sid from v$mystat)); SPID ------------------------ 14293 ????????????????14293, ???????????????,??????wcr_c6hp4h0000018.rec [oracle@mlab2 ~]$ ls -l /proc/14293/fd total 0 lr-x------ 1 oracle oinstall 64 Dec 8 08:39 0 -> /dev/null l-wx------ 1 oracle oinstall 64 Dec 8 08:39 1 -> /dev/null lrwx------ 1 oracle oinstall 64 Dec 8 08:39 10 -> /u01/app/oracle/product/11201/db_1/rdbms/audit/CRMV_ora_14293_1.aud l-wx------ 1 oracle oinstall 64 Dec 8 08:39 11 -> /u01/app/oracle/diag/rdbms/crmv/CRMV/trace/CRMV_ora_14293.trc l-wx------ 1 oracle oinstall 64 Dec 8 08:39 12 -> pipe:[34585895] l-wx------ 1 oracle oinstall 64 Dec 8 08:39 13 -> /u01/app/oracle/diag/rdbms/crmv/CRMV/trace/CRMV_ora_14293.trm l-wx------ 1 oracle oinstall 64 Dec 8 08:39 2 -> /dev/null lr-x------ 1 oracle oinstall 64 Dec 8 08:39 3 -> /dev/null lr-x------ 1 oracle oinstall 64 Dec 8 08:39 4 -> /dev/null lr-x------ 1 oracle oinstall 64 Dec 8 08:39 5 -> /u01/app/oracle/product/11201/db_1/rdbms/mesg/oraus.msb lr-x------ 1 oracle oinstall 64 Dec 8 08:39 6 -> /proc/14293/fd lr-x------ 1 oracle oinstall 64 Dec 8 08:39 7 -> /dev/zero lrwx------ 1 oracle oinstall 64 Dec 8 08:39 8 -> /home/oracle/dbcapture/capfiles/inst1/aa/wcr_c6hp4h0000018.rec lr-x------ 1 oracle oinstall 64 Dec 8 08:39 9 -> pipe:[34585894] ?????lsof?? [root@mlab2 ~]# lsof|grep wcr_c6hp4h0000018.rec oracle 14293 oracle 8u REG 8,1 0 17629644 /home/oracle/dbcapture/capfiles/inst1/aa/wcr_c6hp4h0000018.rec ????????,??Server Process????WCR REC??,?Server Process LOGON?????? 3.????SQL??: SQL> select 1 from dual; 1 ---------- 1 SQL> / 1 ---------- 1 [oracle@mlab2 aa]$ strings wcr_c6hp4h0000018.rec ==»????SQL????, ??????? ??????SQL???,???????????????WCR??????,LOGON???????????SQL????,????????? [oracle@mlab2 aa]$ strings wcr_c6hp4h0000018.rec 11.2.0.3.0 *File header info. (Shadow process='14293') D0576B5D710A34F4E043B201A8C0ECFE SYS; NLS_LANGUAGE? AMERICAN> NLS_TERRITORY? AMERICA> NLS_CURRENCY? NLS_ISO_CURRENCY? AMERICA> NLS_NUMERIC_CHARACTERS? NLS_CALENDAR? GREGORIAN> NLS_DATE_FORMAT? DD-MON-RR> NLS_DATE_LANGUAGE? AMERICAN> NLS_CHARACTERSET? AL32UTF8> NLS_SORT? BINARY> NLS_TIME_FORMAT? HH.MI.SSXFF AM> NLS_TIMESTAMP_FORMAT? DD-MON-RR HH.MI.SSXFF AM> NLS_TIME_TZ_FORMAT? HH.MI.SSXFF AM TZR> NLS_TIMESTAMP_TZ_FORMAT? DD-MON-RR HH.MI.SSXFF AM TZR> NLS_DUAL_CURRENCY? NLS_SPECIAL_CHARS? NLS_NCHAR_CHARACTERSET? UTF8> NLS_COMP? BINARY> NLS_LENGTH_SEMANTICS? BYTE> NLS_NCHAR_CONV_EXCP? FALSE (DESCRIPTION=(ADDRESS=(PROTOCOL=beq)(PROGRAM=/u01/app/oracle/product/11201/db_1/bin/oracle)(ARGV0=oracleCRMV)(ARGS='(DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq)))')(DETACH=NO))(CONNECT_DATA=(CID=(PROGRAM=sqlplus)(HOST=mlab2.oracle.com)(USER=oracle)))) ,[email protected] (TNS V1-V3)U tselect spid from v$process where addr = ( select paddr from v$session where sid=(select distinct sid from v$mystat)) ` _ select 1 from dual select 1 from dual ??????????????????? [oracle@mlab2 aa]$ strings wcr_c6hp4h0000018.rec 9`9_^B create table vva(t1 int) `:_i :`:_iB `;_^ ;`;_^B create table vva(t1 int) `_i >`>_iB FusC `?_^ ?`?_^B FvWC _begin for i in 1..50000 loop execute immediate 'select 1 from dual where 2='||i; end loop; end; ?SERVER PROCESS LOGOFF ??????? C`E_ B k^2C ????Server Process????parse?execution???WCR??,??????????PGA?,????????????,????????,?????WCR???????????,???????? 4. ?????? SQL> oradebug setmypid Statement processed. SQL> oradebug dump processstate 10; Statement processed. SQL> oradebug tracefile_name /u01/app/oracle/diag/rdbms/crmv/CRMV/trace/CRMV_ora_14293.trc ?processstate ??????????????? WCR: capture file IO write,??Server process??WCR ?? 3: waited for 'SQL*Net message to client' driver id=0x62657100, #bytes=0x1, =0x0 wait_id=139 seq_num=140 snap_id=1 wait times: snap=0.000007 sec, exc=0.000007 sec, total=0.000007 sec wait times: max=infinite wait counts: calls=0 os=0 occurred after 0.934091 sec of elapsed time 4: waited for 'latch: shared pool' address=0x60106b20, number=0x133, tries=0x0 wait_id=138 seq_num=139 snap_id=1 wait times: snap=0.000066 sec, exc=0.000066 sec, total=0.000066 sec wait times: max=infinite wait counts: calls=0 os=0 occurred after 1.180690 sec of elapsed time 5: waited for 'WCR: capture file IO write' =0x0, =0x0, =0x0 wait_id=137 seq_num=138 snap_id=1 wait times: snap=0.000189 sec, exc=0.000189 sec, total=0.000189 sec wait times: max=infinite wait counts: calls=0 os=0 occurred after 3.122783 sec of elapsed time 6: waited for 'WCR: capture file IO write' =0x0, =0x0, =0x0 wait_id=136 seq_num=137 snap_id=1 wait times: snap=0.000191 sec, exc=0.000191 sec, total=0.000191 sec wait times: max=infinite wait counts: calls=0 os=0 occurred after 3.053132 sec of elapsed time 7: waited for 'WCR: capture file IO write' 5.??PGA???? SQL> oradebug dump heapdump 536870917; Statement processed. grep WCR /u01/app/oracle/diag/rdbms/crmv/CRMV/trace/CRMV_ora_14293.trc Chunk 7fb1b606bfc0 sz= 65600 freeable "WCR Capture PG " ds=0x7fb1b6115f90 Chunk 7fb1b6111e18 sz= 4224 freeable "WCR Capture PG " ds=0x7fb1b6115f90 Chunk 7fb1b6112e98 sz= 4184 freeable "WCR Capture PG " ds=0x7fb1b6115f90 Chunk 7fb1b6113ef0 sz= 4224 freeable "WCR Capture PG " ds=0x7fb1b6115f90 Chunk 7fb1b6114f70 sz= 4104 recreate "WCR Capture PG " latch=(nil) Chunk 7fb1b6115f78 sz= 160 freeable "WCR Capture PGA" Chunk 7fb1b6116018 sz= 3248 freeable "WCR Capture PGA" Subheap ds=0x7fb1b6115f90 heap name= WCR Capture PG size= 82336 HEAP DUMP heap name="WCR Capture PG" desc=0x7fb1b6115f90 FIVE LARGEST SUB HEAPS for heap name="WCR Capture PG" desc=0x7fb1b6115f9 PGA???WCR Capture PG ?WCR Capture PGA?freeable or recreate??chunk,???????Server Process???OS Chunk 7fb1b606bfc0 sz= 65600 freeable "WCR Capture PG " ds=0x7fb1b6115f90 sz= 65600=» 64k ??????????64k??,???????????????64k WCR????????????:)! 6.???? ??WCR CAPTURE????????2? SQL> SELECT x.ksppinm NAME, y.ksppstvl VALUE, x.ksppdesc describ 2 FROM SYS.x$ksppi x, SYS.x$ksppcv y 3 WHERE x.inst_id = USERENV ('Instance') 4 AND y.inst_id = USERENV ('Instance') 5 AND x.indx = y.indx 6 AND x.ksppinm in ('_capture_buffer_size','_wcr_control'); NAME VALUE DESCRIB -------------------- -------------------- ------------------------------------------------------------ _wcr_control 0 Oracle internal test WCR parameter used ONLY for testing! _capture_buffer_size 65536 To set the size of the PGA I/O recording buffers ??_capture_buffer_size ??PGA?WCR BUFFER?SIZE,???64k _wcr_control ??WCR?????,?????? ????,??????: 1. ???WCR WORKLOAD CAPTURE???????????,??Server Process????(????)2. ???server process????WCR??3. Server Proess???LOGON?LOGOFF?SQL?????????WCR???4. Server Process????????Immediate mode,????????PGA?(WCR Capture) subheap?,??????????????(timeout?????)5. ????, Server Process????????Immediate mode,?capture????parse??execution??(?????capture???parse?????????????,parse????capture???),?????LOGON?SQL??(???????)??PGA?WCR Capture?????,???????,????????,??tpcc??????4.5%6. ????_capture_buffer_size ??PGA?WCR BUFFER?SIZE,???64k7. WCR Capture?????binrary 2????,?????,????????????????WCR capture file8. WCR: capture file IO write?????Server Process??WCR??

  Read the article

• How to write a XSLT for this XML?

  - by atrueguy

  <?xml version="1.0" encoding="utf-8"?> <!-- Generator: Adobe Illustrator 14.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 43363) --> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> <svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="612px" height="792px" viewBox="0 0 612 792" enable-background="new 0 0 612 792" xml:space="preserve"> <g id="Original_Text"> <line x1="92.676" y1="500.913" x2="92.676" y2="500.262"/> <line x1="15.208" y1="500.913" x2="15.208" y2="500.262"/> <line x1="92.676" y1="500.262" x2="92.676" y2="500.913"/> <line x1="15.208" y1="510.329" x2="15.208" y2="509.678"/> <line x1="92.676" y1="500.913" x2="92.676" y2="500.262"/> <rect x="15.208" y="574.678" display="none" width="77.468" height="0.651"/> <text transform="matrix(1 0 0 1 258.6782 28.9111)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="8.4629">Bartlet</tspan><tspan x="24.459" y="0" font-family="'ArialMT'" font-size="8.4629">t</tspan><tspan x="26.895" y="0" font-family="'ArialMT'" font-size="8.4629"> </tspan><tspan x="29.035" y="0" font-family="'ArialMT'" font-size="8.4629">Managemen</tspan><tspan x="76.081" y="0" font-family="'ArialMT'" font-size="8.4629">t</tspan><tspan x="78.601" y="0" font-family="'ArialMT'" font-size="8.4629"> </tspan><tspan x="80.741" y="0" font-family="'ArialMT'" font-size="8.4629">Services</tspan></text> <text transform="matrix(1 0 0 1 522.9805 39.562)"><tspan x="0" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609">Report</tspan><tspan x="21.493" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609">s</tspan><tspan x="25.382" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="27.343" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609">Home</tspan></text> <line fill="none" stroke="#0000FF" stroke-width="0.651" stroke-miterlimit="10" x1="522.98" y1="40.213" x2="569.852" y2="40.213"/> <text transform="matrix(1 0 0 1 261.2822 39.3267)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Consolidate</tspan><tspan x="37.818" y="0" font-family="'ArialMT'" font-size="7.1609">d</tspan><tspan x="41.901" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="44.105" y="0" font-family="'ArialMT'" font-size="7.1609">Weekl</tspan><tspan x="64.001" y="0" font-family="'ArialMT'" font-size="7.1609">y</tspan><tspan x="67.975" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="70.18" y="0" font-family="'ArialMT'" font-size="7.1609">Sales</tspan><tspan x="88.092" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="90.297" y="0" font-family="'ArialMT'" font-size="7.1609">Report</tspan></text> <text transform="matrix(1 0 0 1 522.9775 49.3267)"><tspan x="0" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609">Stor</tspan><tspan x="13.133" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609">e</tspan><tspan x="17.566" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="19.527" y="0" fill="#0000FF" font-family="'ArialMT'" font-size="7.1609">Finder</tspan></text> <line fill="none" stroke="#0000FF" stroke-width="0.651" stroke-miterlimit="10" x1="521.98" y1="49.978" x2="562.341" y2="49.978"/> <text transform="matrix(1 0 0 1 282.7881 49.9775)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">P</tspan><tspan x="4.776" y="0" font-family="'ArialMT'" font-size="7.1609">D</tspan><tspan x="10.27" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="12.475" y="0" font-family="'ArialMT'" font-size="7.1609"> / </tspan></text> <text transform="matrix(1 0 0 1 123.5044 60.8589)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Wee</tspan><tspan x="14.724" y="0" font-family="'ArialMT'" font-size="7.1609">k</tspan><tspan x="18.949" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="21.153" y="0" font-family="'ArialMT'" font-size="7.1609">1</tspan></text> <text transform="matrix(1 0 0 1 190.1138 60.8589)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Wee</tspan><tspan x="14.724" y="0" font-family="'ArialMT'" font-size="7.1609">k</tspan><tspan x="18.949" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="21.153" y="0" font-family="'ArialMT'" font-size="7.1609">2</tspan></text> <text transform="matrix(1 0 0 1 261.6782 60.8589)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Wee</tspan><tspan x="14.724" y="0" font-family="'ArialMT'" font-size="7.1609">k</tspan><tspan x="18.949" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="21.153" y="0" font-family="'ArialMT'" font-size="7.1609">3</tspan></text> <text transform="matrix(1 0 0 1 331.377 60.8589)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Wee</tspan><tspan x="14.724" y="0" font-family="'ArialMT'" font-size="7.1609">k</tspan><tspan x="18.949" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="21.153" y="0" font-family="'ArialMT'" font-size="7.1609">4</tspan></text> <text transform="matrix(1 0 0 1 400.3164 60.8589)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Wee</tspan><tspan x="14.724" y="0" font-family="'ArialMT'" font-size="7.1609">k</tspan><tspan x="18.949" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="21.153" y="0" font-family="'ArialMT'" font-size="7.1609">5</tspan></text> <text transform="matrix(1 0 0 1 461.751 60.9487)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">P</tspan><tspan x="4.805" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="7.404" y="0" font-family="'ArialMT'" font-size="7.1609">T</tspan><tspan x="11.808" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="14.406" y="0" font-family="'ArialMT'" font-size="7.1609">D</tspan><tspan x="19.864" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="22.068" y="0" font-family="'ArialMT'" font-size="7.1609">Total</tspan></text> <text transform="matrix(1 0 0 1 527.6309 60.8589)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Yea</tspan><tspan x="12.741" y="0" font-family="'ArialMT'" font-size="7.1609">r</tspan><tspan x="15.699" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="18.298" y="0" font-family="'ArialMT'" font-size="7.1609">T</tspan><tspan x="22.673" y="0" font-family="'ArialMT'" font-size="7.1609">o</tspan><tspan x="27.12" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="29.72" y="0" font-family="'ArialMT'" font-size="7.1609">Dat</tspan><tspan x="40.863" y="0" font-family="'ArialMT'" font-size="7.1609">e</tspan><tspan x="45.419" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="47.623" y="0" font-family="'ArialMT'" font-size="7.1609">Total</tspan></text> <text transform="matrix(1 0 0 1 112.853 72.6265)" font-family="'ArialMT'" font-size="7.1609">$</text> <text transform="matrix(1 0 0 1 148.0059 72.6265)" font-family="'ArialMT'" font-size="7.1609">%</text> <text transform="matrix(1 0 0 1 184.4619 72.6265)" font-family="'ArialMT'" font-size="7.1609">$</text> <text transform="matrix(1 0 0 1 218.9629 72.6265)" font-family="'ArialMT'" font-size="7.1609">%</text> <text transform="matrix(1 0 0 1 255.4194 72.6265)" font-family="'ArialMT'" font-size="7.1609">$</text> <text transform="matrix(1 0 0 1 289.9204 72.6265)" font-family="'ArialMT'" font-size="7.1609">%</text> <text transform="matrix(1 0 0 1 326.377 72.6265)" font-family="'ArialMT'" font-size="7.1609">$</text> <text transform="matrix(1 0 0 1 360.8779 72.6265)" font-family="'ArialMT'" font-size="7.1609">%</text> <text transform="matrix(1 0 0 1 397.334 72.6265)" font-family="'ArialMT'" font-size="7.1609">$</text> <text transform="matrix(1 0 0 1 431.835 72.6265)" font-family="'ArialMT'" font-size="7.1609">%</text> <text transform="matrix(1 0 0 1 470.2461 72.6265)" font-family="'ArialMT'" font-size="7.1609">$</text> <text transform="matrix(1 0 0 1 506.0508 72.6265)" font-family="'ArialMT'" font-size="7.1609">%</text> <text transform="matrix(1 0 0 1 546.4092 72.6265)" font-family="'ArialMT'" font-size="7.1609">$</text> <text transform="matrix(1 0 0 1 584.1689 72.6265)" font-family="'ArialMT'" font-size="7.1609">%</text> <text transform="matrix(1 0 0 1 15.1997 83.394)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Ne</tspan><tspan x="9.154" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="11.716" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="13.677" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="16.277" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.237" y="0" font-family="'ArialMT'" font-size="7.1609">KFC</tspan></text> <text transform="matrix(1 0 0 1 15.1997 94.1616)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Ne</tspan><tspan x="9.154" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="11.716" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="13.677" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="16.277" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.237" y="0" font-family="'ArialMT'" font-size="7.1609">A&amp;W</tspan></text> <text transform="matrix(1 0 0 1 15.1997 104.9287)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Ne</tspan><tspan x="9.154" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="11.716" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="13.677" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="16.277" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.237" y="0" font-family="'ArialMT'" font-size="7.1609">LJS</tspan></text> <text transform="matrix(1 0 0 1 15.1924 115.6963)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Ne</tspan><tspan x="9.154" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="11.716" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="13.677" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="16.277" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.237" y="0" font-family="'ArialMT'" font-size="7.1609">TB</tspan></text> <text transform="matrix(1 0 0 1 15.1924 126.9639)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Tota</tspan><tspan x="14.329" y="0" font-family="'ArialMT'" font-size="7.1609">l</tspan><tspan x="16.457" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.661" y="0" font-family="'ArialMT'" font-size="7.1609">Net</tspan></text> <text transform="matrix(1 0 0 1 15.1851 149.2949)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Las</tspan><tspan x="11.545" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="13.671" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="15.632" y="0" font-family="'ArialMT'" font-size="7.1609">Yea</tspan><tspan x="28.374" y="0" font-family="'ArialMT'" font-size="7.1609">r</tspan><tspan x="31.252" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="33.213" y="0" font-family="'ArialMT'" font-size="7.1609">Sales</tspan></text> <text transform="matrix(1 0 0 1 15.1855 161.0625)" font-family="'ArialMT'" font-size="7.1609">Increase</text> <text transform="matrix(1 0 0 1 15.2065 171.8296)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Las</tspan><tspan x="11.545" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="13.671" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="15.632" y="0" font-family="'ArialMT'" font-size="7.1609">yea</tspan><tspan x="27.178" y="0" font-family="'ArialMT'" font-size="7.1609">r</tspan><tspan x="29.949" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="31.91" y="0" font-family="'ArialMT'" font-size="7.1609">Nex</tspan><tspan x="44.644" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="46.884" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="48.845" y="0" font-family="'ArialMT'" font-size="7.1609">Week</tspan></text> <text transform="matrix(1 0 0 1 15.2065 193.3574)" font-family="'ArialMT'" font-size="7.1609">Chicken</text> <text transform="matrix(1 0 0 1 15.1997 205.125)" font-family="'ArialMT'" font-size="7.1609">Filets</text> <text transform="matrix(1 0 0 1 15.1997 215.8926)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Popcor</tspan><tspan x="22.689" y="0" font-family="'ArialMT'" font-size="7.1609">n</tspan><tspan x="26.686" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="28.646" y="0" font-family="'ArialMT'" font-size="7.1609">Chicken</tspan></text> <text transform="matrix(1 0 0 1 15.1997 226.6602)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Crisp</tspan><tspan x="16.71" y="0" font-family="'ArialMT'" font-size="7.1609">y</tspan><tspan x="20.828" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="22.788" y="0" font-family="'ArialMT'" font-size="7.1609">Strips</tspan></text> <text transform="matrix(1 0 0 1 15.1997 237.4272)" font-family="'ArialMT'" font-size="7.1609">Special</text> <text transform="matrix(1 0 0 1 15.1924 248.1948)" font-family="'ArialMT'" font-size="7.1609">Wings</text> <text transform="matrix(1 0 0 1 15.1924 257.9624)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Subtota</tspan><tspan x="24.686" y="0" font-family="'ArialMT'" font-size="7.1609">l</tspan><tspan x="26.448" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="28.652" y="0" font-family="'ArialMT'" font-size="7.1609">Chicken</tspan></text> <text transform="matrix(1 0 0 1 15.1851 280.2935)" font-family="'ArialMT'" font-size="7.1609">Shortening</text> <text transform="matrix(1 0 0 1 15.1851 291.5605)" font-family="'ArialMT'" font-size="7.1609">Flour</text> <text transform="matrix(1 0 0 1 15.1851 302.3281)" font-family="'ArialMT'" font-size="7.1609">Biscuits</text> <text transform="matrix(1 0 0 1 15.1851 313.0957)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Frie</tspan><tspan x="12.332" y="0" font-family="'ArialMT'" font-size="7.1609">s</tspan><tspan x="16.278" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.239" y="0" font-family="'ArialMT'" font-size="7.1609">/</tspan><tspan x="20.844" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="22.805" y="0" font-family="'ArialMT'" font-size="7.1609">Onio</tspan><tspan x="37.931" y="0" font-family="'ArialMT'" font-size="7.1609">n</tspan><tspan x="42.329" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="44.29" y="0" font-family="'ArialMT'" font-size="7.1609">Rings</tspan></text> <text transform="matrix(1 0 0 1 15.1851 323.9385)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Potatoe</tspan><tspan x="24.686" y="0" font-family="'ArialMT'" font-size="7.1609">s</tspan><tspan x="28.646" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="30.606" y="0" font-family="'ArialMT'" font-size="7.1609">-</tspan><tspan x="33.206" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="35.167" y="0" font-family="'ArialMT'" font-size="7.1609">Mashed</tspan></text> <text transform="matrix(1 0 0 1 15.1851 334.6309)" font-family="'ArialMT'" font-size="7.1609">Desserts</text> <text transform="matrix(1 0 0 1 15.1851 345.3979)" font-family="'ArialMT'" font-size="7.1609">Drinks</text> <text transform="matrix(1 0 0 1 15.1851 357.1655)" font-family="'ArialMT'" font-size="7.1609">Corn</text> <text transform="matrix(1 0 0 1 15.1851 367.4331)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Ms</tspan><tspan x="9.545" y="0" font-family="'ArialMT'" font-size="7.1609">c</tspan><tspan x="13.663" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="15.624" y="0" font-family="'ArialMT'" font-size="7.1609">Entrees</tspan></text> <text transform="matrix(1 0 0 1 15.1846 378.2002)" font-family="'ArialMT'" font-size="7.1609">Salads</text> <text transform="matrix(1 0 0 1 15.1846 388.9678)" font-family="'ArialMT'" font-size="7.1609">Condiments</text> <text transform="matrix(1 0 0 1 15.1846 400.2354)" font-family="'ArialMT'" font-size="7.1609">Paper</text> <text transform="matrix(1 0 0 1 15.2012 410.9385)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">A&amp;</tspan><tspan x="9.553" y="0" font-family="'ArialMT'" font-size="7.1609">W</tspan><tspan x="16.927" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.888" y="0" font-family="'ArialMT'" font-size="7.1609">Sandwiches</tspan></text> <text transform="matrix(1 0 0 1 15.1943 421.2051)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">LJ</tspan><tspan x="7.563" y="0" font-family="'ArialMT'" font-size="7.1609">S</tspan><tspan x="12.368" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="14.329" y="0" font-family="'ArialMT'" font-size="7.1609">Product</tspan></text> <text transform="matrix(1 0 0 1 15.1938 431.4736)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">T</tspan><tspan x="4.374" y="0" font-family="'ArialMT'" font-size="7.1609">B</tspan><tspan x="9.766" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="11.727" y="0" font-family="'ArialMT'" font-size="7.1609">Product</tspan></text> <text transform="matrix(1 0 0 1 15.208 441.2402)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Tota</tspan><tspan x="14.329" y="0" font-family="'ArialMT'" font-size="7.1609">l</tspan><tspan x="16.457" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.661" y="0" font-family="'ArialMT'" font-size="7.1609">C.O.S</tspan></text> <text transform="matrix(1 0 0 1 15.187 465.0713)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Hourl</tspan><tspan x="17.112" y="0" font-family="'ArialMT'" font-size="7.1609">y</tspan><tspan x="20.829" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="22.79" y="0" font-family="'ArialMT'" font-size="7.1609">Labor</tspan></text> <text transform="matrix(1 0 0 1 15.1797 474.8389)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Mgm</tspan><tspan x="15.913" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="18.225" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="20.186" y="0" font-family="'ArialMT'" font-size="7.1609">Labor</tspan></text> <text transform="matrix(1 0 0 1 15.1724 486.6064)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Tota</tspan><tspan x="14.329" y="0" font-family="'ArialMT'" font-size="7.1609">l</tspan><tspan x="16.457" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.661" y="0" font-family="'ArialMT'" font-size="7.1609">Labor</tspan></text> <text transform="matrix(1 0 0 1 15.1655 507.7412)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Tota</tspan><tspan x="14.329" y="0" font-family="'ArialMT'" font-size="7.1609">l</tspan><tspan x="16.457" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.661" y="0" font-family="'ArialMT'" font-size="7.1609">Controllable</tspan></text> <text transform="matrix(1 0 0 1 15.1655 530.2686)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Charg</tspan><tspan x="19.503" y="0" font-family="'ArialMT'" font-size="7.1609">e</tspan><tspan x="24.088" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="26.048" y="0" font-family="'ArialMT'" font-size="7.1609">Count</tspan></text> <text transform="matrix(1 0 0 1 15.1729 542.0361)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Charg</tspan><tspan x="19.503" y="0" font-family="'ArialMT'" font-size="7.1609">e</tspan><tspan x="24.088" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="26.048" y="0" font-family="'ArialMT'" font-size="7.1609">Ticke</tspan><tspan x="43.157" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="45.576" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="47.537" y="0" font-family="'ArialMT'" font-size="7.1609">Average</tspan></text> <text transform="matrix(1 0 0 1 15.1553 563.5635)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Coupo</tspan><tspan x="21.102" y="0" font-family="'ArialMT'" font-size="7.1609">n</tspan><tspan x="25.385" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="27.346" y="0" font-family="'ArialMT'" font-size="7.1609">Count</tspan></text> <text transform="matrix(1 0 0 1 15.1479 574.3311)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Coupo</tspan><tspan x="21.102" y="0" font-family="'ArialMT'" font-size="7.1609">n</tspan><tspan x="25.385" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="27.346" y="0" font-family="'ArialMT'" font-size="7.1609">$</tspan></text> <text transform="matrix(1 0 0 1 15.1582 595.8594)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Ticke</tspan><tspan x="17.108" y="0" font-family="'ArialMT'" font-size="7.1609">t</tspan><tspan x="19.528" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="21.489" y="0" font-family="'ArialMT'" font-size="7.1609">Average</tspan></text> <text transform="matrix(1 0 0 1 15.1582 617.3867)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Hea</tspan><tspan x="13.136" y="0" font-family="'ArialMT'" font-size="7.1609">d</tspan><tspan x="17.57" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="19.531" y="0" font-family="'ArialMT'" font-size="7.1609">Average</tspan></text> <text transform="matrix(1 0 0 1 15.1582 628.1543)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Piece</tspan><tspan x="17.913" y="0" font-family="'ArialMT'" font-size="7.1609">s</tspan><tspan x="22.138" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="24.099" y="0" font-family="'ArialMT'" font-size="7.1609">Scrapped</tspan></text> <text transform="matrix(1 0 0 1 15.1514 639.4219)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Piece</tspan><tspan x="17.913" y="0" font-family="'ArialMT'" font-size="7.1609">s</tspan><tspan x="22.138" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="24.099" y="0" font-family="'ArialMT'" font-size="7.1609">Unacc</tspan><tspan x="44.396" y="0" font-family="'ArialMT'" font-size="7.1609">.</tspan><tspan x="46.887" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="48.848" y="0" font-family="'ArialMT'" font-size="7.1609">For</tspan></text> <text transform="matrix(1 0 0 1 15.1514 650.6895)" font-family="'ArialMT'" font-size="7.1609">Efficiency</text> <text transform="matrix(1 0 0 1 15.1514 671.2168)"><tspan x="0" y="0" font-family="'ArialMT'" font-size="7.1609">Cas</tspan><tspan x="12.734" y="0" font-family="'ArialMT'" font-size="7.1609">h</tspan><tspan x="16.925" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="18.885" y="0" font-family="'ArialMT'" font-size="7.1609">ove</tspan><tspan x="30.431" y="0" font-family="'ArialMT'" font-size="7.1609">r</tspan><tspan x="33.202" y="0" font-family="'ArialMT'" font-size="7.1609"> </tspan><tspan x="35.163" y="0" font-family="'ArialMT'" font-size="7.1609">/(short)</tspan></text> <path stroke="#000000" d="M10,488.932"/> </g> <g id="Pieces_Unaccounted"> <g id="l_x5F_u_x5F_pieces_x5F_unaccounted"> <line id="UnaccountedFor_1_" fill="none" stroke="#000000" stroke-width="0.5" x1="10" y1="640" x2="599.5" y2="640"/> </g> </g> <g id="Total_Labor"> <g id="Double_Lines"> <line id="Btm_Line" stroke="#000000" stroke-width="0.5" x1="11" y1="490.932" x2="600.5" y2="490.932"/> <line id="Top_Line" stroke="#000000" stroke-width="0.5" x1="11" y1="488.932" x2="600.5" y2="488.932"/> </g> <line id="Line_Above" stroke="#000000" stroke-width="0.5" x1="10.5" y1="477.5" x2="600" y2="477.5"/> </g> <g id="Total_Cos"> <g id="Double_Line_3_"> <line id="Btm_Line_3_" stroke="#000000" stroke-width="0.5" x1="11" y1="444.932" x2="600.5" y2="444.932"/> <line id="Top_Line_3_" stroke="#000000" stroke-width="0.5" x1="11" y1="442.932" x2="600.5" y2="442.932"/> </g> <line id="Line_Above_6_" stroke="#000000" stroke-width="0.5" x1="10.34" y1="433.097" x2="599.84" y2="433.097"/> </g> <g id="SubTotal_Chicken"> <g id="Double_Line_2_"> <line id="Btm_Line_1_" stroke="#000000" stroke-width="0.5" x1="7" y1="261.932" x2="596.5" y2="261.932"/> <line id="Top_Line_1_" stroke="#000000" stroke-width="0.5" x1="7" y1="259.932" x2="596.5" y2="259.932"/> </g> <line id="Line_Above_1_" stroke="#000000" stroke-width="0.5" x1="7" y1="250.097" x2="596.5" y2="250.097"/> </g> <g id="total_Net"> <g id="Double_Line_1_"> <line id="Btm_Line_2_" stroke="#000000" stroke-width="0.5" x1="7" y1="130.932" x2="596.5" y2="130.932"/> <line id="Top_Line_2_" stroke="#000000" stroke-width="0.5" x1="7" y1="128.932" x2="596.5" y2="128.932"/> </g> <line id="Line_Above_3_" stroke="#000000" stroke-width="0.5" x1="7" y1="119.097" x2="596.5" y2="119.097"/> </g> <g id="Header_Underline"> <line id="Line_Above_4_" stroke="#000000" stroke-width="0.5" x1="8.34" y1="74.5" x2="597.84" y2="74.5"/> </g> <g id="Total_Controllable"> <line id="Line_Above_2_" stroke="#000000" x1="7" y1="498.066" x2="600.5" y2="498.066"/> <line id="Line_Under" stroke="#000000" x1="7" y1="509.329" x2="600.5" y2="509.329"/> </g> </svg> The above code is generated xml file, and i need to write a xslt transformation to get the fo file, for the PDF generation, how do I do it?? The doubt I have is, that I dont now how to represent the tags in xslt, and also I need to represent the line, path and text in the form of xslt. how can I do this any ideas, with really get me going... Actually I have to use a style sheet like this: <fo:root xmlns:fo="http://www.w3.org/1999/XSL/Format" > <fo:layout-master-set> <fo:simple-page-master margin-right="1.5cm" margin-left="1.5cm" margin-bottom="2cm" margin-top="1cm" page-width="21cm" page-height="29.7cm" master-name="first"> <fo:region-body margin-top="1cm"/> <fo:region-before extent="1cm"/> <fo:region-after extent="1.5cm"/> </fo:simple-page-master> </fo:layout-master-set> <fo:page-sequence master-reference="first"> <fo:static-content flow-name="xsl-region-before"> <fo:block line-height="14pt" font-size="10pt" text-align="end">Embedding SVG examples - Practise</fo:block> </fo:static-content> <fo:static-content flow-name="xsl-region-after"> <fo:block line-height="14pt" font-size="10pt" text-align="end">Page <fo:page-number/> </fo:block> </fo:static-content> <fo:flow flow-name="xsl-region-body"> <fo:block text-align="center" font-weight="bold" font-size="14pt" space-before.optimum="3pt" space-after.optimum="15pt">Embedding SVG</fo:block> <fo:block space-before.optimum="3pt" space-after.optimum="20pt"> <fo:instream-foreign-object> <svg:svg xmlns:svg="http://www.w3.org/2000/svg" width="542px" height="505px"> <svg:title>A less cute tiger</svg:title> <xsl:for-each select="svg/switch/g/g/path"> <svg:g style="fill: #ffffff; stroke:#000000; stroke-width:0.25"> <svg:path> <xsl:variable name="s"> <xsl:value-of select="translate(@d,' ','')"/> </xsl:variable> <xsl:attribute name="d"><xsl:value-of select="translate($s,',',' ')"/></xsl:attribute> </svg:path> </svg:g> </xsl:for-each> <xsl:for-each select="svg/switch/g/g/g/path"> <svg:g style="fill: #ffffff; stroke:#000000; stroke-width:0.5; fill-rule=evenodd; clip-rule=evenodd; stroke-linejoin=round"> <svg:path> <xsl:variable name="s"> <xsl:value-of select="translate(@d,' ','')"/> </xsl:variable> <xsl:attribute name="d"><xsl:value-of select="translate($s,',',' ')"/></xsl:attribute> </svg:path> </svg:g> </xsl:for-each> </svg:svg> </fo:instream-foreign-object> </fo:block> <fo:block><xsl:apply-templates/></fo:block> </fo:flow> </fo:page-sequence> </fo:root>

  Read the article

< Previous Page | 10 11 12 13 14