Friday, August 31, 2007
Links for 2007-08-31
I wonder if it ever saw any life within the walls of many enterprises
Good to see that Duncan Brown is keeping the folks over at Gartner honest in their dialog
Dave Kellogg of MarkLogic comments on the usage of XQuery. I wonder what Bex Huff, Luis Sala, Craig Randall and Laurence Hart think of replacing their proprietary document query languages with XQuery or at least something that is standards based?
Jackson Shaw asks the most wonderful question of software vendors. The funny thing is that he should have also asked this about ADAM. Do you know how many identity managements support Active Directory but not specifically ADAM? Likewise, many of the ECM vendors will say that they support Active Directory but for authentication. They will of course require you to copy the user store locally which is fugly. The real question is why aren't software vendors writing better directory-enabled code? Us customers desire it and many of us demand it yet it still doesn't happen...
Great way for bloggers to promote their ideas
I would also add Alex Fletcher's blog to this list. Likewise, if you need to read about an enterprise perspective on open source, you have come to the right place
Enterprise Architecture and Cannibalism
Five cannibals get appointed as enterprise architects in an IT company. During the welcoming ceremony the boss says: "You're all part of our team now. You can earn good money here, and you can go to the company canteen for something to eat. So don't trouble the other employees". The cannibals promise not to trouble the other employees.
Four weeks later the boss returns and says: "You're all working very hard, and I'm very satisfied with all of you. One of our cleaners has disappeared however. Do any of you know what happened to her?" The cannibals disavow all knowledge of the missing cleaner.
After the boss has left, the leader of the cannibals says to the others: "Which of you idiots ate the cleaner?"
One of the cannibals raises his hand hesitantly, to which the leader of the cannibals says: "You FOOL! For four weeks we've been eating team leaders, managers, and analysts, and no-one has noticed anything and now YOU have to go and eat the CLEANER!"
| | View blog reactionsFour weeks later the boss returns and says: "You're all working very hard, and I'm very satisfied with all of you. One of our cleaners has disappeared however. Do any of you know what happened to her?" The cannibals disavow all knowledge of the missing cleaner.
After the boss has left, the leader of the cannibals says to the others: "Which of you idiots ate the cleaner?"
One of the cannibals raises his hand hesitantly, to which the leader of the cannibals says: "You FOOL! For four weeks we've been eating team leaders, managers, and analysts, and no-one has noticed anything and now YOU have to go and eat the CLEANER!"
Thursday, August 30, 2007
Links for 2007-08-30
John nailed it by leading with the statement:They might be embarrassed by their code. I know that this is certainly the case in the world of ECM.
Laurence is not the only one who dreams of a standard ECM Web Services definition. The question though is who is best positioned to step up and make this happen across the industry? Do you believe that Bex Huff will lead and Craig Randall will follow, vice versa or they will both continue down their own independent path of insular thinking and not collaborate?
I wonder if Nishant has ever thought about why password management as he outlined is a bad idea? What if you could get enterprises to consolidate all user stores down to Active Directory so that its all in one place instead of attempting to manage it via an identity management tool. What if you were to also figure out how Microsoft should build the checkin/checkout capability directly into Active Directory as this shouldn't be yet another product?
Shekar Jha is brilliant. I wonder if his thinking could positively influence Kim Cameron and Mike Jones to consider his thoughts as part of CardSpace 2.0?
Industry Analysts and the lack of Case Studies on BPM
I have been asking myself, why aren't industry analysts doing case studies in the BPM market. Is it because there is no compelling story to tell?
Have you read the blogs of Phil Gilbert, Bruce Silver, Ismael Ghalimi, Sandy Kemsley, Richard Brown, Phil Ayres or Jesper Joergensen? You will notice that they talk about the problem space that BPM solves, interesting BPM product features and how many customers they have but absolutely never any mention of how deeply deployed it is within any one customer?
Imagine for a minute, that I am CTO of a Widget manufacturer and I find the BPM story compelling and want to use it for all of my processes and would like to understand how BPM scales across the enterprise and I attempt to find other customers that have done the same, but can't.
I have been successful in identifying another widget manufacturer who has successfully deployed BPM not for a really important business process such as order entry, and not even for a significant business process such as handling order returns but has only used it for a tiny, little, bitty business process where the order returns from the state of Texas on a Tuesday go through the BPM process. Should I think of BPM as credible?
Some will say that larger deployments of technology are only a matter of time. The question I would have is why are the enterprise architects in widget manufacturers, financial services firms or anywhere savage in their adoption of BPM? Have they discovered something that others should noodle? Did they figure out that the story is great sounding from a business perspective but in practicality doesn't scale?
Does anyone in the blogosphere no of any BPM deployment within a Fortune 200 enterprise that concurrently supports say 5,000 users along with say hundreds of distinct business processes?
| | View blog reactionsHave you read the blogs of Phil Gilbert, Bruce Silver, Ismael Ghalimi, Sandy Kemsley, Richard Brown, Phil Ayres or Jesper Joergensen? You will notice that they talk about the problem space that BPM solves, interesting BPM product features and how many customers they have but absolutely never any mention of how deeply deployed it is within any one customer?
Imagine for a minute, that I am CTO of a Widget manufacturer and I find the BPM story compelling and want to use it for all of my processes and would like to understand how BPM scales across the enterprise and I attempt to find other customers that have done the same, but can't.
I have been successful in identifying another widget manufacturer who has successfully deployed BPM not for a really important business process such as order entry, and not even for a significant business process such as handling order returns but has only used it for a tiny, little, bitty business process where the order returns from the state of Texas on a Tuesday go through the BPM process. Should I think of BPM as credible?
Some will say that larger deployments of technology are only a matter of time. The question I would have is why are the enterprise architects in widget manufacturers, financial services firms or anywhere savage in their adoption of BPM? Have they discovered something that others should noodle? Did they figure out that the story is great sounding from a business perspective but in practicality doesn't scale?
Does anyone in the blogosphere no of any BPM deployment within a Fortune 200 enterprise that concurrently supports say 5,000 users along with say hundreds of distinct business processes?
Wednesday, August 29, 2007
Links for 2007-08-29
It is interesting to meet other blogs after work and understand that we have much in common on many levels
It is interesting at some level that in order to become an expert in ECM, you have to understand how to game LDAP. This architecture is fugly and I hope that Craig Randall has thoughts on how this will improve in future versions. Laurence, while I can't speak for Bex, I can say that I won't be laughing as this is more sad than funny
I am not sure how us guys should react to such articles. If women call out the need for IT to diversify, should minorities of other ethnic groups do the same? If all the IT jobs go over to India, don't you think that folks who are American Indian, Hispanic or Black will also miss out on the same opportunities regardless of gender?
Glad to see that 0.0% of the designs where on blogs that use typepad. Blogger in my humble opinion has less features but otherwise is a better platform
While we acknowledge that software should never crash nor ever need to be restarted, without an accompanying conversation around economics this discussion is futile
I am curious why someone is sizing their own effort to get an entitlements engine integrated with Documentum as a good thing? If software comes from the same vendor, shouldn't you simply ask the vendor to make it happen? Such integration should be out of the box...
Forrester, Gartner and Analyst Relations
I find the notion of analyst relations fascinating and would love to see metrics on what percentage of software vendors use this type of service vs. going it on their own...
Duncan Chapple had an interesting blog entry on the notion of a Boardroom. If I were to read into it, it feels like analyst relations only focus on the large guys while not helping software firms understand the value proposition of smaller analyst firms such as RedMonk, ZapThink, Entiva, Elemental Links, Nemertes, The 451 Group and others.
With increasing prices without necessarily seeing the increasing value, now feels like the best time to provide guidance in how small analyst firms could minimally compliment or even fill gaps in coverage. It would seem that analyst relations should have some notion of not just focus of influence any particular analyst or analyst firm but ways that us end customers could learn of your value proposition.
Consider the fact that I personally read James Governor of Redmonk's blog every day. As an end customer of analyst research, I don't have to be annoyed by the notion of a seat and can not only consume but have a dialog that it alot more real-time in nature than the traditional process of scheduling a call. Likewise, I would think there is an advantage to software vendors spending lots of money gaining more visibility into the conversations that us folks in large enterprises are having with folks from analyst firms. I am curious if analyst relations tends to steer software vendors towards analysts who blog.
Actually, my thought above could be further decomposed into multiple things to noodle. Some analyst firms have the notion of a seat which is all about who within the enterprise can initiate a dialog request. The folks over that the Burton Group has figured out that this practice is fugly for us customers and recently came up with a new program entitled Drop a Seat where anyone in the enterprise can initiate a dialog.
One would have to assume that the notion of downstream influence in this model would be a lot deeper in many regards. The first thing that Burton does right is that dialogs tend to be one hour where as other firms have a 1/2 hour conversation. More time the analyst spends talking to end customers, the more influence is afforded. Likewise, for problem spaces that I may have where I need a dialog with an analyst firm, one has to ask themselves which one do you think James McGovern would do first? The one where I have to ask another employee to coordinate on my behalf or the one where I can coordinate myself?
| | View blog reactionsDuncan Chapple had an interesting blog entry on the notion of a Boardroom. If I were to read into it, it feels like analyst relations only focus on the large guys while not helping software firms understand the value proposition of smaller analyst firms such as RedMonk, ZapThink, Entiva, Elemental Links, Nemertes, The 451 Group and others.
With increasing prices without necessarily seeing the increasing value, now feels like the best time to provide guidance in how small analyst firms could minimally compliment or even fill gaps in coverage. It would seem that analyst relations should have some notion of not just focus of influence any particular analyst or analyst firm but ways that us end customers could learn of your value proposition.
Consider the fact that I personally read James Governor of Redmonk's blog every day. As an end customer of analyst research, I don't have to be annoyed by the notion of a seat and can not only consume but have a dialog that it alot more real-time in nature than the traditional process of scheduling a call. Likewise, I would think there is an advantage to software vendors spending lots of money gaining more visibility into the conversations that us folks in large enterprises are having with folks from analyst firms. I am curious if analyst relations tends to steer software vendors towards analysts who blog.
Actually, my thought above could be further decomposed into multiple things to noodle. Some analyst firms have the notion of a seat which is all about who within the enterprise can initiate a dialog request. The folks over that the Burton Group has figured out that this practice is fugly for us customers and recently came up with a new program entitled Drop a Seat where anyone in the enterprise can initiate a dialog.
One would have to assume that the notion of downstream influence in this model would be a lot deeper in many regards. The first thing that Burton does right is that dialogs tend to be one hour where as other firms have a 1/2 hour conversation. More time the analyst spends talking to end customers, the more influence is afforded. Likewise, for problem spaces that I may have where I need a dialog with an analyst firm, one has to ask themselves which one do you think James McGovern would do first? The one where I have to ask another employee to coordinate on my behalf or the one where I can coordinate myself?
Tuesday, August 28, 2007
The Insecurity of Ruby on Rails...
Java has the notion of a security manager where folks can specify what types of code can be allowed to execute. Ruby currently has no such notion. While I know this is under development, one needs to ask whether using Ruby without one is a security risk?
Likewise, if you haven't familiarized yourself with the notion of Secure Coding practices and tools such as Fortify, Coverity, Ouncelabs, Klocwork or other tools in this space then you might not have noticed that none of them are focused on the security of an application developed in Ruby.
In thinking about these tools, I think it would be a wonderful idea for James Governor of Redmonk to dig deeper into this space. After all, compliance orientation should start with writing code correctly...
| | View blog reactionsLikewise, if you haven't familiarized yourself with the notion of Secure Coding practices and tools such as Fortify, Coverity, Ouncelabs, Klocwork or other tools in this space then you might not have noticed that none of them are focused on the security of an application developed in Ruby.
In thinking about these tools, I think it would be a wonderful idea for James Governor of Redmonk to dig deeper into this space. After all, compliance orientation should start with writing code correctly...
Blaming Industry Analysts...
It would be difficult for me to go a month without blogging thoughts on the lack of depth in research within the industry analyst community. Today, I asked myself if I should stop blaming industry analysts for not doing their homework. After all, if us Enterprise Architects don't do our own homework, why should industry analysts...
| | View blog reactionsLinks for 2007-08-28
Finally a state government that has courage to do the right thing. Maybe I can get folks in Connecticut to standup
I agree that IT needs to improve how it sells but more importantly it also needs to figure out when to stop selling as overselling is almost always worst than selling at all
This feels like an opportunity to combine ACEGI with XACML which would provide the ability to define security policies centrally for enterprise applications
Is the role of the project manager to personify constraints and pressures? I suspect that some project management types have been soaking for too long in the way of the stick, and as such their mere presence on a project has a negative impact on productivity and the ability of key people to get the keys into the ignition.
Monday, August 27, 2007
Do Women Hate IT? Should We Care?
Do Women Hate IT? Should We Care?. It is my belief that we should care and take swift, deliberate action to get others to also care...
My first opinion is that just because you work in an IT organization, doesn't make you an IT professional. IT professionals are those who have deep technology skills and includes architects, developers, desktop support, network engineers and other technical roles. Roles such as project managers and business analysts exist outside of IT and therefore are only within an IT organization for convenience purposes.
If you apply a stricter definition of what it means to be an IT professional, the number of women in IT appears even more dismal. Now, if you pile on the cultural aspects such as India outsourcing then the numbers drop even further. While many Indian outsourcing firms claim diversity, I suspect none of them will make the ratio of women to men public.
Consider the fact that within India, diversity has a totally different meaning than what is practiced here in the US. In India, there is little racial diversity, very little religious diversity (major religions, not minor sects), no national origin diversity and more importantly no public call to do anything about it.
You can find perspectives about Brahmin's complaining about quotas yet you can't find these same Brahmin's doing anything to encourage diversity unless it benefits them. Since outsourcing is also changing the state of the number of women in IT, do you think that enterprises that hire these firms should require diversity using a more americanized definition?
The US EEOC definition is the best definition and getting access to the best and brightest is a step that all within the blogosphere should take. This should occur regardless of race, religion, nationality, ethnic origin or gender.
I can honestly say that some of the best developers I have worked with have been women. I would especially love to see women in India take up an interest in enterprise security as this IT sub-culture is bankrupt. If there are women in India that have this interest, I will do my part and share my experiences. Hopefully mentorship is the first step...
| | View blog reactionsMy first opinion is that just because you work in an IT organization, doesn't make you an IT professional. IT professionals are those who have deep technology skills and includes architects, developers, desktop support, network engineers and other technical roles. Roles such as project managers and business analysts exist outside of IT and therefore are only within an IT organization for convenience purposes.
If you apply a stricter definition of what it means to be an IT professional, the number of women in IT appears even more dismal. Now, if you pile on the cultural aspects such as India outsourcing then the numbers drop even further. While many Indian outsourcing firms claim diversity, I suspect none of them will make the ratio of women to men public.
Consider the fact that within India, diversity has a totally different meaning than what is practiced here in the US. In India, there is little racial diversity, very little religious diversity (major religions, not minor sects), no national origin diversity and more importantly no public call to do anything about it.
You can find perspectives about Brahmin's complaining about quotas yet you can't find these same Brahmin's doing anything to encourage diversity unless it benefits them. Since outsourcing is also changing the state of the number of women in IT, do you think that enterprises that hire these firms should require diversity using a more americanized definition?
The US EEOC definition is the best definition and getting access to the best and brightest is a step that all within the blogosphere should take. This should occur regardless of race, religion, nationality, ethnic origin or gender.
I can honestly say that some of the best developers I have worked with have been women. I would especially love to see women in India take up an interest in enterprise security as this IT sub-culture is bankrupt. If there are women in India that have this interest, I will do my part and share my experiences. Hopefully mentorship is the first step...
Thoughts on Microsoft and Federated Identity
In the past, I have talked about how WS-Federation may have capabilities that are better than SAML. Likewise, I have also mentioned that I like the fact that Microsoft put federation support directly into the operating system and didn't make it yet another product. Recently, I ran across a situation in which I may need to take back some credit...
This is my third conversation in the last couple of weeks where I noted that while Microsoft software has the capability of supporting federation via ADFS that many folks cannot use it. Apparently, in early Microsoft documentation, they encouraged large enterprises to come up with non-routable domain names for their Active Directory Forests. One popular choice I keep hearing about is how many enterprises choose .local.
The ability to generate a certificate that is signed by a root CA when your domains aren't routable is somewhat problematic. Microsoft did step up and provide the capability of renaming a domain but that doesn't really address this particular issue as it is easy but not lightweight.
Would be curious to know if others have also observed this problem space in large enterprises or am I seeing an early trend that folks will rather exercise their right to remain silent on?
| | View blog reactionsThis is my third conversation in the last couple of weeks where I noted that while Microsoft software has the capability of supporting federation via ADFS that many folks cannot use it. Apparently, in early Microsoft documentation, they encouraged large enterprises to come up with non-routable domain names for their Active Directory Forests. One popular choice I keep hearing about is how many enterprises choose .local.
The ability to generate a certificate that is signed by a root CA when your domains aren't routable is somewhat problematic. Microsoft did step up and provide the capability of renaming a domain but that doesn't really address this particular issue as it is easy but not lightweight.
Would be curious to know if others have also observed this problem space in large enterprises or am I seeing an early trend that folks will rather exercise their right to remain silent on?
Reflecting on my own career...
Figured I would share characteristics of both good and bad experiences in my career...
During the good parts of my career, project management was just part of what management was and what managers did. The person who did project management (the boss) was responsible for what was being done, how well it was being done, how fast it was being done, and making sure everyone (staff and upper management) was happy.
The bad parts of my career where when the boss was no longer focused on the delivery of software and the role changed more towards relationship management and HR tasks. The ripple effect also caused the hiring of project managers who didn't either know anything about technology nor really about how to manage an IT project.
During the very best part of my career, I was in a leaderless team. One of us was really good at coding, and did most of it. One of us was very good at project management, and did most of it.
During the worse parts of my career, I stepped in the leadership. I had to deal with management by magazine, architecture via PowerPoint and perception management over management of the delivery of high quality valuable working software to meet business need.
I have been in IT for over twenty years now and probably have another twenty to go. I dread the thought that IT is going in the toilet and hope that the former glory days can return...
| | View blog reactionsDuring the good parts of my career, project management was just part of what management was and what managers did. The person who did project management (the boss) was responsible for what was being done, how well it was being done, how fast it was being done, and making sure everyone (staff and upper management) was happy.
The bad parts of my career where when the boss was no longer focused on the delivery of software and the role changed more towards relationship management and HR tasks. The ripple effect also caused the hiring of project managers who didn't either know anything about technology nor really about how to manage an IT project.
During the very best part of my career, I was in a leaderless team. One of us was really good at coding, and did most of it. One of us was very good at project management, and did most of it.
During the worse parts of my career, I stepped in the leadership. I had to deal with management by magazine, architecture via PowerPoint and perception management over management of the delivery of high quality valuable working software to meet business need.
I have been in IT for over twenty years now and probably have another twenty to go. I dread the thought that IT is going in the toilet and hope that the former glory days can return...
Catchy executive phrases and project management
The next time you hear an IT executive tell a project manager that they manage projects and not people, kidnap that fool...
Everything is about people management regardless of whether it is called enterprise architecture, project management or leadership. Ignore the outdated hierarchical organization charts as having direct reports no longer matters. The notion of project management is a bit of a misnomer and reflects a sociological error in understanding. Yes, project managers are paid at work to get things done, but managers of all flavors need to understand that the sociology of work is more important in the longer.
An IT executive I highly respect frequently tells me that folks need to make more things as part of their job and not require projects around them. In noodling this for awhile, I agree with him in spirit but not in execution. I wonder how often the local mailman has to provide status whenever he encounters an unfriendly mailbox? he historical analysis is that in many organizations software development was originally managed as a function, then managing as a project came to the fore, and we are now transitioning to managing as a function again. Many of the managers attempting to manage the function still think they are managing a project, however, since that is their personal history.
For those who will get it twisted, I am NOT encouraging the embracing of the recent phrase people management as this is tautology. Let's simply ask ourselves why do most folks in the blogosphere absolutely hate the way modern project management operates? Is it because they use best practices and have comprehensive documentation in the form of a so-called Body of Knowledge? Maybe someone can comment on the characteristics of good project managers and we can attempt to figure out some patterns?
| | View blog reactionsEverything is about people management regardless of whether it is called enterprise architecture, project management or leadership. Ignore the outdated hierarchical organization charts as having direct reports no longer matters. The notion of project management is a bit of a misnomer and reflects a sociological error in understanding. Yes, project managers are paid at work to get things done, but managers of all flavors need to understand that the sociology of work is more important in the longer.
An IT executive I highly respect frequently tells me that folks need to make more things as part of their job and not require projects around them. In noodling this for awhile, I agree with him in spirit but not in execution. I wonder how often the local mailman has to provide status whenever he encounters an unfriendly mailbox? he historical analysis is that in many organizations software development was originally managed as a function, then managing as a project came to the fore, and we are now transitioning to managing as a function again. Many of the managers attempting to manage the function still think they are managing a project, however, since that is their personal history.
For those who will get it twisted, I am NOT encouraging the embracing of the recent phrase people management as this is tautology. Let's simply ask ourselves why do most folks in the blogosphere absolutely hate the way modern project management operates? Is it because they use best practices and have comprehensive documentation in the form of a so-called Body of Knowledge? Maybe someone can comment on the characteristics of good project managers and we can attempt to figure out some patterns?
Links for 2007-08-27
How ironic is it to be looking for a book about social networking and dynamic connectedness in a static bookstore with finite shelf space?
Laurence Hart is thoughtfully tracking the discussion in the blogosphere regarding ECM and SOA. I really hope that Nick Patience, Alan Pelz-Sharpe, Craig Randall and others join in.
Another blogger feels to pain of calendar interoperability
I am surprised that others haven't commented on this posting
Industry Analyst Brenda Michelson is glad that other analyst firms are ringing the death knell for SOA, so that they can focus on the real value. Does this also mean that analysts will no longer do case studies on those who have successfully implemented SOA?
I think but am not sure that Conor and I are on the same page. My previous example supports the notion that I can centrally declare what authorization policies I desire and Amica can enforce them whenever there is access to the resource. In the same way that folks in the identity world separate the notion of identity provider from relying party, the same thing can happen with authorization. There is a place where policies are declared and a place where they are enforced.
I wonder if Enterprise Architects are really this bad/incompetent in practice? I wonder what others think about the pendulum swinging towards IT executives not even having an IT background?
Andy Blumenthal needs to send his federal peers to our shop to see how we have mastery over the issues presented. When will the Federal enterprise architects figure out that they can learn something from their corporate counterparts?
This article should have also mentioned that while corporations are demanding, software vendors aren't providing. Have you ever heard of a single ECM vendor talk about how secure their product is? How they support SAML? How they have adopted secure coding practices?
Sunday, August 26, 2007
Secure Coding Practices
Many security practitioners are starting to embrace the notion of Secure Coding practices where they use tools from vendors such as Coverity, Ounce Labs, Fortify Software and others.
The interesting thing is that they treat the notion of dead code detection almost as a second class citizen. Maybe the first action item should be for those vendors to figure out how to put into the same box, code coverage tools...
Listed below are several tools that can help (of course, we should assume open source and spell out when closed):
For Java:
MutationTesting: (which isn't really CodeCoverage, but it's related)
for .NET (DotNet):
C/C++:
| | View blog reactionsThe interesting thing is that they treat the notion of dead code detection almost as a second class citizen. Maybe the first action item should be for those vendors to figure out how to put into the same box, code coverage tools...
Listed below are several tools that can help (of course, we should assume open source and spell out when closed):
For Java:
- http://hansel.sourceforge.net/ Instruments classes in ClassLoader, integrates with JavaUnit
- http://www.jcoverage.com/ Ant task, line and branch coverage
- http://cobertura.sourceforge.net/ Instruments class files, Ant tasks
- http://www.cenqua.com/clover/ Free for use on open source projects, integrates well with common Java IDEs
- NoUnit @ http://nounit.sourceforge.net/ - OpenSource (GNU)
- Quilt @ http://quilt.sourceforge.net/ - OpenSource, JavaUnit, Ant, instrumenting ClassLoader
- Gretel @ http://sourceforge.net/projects/gretel - [old version of Hansel?]
- The "Java Test Coverage Tool" @ http://www.semanticdesigns.com/Products/TestCoverage/JavaTestCoverage.html - ClosedSource, Instruments Source, displays results superimposed on browsable source. US$200 as of 8/1/2004.
- JBlanket (Software Information) @ http://csdl.ics.hawaii.edu/Tools/JBlanket/ - a tool for assessing and improving method coverage of unit test cases. It is integrated with JUnit and Ant.
MutationTesting: (which isn't really CodeCoverage, but it's related)
- JesTer @ http://jester.sourceforge.net/ - changes your code, and then runs your tests. (If arbitrary changes to the code don't break the tests, then is your code sufficiently tested?)
for .NET (DotNet):
- Clover.NET @ http://www.cenqua.com/clover.net/ - ClosedSource (but free for use on OpenSource projects), C# and VB.NET, statement, method and branch coverage, from command line, Visual Studio, and NAnt (preliminary mono support)
- NCover @ http://ncover.sourceforge.net/ - OpenSource, path coverage, NUnit, NAnt
- CoverageEye?.NET @ http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=881a36c6-6f45-4485-a94e-060130687151 - uses a COM component to leverage the .NET profiling API
- "DevPartner? Studio Professional Edition" @ http://www.compuware.com/products/devpartner/1563_ENG_HTML.htm - $$$
- "Perform Code Coverage Analysis with .NET to Ensure Thorough Application Testing", an MSDN article on building "A custom code coverage tool" @ http://msdn.microsoft.com/msdnmag/issues/04/04/CodeCoverageAnalysis/default.aspx
- "C# Test Coverage Tool" @ http://www.semanticdesigns.com/Products/TestCoverage/CSharpTestCoverage.html - ClosedSource. Instruments Source, displays results superimposed on browsable source. US$250 as of 8/1/2004.
C/C++:
- tcov = Sun Unix C profiler. See "tcov(1)" man page. It annotates (mangles) your source code to add instrumentation.
- gcov = GNU C/C++ equivalent of "tcov".
- Dynamic Code Coverage for Sun Solaris @ http://www.dynamic-memory.com/coverageanalysis.php
- "C Test Coverage Tool" @ http://www.semanticdesigns.com/Products/TestCoverage/CTestCoverage.html - ClosedSource. Instruments Source, displays results superimposed on browsable source. US$400 as of 8/1/2004. ANSI, Microsoft Visual6 C, and GNU C dialects all supported.
- "C++ Test Coverage Tool" @ http://www.semanticdesigns.com/Products/TestCoverage/CppTestCoverage.html - ClosedSource. Instruments Source, displays results superimposed on browsable source. US$500 as of 8/1/2004. ANSI and Microsoft Visual6 C++ dialects all supported.
Judiasm and Eating Kosher
Imagine walking into a Kosher delicatessan and being greeted by a Mexican named Julio...
If you haven't been to Ben's Delicatessen when in NY, you should. I visited the location in Nassau country in Long Island on the way back from the Long Island Children's Museum which was the absolute best children's musuem my two sons have ever visited. It has lots of stuff to do and tons of value for the price of admission.
Anyway, I eat Kosher when at home in the sense of ensuring that all meat I consume is slaughtered according to God's laws. Other aspects of Kosher I don't practice since I am not Jewish which means I will have a cheeseburger and a milkshake. This restaurant was truly Kosher as you could only get a hamburger and the butter was artificial. They also didn't serve anything with milk in it. Not even Kosher Dairy products. I do find it interesting though that they put tables outside and their is a ice cream shop next door.
I wonder if it is still Kosher if Goyim are waiters. At some level, finding help nowadays is a pain. All the waiters were Mexican. Does the restaurant require them to not consume pork after hours? Those of hispanic origin tend to be the most savage in terms of pork consumption. What would happen if they brought their own food to work?
What is more shameful is the simple fact that there aren't more restaurants like this. How come areas with large Jewish populations can't have Kosher restaurants in their community? Do Jewish folks feel bad that they don't eat Kosher? Maybe they should as it has an effect on others as well...
| | View blog reactionsIf you haven't been to Ben's Delicatessen when in NY, you should. I visited the location in Nassau country in Long Island on the way back from the Long Island Children's Museum which was the absolute best children's musuem my two sons have ever visited. It has lots of stuff to do and tons of value for the price of admission.
Anyway, I eat Kosher when at home in the sense of ensuring that all meat I consume is slaughtered according to God's laws. Other aspects of Kosher I don't practice since I am not Jewish which means I will have a cheeseburger and a milkshake. This restaurant was truly Kosher as you could only get a hamburger and the butter was artificial. They also didn't serve anything with milk in it. Not even Kosher Dairy products. I do find it interesting though that they put tables outside and their is a ice cream shop next door.
I wonder if it is still Kosher if Goyim are waiters. At some level, finding help nowadays is a pain. All the waiters were Mexican. Does the restaurant require them to not consume pork after hours? Those of hispanic origin tend to be the most savage in terms of pork consumption. What would happen if they brought their own food to work?
What is more shameful is the simple fact that there aren't more restaurants like this. How come areas with large Jewish populations can't have Kosher restaurants in their community? Do Jewish folks feel bad that they don't eat Kosher? Maybe they should as it has an effect on others as well...
Saturday, August 25, 2007
Links for 2007-08-25
What would happen if every blog published posts discussing teh same issue, on the same day? One issue. One day. Thousands of voices.
Thoughtful perspective on how architects and developers can work better together
The vendor perspective on EA is somewhat distinct from how it is practiced by enterprises whose primary business model isn't software
I am curious why this isn't built into ECM products and is a standalone offering
If you can't formulate a sound business case, resort to the phrase 'best practices'
Enterprise Architecture: Measuring Buy-in
The notion of buy-in (aka consensus) and the ability to measure it is difficult. Unanimity gives you consensus. Does unanimity minus one give you consensus? How about unanimity minus two? At what percentage do you draw the line?
Consensus at it is commonly understood is an inherently vague concept (there is no line). Unanimity minus one can be consensus or not depending on informal criteria such as whether the holdout is a respected authority or a known crackpot, whether people are for something or just against something else, or whether the objections are major or minor.
Sometimes we insist on a precise measurement, as in democratic elections. Other times we cling to the vagueness of consensus and trust a chairperson to make subjective, possibly inconsistent evaluations of group consensus.
Building consensus is just that, reaching common and unanimous agreement on how to proceed. It does require an effort on everyone's part to reach consensus (aka participation). The approach is not to persuade people to change their votes, but to change the proposal to allow everyone to deem it acceptable. Again, the point is not to argue for the "best" approach, but to determine an approach all find acceptable...
| | View blog reactionsConsensus at it is commonly understood is an inherently vague concept (there is no line). Unanimity minus one can be consensus or not depending on informal criteria such as whether the holdout is a respected authority or a known crackpot, whether people are for something or just against something else, or whether the objections are major or minor.
Sometimes we insist on a precise measurement, as in democratic elections. Other times we cling to the vagueness of consensus and trust a chairperson to make subjective, possibly inconsistent evaluations of group consensus.
Building consensus is just that, reaching common and unanimous agreement on how to proceed. It does require an effort on everyone's part to reach consensus (aka participation). The approach is not to persuade people to change their votes, but to change the proposal to allow everyone to deem it acceptable. Again, the point is not to argue for the "best" approach, but to determine an approach all find acceptable...
Friday, August 24, 2007
Enterprise Architecture: Consensus vs Democracy
"Democracy" in a workplace team environment can be a very bad thing, and "Consensus" in the workplace can be a very good thing...
"Democracy" is a process that enables a majority of members to impose their will on a minority, at any time they wish. "Consensus" is a state that explicitly acknowledges the value of each and every team member, no matter how unpopular his or her views may be at the time. I suspect that while it may be troubling to understand the value that some team members bring, it is important to spend some time figuring it out. Even being an impediment to progress sometimes has value.
Members of a "Democratic" team often learn that the best way to kill new ideas they find threatening is to demand an immediate vote. If you can force a vote before people can hear a new idea, you can kill it off, just about every time. Unfortunately, all the best ideas for improving a team process will be new and temporarily unpopular when first introduced. And after a team has done it's "Democratic Voting" process on an idea, it's often somewhere between "remarkably difficult" and impossible to get the team to reconsider a proposal.
| | View blog reactions"Democracy" is a process that enables a majority of members to impose their will on a minority, at any time they wish. "Consensus" is a state that explicitly acknowledges the value of each and every team member, no matter how unpopular his or her views may be at the time. I suspect that while it may be troubling to understand the value that some team members bring, it is important to spend some time figuring it out. Even being an impediment to progress sometimes has value.
Members of a "Democratic" team often learn that the best way to kill new ideas they find threatening is to demand an immediate vote. If you can force a vote before people can hear a new idea, you can kill it off, just about every time. Unfortunately, all the best ideas for improving a team process will be new and temporarily unpopular when first introduced. And after a team has done it's "Democratic Voting" process on an idea, it's often somewhere between "remarkably difficult" and impossible to get the team to reconsider a proposal.
Links for 2007-08-24
The latest version of the toolkit has just been released into the wild.
Stefan Brands comments on security issues with OpenID. I wonder if he has analyzed CardSpace as well?
Most thoughtful industry analyst Michael Cote of Remonk comments that folks are starting to accept the casual tone of communication and that is the reason why the blogosphere continues to grow. I prefer the phrase of the human voice as folks are somewhat turned off by the humorless monotone your call is important to us babble released by corporate media relations departments and desire to talk to someone who wants to have a conversation and not read a press release
Maybe they should have been more thoughtful and chose RUBY as the new symbol.
Bex Huff normally lives in the world of ECM but has been thinking heavily about identity management. I would love for this to rub off on other ECM folks. Anyway, the notion of relationship is something that belongs to the identity provider and entities such as the Liberty Alliance are defining standards around it. Check out their notion of the people service. The key though is that relationships sometimes require authorization. For example, just because my son can order an insurance card from Amica doesn't mean he is also allowed to cancel the policy for the entire family. Relationship needs authorization especially in domains having to do with medical interactions.
The Nariva River in Manzanilla is a great place to visit. If you haven't been to Trinidad for Carnival, you should
Thoughts on Forrester
Barbara French of Tekrati commented on several practices of Forrester related to readership of analyst relations blogs and how they are keeping this data for internal usage only and not publishing.
Maybe Forrester has plans to release the survey information but wants to turn those who sell analyst relations services into customers of Forrester by requiring them to purchase the information like the rest of the world has to purchase analyst research?
Maybe they have figured out that having a middle-man of sorts is bad for business as analyst relations firms may be encouraging their clients to stop paying the analyst tax and start demanding value and therefore it is in the best interest for them to figure out internally ways to displace analyst relations firms.
Maybe they are keeping the data secret because they haven't captured the right demographic and may have made assumptions that only software vendors read analyst relations blogs and folks such as myself aren't counted in the results.
Maybe Forrester wants to start a new business practice where they help software firms directly interact with not only themselves but also Gartner, Burton Group, Nemertes, ZapThink, Entiva and Redmonk and play both sides of the coin.
| | View blog reactionsMaybe Forrester has plans to release the survey information but wants to turn those who sell analyst relations services into customers of Forrester by requiring them to purchase the information like the rest of the world has to purchase analyst research?
Maybe they have figured out that having a middle-man of sorts is bad for business as analyst relations firms may be encouraging their clients to stop paying the analyst tax and start demanding value and therefore it is in the best interest for them to figure out internally ways to displace analyst relations firms.
Maybe they are keeping the data secret because they haven't captured the right demographic and may have made assumptions that only software vendors read analyst relations blogs and folks such as myself aren't counted in the results.
Maybe Forrester wants to start a new business practice where they help software firms directly interact with not only themselves but also Gartner, Burton Group, Nemertes, ZapThink, Entiva and Redmonk and play both sides of the coin.
Thursday, August 23, 2007
Spirituality and Corporate America
At first glance it is tempting to conclude that people in large parts of the developed world have become less religious...
Tomorrow, I am off to Long Island for a long weekend. On the way home I started to think about how I am blessed to not only be surrounded by some of the most wonderful technologists in existence, but also some of the most spiritual.
In a world where corporate scandals have been thrust into the spotlight and ethics seem to have taken a back seat to the bottom line. enterprise architecture has the ability to not only align IT with the business but to align those in IT with spirituality. Enterprise architecture is so commonly discussed in terms of processes where its real value is in terms of transforming others to be keepers of the flame.
Only genuine, long-lasting success in IT in general and enterprise architecture in specific, can only be won through integrity and service to others. The funny thing is that there are lots of books, articles and conferences that teach enterprises how to increase their market share and shareholder equity but very few if any engage on a course of sustained appreciable growth by thoughtful examination of successful organizations who have withstood the test of time.
In my own management experience I find that it is much easier to gain acceptance for my theories or “beliefs” than it is to get critical, analytical views. It seems to be easier to believe than to think and analyze. Spirituality like enterprise architecture requires one to not pursue hard facts because they may not be known upfront. Spirituality like enterprise architecture sometimes requires you to put your trust into others even when on the surface they don't appear aligned with your own goals.
While my own spirituality is centered on the belief in one God, I know that what makes not only me successful, but others around me equally successful in a sustainable way is our spirituality, no matter at work or at home...
| | View blog reactionsTomorrow, I am off to Long Island for a long weekend. On the way home I started to think about how I am blessed to not only be surrounded by some of the most wonderful technologists in existence, but also some of the most spiritual.
In a world where corporate scandals have been thrust into the spotlight and ethics seem to have taken a back seat to the bottom line. enterprise architecture has the ability to not only align IT with the business but to align those in IT with spirituality. Enterprise architecture is so commonly discussed in terms of processes where its real value is in terms of transforming others to be keepers of the flame.
Only genuine, long-lasting success in IT in general and enterprise architecture in specific, can only be won through integrity and service to others. The funny thing is that there are lots of books, articles and conferences that teach enterprises how to increase their market share and shareholder equity but very few if any engage on a course of sustained appreciable growth by thoughtful examination of successful organizations who have withstood the test of time.
In my own management experience I find that it is much easier to gain acceptance for my theories or “beliefs” than it is to get critical, analytical views. It seems to be easier to believe than to think and analyze. Spirituality like enterprise architecture requires one to not pursue hard facts because they may not be known upfront. Spirituality like enterprise architecture sometimes requires you to put your trust into others even when on the surface they don't appear aligned with your own goals.
While my own spirituality is centered on the belief in one God, I know that what makes not only me successful, but others around me equally successful in a sustainable way is our spirituality, no matter at work or at home...
Links for 2007-08-23
Doesn't he know that crime doesn't pay?
Alan pelz-sharpe is one of the few analysts that truly understands the ECM marketplace at large and specifically the needs of large enterprises. If you use Stellent, Documentum, FileNet, OpenText, Nuxeo or Alfresco and don't read his blog frequently and with passion, you are missing out. I suspect that Alan in his next blog entry will discuss not just measuring but techniques to increase usage of ECM platforms and how they can play within an SOA
I am in full agreement with Neil Macehiter that attempting to calculate ROI on an SOA upfront is a big waste of time. The funny thing though is that different enterprises have different approaches to calculating ROI as there is no standard way to calculate. Some enterprises allow for the capture of avoided costs while others don't. Some enterprises include cost of inflation and the decreasing value of cash while others don't and so on. The funny thing though is if you ask any software vendor in any domain to provide a template for calculating ROI, they will always show a great return no matter what numbers you feed it.
James Tarbell is an interesting individual whom face-to-face conversations are always rewarding. I do suggest that you periodically read his blog and encourage him to interact with the larger community more
Brian Huff is one of the most thoughtful ECM individuals I know. I was recently thinking that ECM folks also don't think in terms of patterns. There are architecture patterns, design patterns, workflow patterns, SOA patterns, security patterns, antipatterns, J2EE patterns, enterprise integration patterns and so on but I haven't ran across any documented ECM patterns. Is this something that Billy Cripe, John Newton, Craig Randall and others feel like they could collaborate on?
It is good to see that analysts are actually capable of having their own opinions. Usually this requires more than babbling about the need for business buy-in, having a strong ROI and other uncommon common sense pontifications done by large analyst firms. For the record, I would like to say that SOA is an expense and leave it at that. Go to the corporate library of a 200 year old company and you may find that they had at one time a Vice President of Electricity. Nowadays, electricity is taken for granted and is otherwise an expense that folks simply pay for and SOA will follow this path in the next couple of years. In the same way you don't ask for approval from the electric company to plug in your refridgerator, you shouldn't be necessarily asking the business to listen to your sales pitch regarding SOA
Making Money from Open Source
Stephen O'Grady of RedMonk recently discussed how to make more money from open source but left out a couple of important considerations...
My first comment is is that the conversation centers around support and services fees but doesn't address one of the most expensive considerations when starting a software firm which is the cost of sales. Consider the fact that having to deal with us enterprise architect types are very expensive. You have to hire sales people to cold call us with your value proposition, do Powerpoint presentations for our internal minions multiple times, and spoonfeed us information on how to be successful and all of this occurs before you even get a single cent of revenue.
The enterprise marketplace is becoming even more difficult as folks have invented half-baked notions of governance and have increased the amount of paperwork required to simply procure software. Enterprises are also throwing more legal agreement at software firms who sell closed software which translates into more expensive legal fees paid to counsel.
Consider the scenario where you want to create a new software firm and you decide to sell it the closed source way. Let's say you divide the United States market into four equal quadrants where you have to hire a sales person along with a sales engineer equating to a total of eight people in the United States. Let's say you also do one pair for the UK and one pair for Asia/India. Your first year's expense for just the sales orientation could hit $2 million once you pile on travel expenses.
Open source makes all of those expenses go away. You don't have to incur the expense of multiple trips to meet with various characters in large enterprises and their somewhat frivolous ceremonial proof of concepts and instead get them to do their own selling internally as well as finding someone motivated and not just assigned to make it happen. Open source guarantees not only lower expenses but better success.
Another dimension that no one will probably ever talk about is the simple fact that closed source software vendors usually are required to spend more in terms of industry analyst fees than open source. Have you ever seen Gartner publish in their magic quadrant any non-commercial open source projects next to proprietary closed source projects? If you understand that it simply isn't going to happen, you can then focus your money on areas that will actually have a return.
Let's say you spend $50K each with Gartner, Forrester, IDC and Yankee. As an open source firm, how much coverage can you possibly get for your spend? Would you be better served by paying a noted blogger to amplify instead of getting less than you pay for? Sure, I have heard the argument that the value proposition for analyst firms from analysts firms is more than advertising and lead generation but does anyone really believe this?
For the record, I am not saying that you shouldn't procure analyst firm services. In fact, I would recommend folks going down this path engage with firms such as Redmonk, Entiva, The 451 Group and other analyst firms that actually understand open source and will provide you with a better return on investment over the previously mentioned ones. Besides, the smaller firms tend to be cheaper than the bigger guys which also helps ROI.
The final consideration that I have is that open source solves some public relations issues for you. Most enterprises nowadays have media relations departments that don't allow their employees to say anything in public about the products they buy. Closed source vendors rant about this all the time. So, the obvious solution to solving the marketing problem may be to not sell to certain enterprises so that they can exercise their right to talk about it without running into issues regarding conflict of interest, code of ethics, media relations and other constraints. Figure out which enterprises can speak publicly about open source when you aren't a vendor and pursue them while selling services to the ones that simply want cheaper software. This way you can also out-market closed source competition...
| | View blog reactionsMy first comment is is that the conversation centers around support and services fees but doesn't address one of the most expensive considerations when starting a software firm which is the cost of sales. Consider the fact that having to deal with us enterprise architect types are very expensive. You have to hire sales people to cold call us with your value proposition, do Powerpoint presentations for our internal minions multiple times, and spoonfeed us information on how to be successful and all of this occurs before you even get a single cent of revenue.
The enterprise marketplace is becoming even more difficult as folks have invented half-baked notions of governance and have increased the amount of paperwork required to simply procure software. Enterprises are also throwing more legal agreement at software firms who sell closed software which translates into more expensive legal fees paid to counsel.
Consider the scenario where you want to create a new software firm and you decide to sell it the closed source way. Let's say you divide the United States market into four equal quadrants where you have to hire a sales person along with a sales engineer equating to a total of eight people in the United States. Let's say you also do one pair for the UK and one pair for Asia/India. Your first year's expense for just the sales orientation could hit $2 million once you pile on travel expenses.
Open source makes all of those expenses go away. You don't have to incur the expense of multiple trips to meet with various characters in large enterprises and their somewhat frivolous ceremonial proof of concepts and instead get them to do their own selling internally as well as finding someone motivated and not just assigned to make it happen. Open source guarantees not only lower expenses but better success.
Another dimension that no one will probably ever talk about is the simple fact that closed source software vendors usually are required to spend more in terms of industry analyst fees than open source. Have you ever seen Gartner publish in their magic quadrant any non-commercial open source projects next to proprietary closed source projects? If you understand that it simply isn't going to happen, you can then focus your money on areas that will actually have a return.
Let's say you spend $50K each with Gartner, Forrester, IDC and Yankee. As an open source firm, how much coverage can you possibly get for your spend? Would you be better served by paying a noted blogger to amplify instead of getting less than you pay for? Sure, I have heard the argument that the value proposition for analyst firms from analysts firms is more than advertising and lead generation but does anyone really believe this?
For the record, I am not saying that you shouldn't procure analyst firm services. In fact, I would recommend folks going down this path engage with firms such as Redmonk, Entiva, The 451 Group and other analyst firms that actually understand open source and will provide you with a better return on investment over the previously mentioned ones. Besides, the smaller firms tend to be cheaper than the bigger guys which also helps ROI.
The final consideration that I have is that open source solves some public relations issues for you. Most enterprises nowadays have media relations departments that don't allow their employees to say anything in public about the products they buy. Closed source vendors rant about this all the time. So, the obvious solution to solving the marketing problem may be to not sell to certain enterprises so that they can exercise their right to talk about it without running into issues regarding conflict of interest, code of ethics, media relations and other constraints. Figure out which enterprises can speak publicly about open source when you aren't a vendor and pursue them while selling services to the ones that simply want cheaper software. This way you can also out-market closed source competition...
Wednesday, August 22, 2007
The Role of the Technical Lead
Within many enterprises, the role of the technical lead is growing in importance. I am of the belief that it is primarily due to us architect types doing nothing but drawing cartoons in Powerpoint and doing handwaving. Someone needs to address the communications gap between architects and developers and hence the creation of this most important role...
A good "technical lead" should be able to understand the issues of concern to architects, and a good architect should be able to understand the concerns of development and maintenance programmers. A willingness to align and communicate should be the trait of both types of people.
It is too much to ask for an architect to be conversant with the details of programming (e.g. give estimates on project design and programming costs). Likewise, one should not ask the "technical lead" about the implications of infrastructure decisions.
I suspect that the trend towards non-technical folks leading IT will start to also reach the architect community. It is kinda intriguing that there are some that believe you can be an architect without ever having ever written code nor managed infrastructure. For shops that employ these types of individuals, please leave a comment with your employers ticker symbol so that I can short your stock...
| | View blog reactionsA good "technical lead" should be able to understand the issues of concern to architects, and a good architect should be able to understand the concerns of development and maintenance programmers. A willingness to align and communicate should be the trait of both types of people.
It is too much to ask for an architect to be conversant with the details of programming (e.g. give estimates on project design and programming costs). Likewise, one should not ask the "technical lead" about the implications of infrastructure decisions.
I suspect that the trend towards non-technical folks leading IT will start to also reach the architect community. It is kinda intriguing that there are some that believe you can be an architect without ever having ever written code nor managed infrastructure. For shops that employ these types of individuals, please leave a comment with your employers ticker symbol so that I can short your stock...
Enterprise Architecture Terrorism
Many enterprise architects encourage hierarchical run it up the flagpole, control the message interactions. Here are some phrases that if you hear from either an enterprise architect and/or process-oriented non-technical IT executive, you should ring the alarm...
I presented your ideas to upper management and they're really excited.Executives are generally excitable creatures and it is difficult to tell if it because of your idea or their Blackberry in their pocket on vibrate
The last project was a real mess, but we learned from mistakes of the past and have better process that are really going to help us do it rightDon't step in the governance
Work smarter, not harder Of course we will ignore the fact that it is the process that causes us to not work smarter
There are no problems, only challenges.And your biggest challenge is having to listen to the person telling you this
We have an aggressive schedule, but I think we can make it.Let's all run to Wal-Mart to buy metal detectors so we can find unicorns in our sock drawers for good luck
We just need to find a few more bodies to get back on schedule.Everyone knows that more people to a late project makes it later and outsourcing to India is living proof
I really hope you haven't heard any of these phrases in recent memory...
| | View blog reactionsI really hope you haven't heard any of these phrases in recent memory...
Thoughts on Thoughtworks
I am curious to know if Thoughtworks is losing lots of its better employees? I knew that one time the likes of Bill Caputo, Obie Fernandez, Eric Liu, Gregor Hohpe, Dave Astels, Tim Bacon, Steve Purcell and others in the blogosphere worked there. Is it because outsourcing to India is in more demand than agile methods? Is it because economics dictates working more than forty hours especially if you are a consultant? Is it because agile works but there is more interesting work in not bothering with their client base? Too much travel? No career path as everyone can't be Martin Fowler?
| | View blog reactionsBad WSDLs in the ECM Industry
There are several things that are intriguing about Brian Huff. He is probably one of the more transparent ECM folks in the blogosphere and publicly admits when things are wrong and doesn't simply use his blog as a one-way press release. I have the utmost respect for him and his thoughts on Bad WSDLs in the ECM Industry...
If only our favorite ECM bloggers from Filenet, Nuxeo, Documentum and Alfresco could be as transparent. Anyway, I figured I would comment on his most thoughtful post:
| | View blog reactionsIf only our favorite ECM bloggers from Filenet, Nuxeo, Documentum and Alfresco could be as transparent. Anyway, I figured I would comment on his most thoughtful post:
- I feel this is probably because most Enterprise Content Management vendors are still pretty green when it comes to the value of web services, and service-oriented architectures (SOA).
- And, as I said earlier, custom security integrations are fairly simple... so "deferring authorization" is possible in a number of ways.
- but that limitation is mainly due to the fact that Stellent was several orders of magnitude smaller than the competition, and thus comprehensive developer documentation was a lower priority...
- However, its a genuine web service, and not a lame wrapper around an existing fine-grained API... which I believe is what James was complaining about.
Lack of understanding of SOA within the ECM community
My significant other believes that folks in the ECM community and their love of REST are getting things twisted and need an altenrative perspective...
She commented on Brian Huff and his posting regarding REST which she believes is the notion of document-centric REST which ignores the fact that an SOA participates in larger transactions where ECM isn't the center of the world but that ECM vendors design their products as such.
She believes that the granularity of ECM and their services are way too fine grained and that they are additional busted when it comes to transaction semantics. The notion of SOA says that one should align coarse-grained services with a business architecture. For example, a business architecture may say that there is a need to have functionality for paying claims which is coarse-grained.
The need to pay a claim from a more technical perspective may involve multiple orchestrations where folks are either interacting with humans using a BPM engine such as jBPM, Intalio, Lombardi Software, Pega or any of the other fine product offerings or it could leverage a BPEL approach such as Oracle's BPEL Manager, FiveSight or equivalent products. The first thing that comes to mind is that ECM is a participant in this type of transaction and should defer/support transactions in a larger context.
Her second thought is that ECM systems that support the notion of sessions would be flawed in this business scenario as it is not the responsibility of an orchestrator to understand the state of an ECM system as services should truly be designed in a stateless way. Many of the ECM vendors have simply used WSDL and/or REST to put a facade over suboptimal designs.
Her third thought is that the notion of retrieving a document really should be thought of as a step in the pay a claim business service and that the exposed ECM contract should support other considerations such as the ability to defer authorization to the higher level process and avoid synchronization semantics as this would litter up higher level processes.
She also believes that ECM vendors haven't spent much time truly thinking about the value proposition of services and are guilty of thinking about WSDL and REST solely from an integration perspective while sleeping on how ECM plays as part of a larger business-driven SOA. Sadly, this topic has been covered to death within magazines and even the blogosphere, yet the world of ECM seems to trail pretty much every other technology horizontal including CRM, BPM, ERP, ESB and so on in terms of embracing modern approaches.
I really hate the fact that my significant other has been busy reading my books and blogs as she has started to find holes in my own thinking. Her conclusion is that products such as Nuxeo and Documentum which expose WSDL may be better positioned in the long run over the camp comprised of Stellent, OpenText and Alfresco that has fell in love with REST because it makes lots of sense if you only see things through the ECM-colored glasses. At least we collectively agree that industry analysts such as Alan Pelz-Sharpe, Karen Hobert, Tom Bryne, John Mancini, Nick Patience and others need to start paying more attention to how SOA and ECM are not only converging from the stories told by vendors but should equally focus on how it should converge...
| | View blog reactionsShe commented on Brian Huff and his posting regarding REST which she believes is the notion of document-centric REST which ignores the fact that an SOA participates in larger transactions where ECM isn't the center of the world but that ECM vendors design their products as such.
She believes that the granularity of ECM and their services are way too fine grained and that they are additional busted when it comes to transaction semantics. The notion of SOA says that one should align coarse-grained services with a business architecture. For example, a business architecture may say that there is a need to have functionality for paying claims which is coarse-grained.
The need to pay a claim from a more technical perspective may involve multiple orchestrations where folks are either interacting with humans using a BPM engine such as jBPM, Intalio, Lombardi Software, Pega or any of the other fine product offerings or it could leverage a BPEL approach such as Oracle's BPEL Manager, FiveSight or equivalent products. The first thing that comes to mind is that ECM is a participant in this type of transaction and should defer/support transactions in a larger context.
Her second thought is that ECM systems that support the notion of sessions would be flawed in this business scenario as it is not the responsibility of an orchestrator to understand the state of an ECM system as services should truly be designed in a stateless way. Many of the ECM vendors have simply used WSDL and/or REST to put a facade over suboptimal designs.
Her third thought is that the notion of retrieving a document really should be thought of as a step in the pay a claim business service and that the exposed ECM contract should support other considerations such as the ability to defer authorization to the higher level process and avoid synchronization semantics as this would litter up higher level processes.
She also believes that ECM vendors haven't spent much time truly thinking about the value proposition of services and are guilty of thinking about WSDL and REST solely from an integration perspective while sleeping on how ECM plays as part of a larger business-driven SOA. Sadly, this topic has been covered to death within magazines and even the blogosphere, yet the world of ECM seems to trail pretty much every other technology horizontal including CRM, BPM, ERP, ESB and so on in terms of embracing modern approaches.
I really hate the fact that my significant other has been busy reading my books and blogs as she has started to find holes in my own thinking. Her conclusion is that products such as Nuxeo and Documentum which expose WSDL may be better positioned in the long run over the camp comprised of Stellent, OpenText and Alfresco that has fell in love with REST because it makes lots of sense if you only see things through the ECM-colored glasses. At least we collectively agree that industry analysts such as Alan Pelz-Sharpe, Karen Hobert, Tom Bryne, John Mancini, Nick Patience and others need to start paying more attention to how SOA and ECM are not only converging from the stories told by vendors but should equally focus on how it should converge...
Links for 2007-08-22
I wonder why others haven't taken notice that Brazil is a better destination for technology outsourcing than India? The ability to stay current is one predictor of success
I am happy to see an architect from the insurance vertical join the blogosphere. Welcome Jaap and I look forward to many healthy dialogs
Brian Huff got it somewhat twisted due to my calling out patterns across vendors and not enumerating them on a per-vendor basis. Brian, don't worry as we are on the same page and agree on more things that appears on the surface. I was simply commenting on the horrific WSDL at large that exists. Some of the WSDL I have seen in the world of ECM feels more like a weakly defined upgrade path where they took their suboptimal query languages and proprietary APIs and simply wrapped them without any thought about doing it the right way of WSDL first. We both agree that arg0 is fugly but it is even worse as I held back and didn't comment on the simple opportunity to enumerate all possible values that could be passed as schema does support the notion of xsd:choice. Even worse is when you run across namespaces that read exactly like the underlying java classes. Let me say that standard WSDL in the ECM domain isn't possible until vendors at least figure out a standard query language to handle all the semantics you mentioned.
I was thinking about applying as a fresher. Do you think they would pay me a lot?
Good to see that folks in India were at least smart enough to invite Todd Biske but not smart enough to pick up his travel expenses. Travelling internationally can cost several thousand dollars but the investment to companies such as Wipro, TCS, Cognizant and others is order of magnitudes better than attempting to figure it out by googling his blog
The answer is yes as bloggers were rewarded for how much traffic they drove to the site. When I blogged on this platform, they use to reward me $200 to $400 a month. Maybe the compensation should have been a lot higher