Systems Integration
Mar 16 2010
Branding Overview
Today I am going to give a high level overview of branding SharePoint 2007. First, I will give a short description of each of the core elements of a SharePoint brand, and then I will briefly outline how to create a consistent brand across a SharePoint website.
Custom branding SharePoint is an undertaking that will require significant time and resources to plan, design, develop, and implement. For our purposes, a basic/core SharePoint brand is composed of Master Pages, Layout Pages, Cascading Style Sheets (CSS), Item Styles, Themes, and Features. Several factors including the website’s scope, best practices, amount of customization required, and maintainability should be considered when planning how best to design and implement a SharePoint brand. Below is a brief explanation of each part of a SharePoint brand:
- The Master Page is a container
Mar 10 2010
Winstone: The Smaller, Faster, Lighter Servlet Container
A few years ago Bruce Tate and Justin Gehtland wrote a book entitled Better, Faster, Lighter Java. In this book they argue that sometimes a simpler solution is the right answer. As developers we often become attached to our "Golden Hammer" and try to use it for every purpose. Large Java EE containers such as Weblogic, JBoss and WebSphere have a place in our toolbox, but sometimes what you need is a simple container which starts quickly and has a small footprint.
Mar 09 2010
Secure Development - Error Handling
At first glance, error handling may seem more like a functionality issue than a security concern. However, when done improperly (or worse, not at all), error handling can lead to security holes in your application. The classic example of error handling working in favor of the bad guys are failed logins, where the system gives a different error message for an incorrect username vs. an incorrect password. This allows the attacker to first figure out a working username and then focus on brute-forcing the password for that user. This is much faster than than having to try an exponentially-higher number of all username-password combinations.
In general, good error handling is important because error messages can reveal implementation details and pinpoint flaws in your application if they are not used correctly. Here are some common examples of incorrect error handling:
Mar 06 2010
Kicking the Tires on Vivisimo Velocity
Recently I oversaw an internal development effort to integrate Vivisimo's Velocity search engine into Microsoft SharePoint and JBoss Portal. CapTech has experience with several search products and many have the same integration challenges. We found that Velocity's architecture simplifies or eliminates many of these challenges. Here are just a few great features that we leveraged in this project.
Mar 05 2010
Programmatically Purging EHCache in WLST
In my previous blog, we discussed how to locate MBeans within the custom tree. We're going to piggy back that discussion and show how to purge an EHCache MBean by executing the removeAll() operation.
For reference, let's see the findMBean() helper method we defined previously: