SOA Talk

December 23, 2011  5:48 PM

XML security appliance shopping advice

James Denman James Denman Profile: James Denman

Earlier this month I wrote an article on a Software as a Service provider that employed a SOA security appliance for authentication and identity federation. OmegaFi, the SaaS provider in question, fills an interesting niche – providing financial services for Greek fraternities and sororities. Helping college kids run their organizations more like a not-for-profit business is not always easy, but OmegaFi has thrived on their particular set of challenges. I recently had some correspondence with the company’s CIO, John Woolbright that I would like to share. Continued »

December 14, 2011  4:26 PM

Bhatt to head Progress

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

Last week, Jay Bhatt took the reins at Progress Software Corp., the company announced. Bhatt will serve as president and CEO. Progress, which markets to both resellers and enterprise end-users, is a major player in the areas of SOA, BPM and CEP.

Prior to coming to Progress, Bhatt was responsible for Autodesk’s global Architecture Engineering and Construction Solutions Division, where he was in charge of software development, marketing, product management, product design, business development and finance resources.  Mr. Bhatt also served as the CFO and Head of Corporate Development for, before that company was acquired by Autodesk in 2001.

“I am honored to be selected for this important role and thrilled to be joining Progress Software at this critical time in the company’s evolution,” said Bhatt, as stated in the company’s press release. 

“Progress has an excellent team, a large and impressive customer base, a loyal partner group and a very attractive portfolio of innovative products and solutions that enable businesses to become more responsive,” said Bhatt in a statement. ”

Bhatt takes posts formerly filled by Richard Reidy, who had held the jobs on an interim basis since an August announcement that he would vacate the positions. – Valerie Sarnataro

December 8, 2011  7:08 PM

Stonebraker sees high programming overhead for NoSQL

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

Innovative messaging and data architectures are being widely applied in Web applications these days – but approaches that work for the top-tier sites may not work well for others. While traditional RDBMs may not be the best path, the effort involved with making next-generation NoSQL DBs work may entail too much for typical shops, one noted database expert says. Perhaps not surprisingly, the expert, Michael Stonebraker, is presently touting an alternative to both traditional RDBs and upstart NoSQL DBs. He calls that alternative “NewSQL.” Continued »

November 30, 2011  5:43 PM

BPM joins ESB and data integration for Talend

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

Talend, which recently added ESB capabilities to its data integration platform, has added business process management (BPM) capabilities to Talend Unified Platform v5, announced this week at Gartner’s AADI Summit in Las Vegas, Nev. The move is part of the company’s effort to bring application and data integration closer together.

While Talend purchased its ESB capabilities (via acquisition of Sopera in 2010), it has chosen an OEM partnership with open source BPM maker BonitaSoft to fill-in its Talend Enterprise BPM offering.

Talend v5 with BPM enables users to integrate business workflows into their existing application and data infrastructure, said Yves de Montcheuil, vice president, marketing, Talend.

There are several reasons why application and data integration are converging, he said. “Organizations are under pressure to bring together the technologies to help efficiencies, but also to get more consistency in the way you bring data to integration,” said de Montcheuil.

He said the BPM software will add useful orchestration service support to the overall offering. Meanwhile, BPM can become part of the governance process, given the new integration.

Jack Vaughan

November 29, 2011  5:02 PM

Middleware testing gets tougher

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

From one SOA test expert’s perspective, 2011 saw a notable rise in agile development and related open source test software. Meanwhile, middleware testing continues to grow more complicated.

“What I saw this year was a rise of open source testing as an alternative to proprietary testing, as well as the continuation of service-oriented architecture,” said Frank Cohen, CEO, PushToTest, speaking with

Both the Agile drive and the open source drive may soon impact middleware more widely, Cohen indicated.  But a failure to come up with a common business interface pattern continues to challenge the user community.

“The IT industry has failed to create a standard for business integration. You can trace that back to Sun, Microsoft, IBM and Oracle not reaching an understanding on JBI [Java Business Integration],” he said, referring to a Java standards undertaking that is widely seen as having faltered.

“Without JBI, there is no way to model what the outcome of a business process is – nothing to write a test to, if you don’t have a standard that says what it does, ” said Cohen.

“The IT industry has failed to create a standard for business integration. So there are software developers building middleware either by hand coding at the language level using Java or building out a [proprietary] model,” he suggested.

PushToTest implemented a multi-step business workflow on Oracle, IBM and Tibco platforms to try and discern developer productivity and application performance differences end users might encounter. Involving Web services, the benchmark defines and implements a use case, adds HTTPS/SSL security, makes a change to a message schema and implements an asynchronous message delivery, and then runs a functional and performance test. PushToTest packs this all up in a SOAKit.

Cohen presented SOAKit performance results at a Tibco-sponsored presentation at this week’s Gartner Application Architecture, Development & Integration Summit in Las Vegas, Nev. PushToTest offers the software test suite as open source, available for free from its site as the SOAKit.

Jack Vaughan

November 17, 2011  5:31 PM

An OAuth API eases development

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

We spoke with Apigee’s Sam Ramji recently. He and the company, which focuses on API products for enterprises and developers, find themselves among those at the center of one of the rising trends in security services: OAuth.


In the past Ramji led open-source strategy across Microsoft, and was a founding member of BEA’s AquaLogic product team. He now acts as strategist for Apigee, where, along with others, he writes for the Apigee API Best Practices blog. He likens the token-based OAuth protocol to a valet key that allows users to go from Web site to Web site (from Twitter to TweetDeck, from Facebook to Twitter, from the New York Times to Facebook, and so on) without multiple logins.


”OAuth allows an application to act as an intermediary to services like Twitter – etcetera – on behalf of the end user,” he said. This type of token service for site hopping is a key mark of the Web 2.0 and the so-called ”App Economy” today. “We couldn’t have done this years ago,” said Ramji.


OAuth is said to play nicely with widely used Web-based REST methods. Moreover, Ramji suggested that OAuth makes a ”good enough” security service available to a broader group of developers. The mobile device explosion seems likely to expand OAuth use.


Previous alternatives involve a more complex set of processes for developers to learn. Of course, OAuth has its limits. OAuth aims directly at site-to-site application-to-application hopping over HTTP.  It would be used in some enterprises along with SAML, OpenID and other more complex security services located as gateways nearer to vital backend systems.


OAuth can be seen as an indicator of a sea change in services, said Ramji. ”It is as a token-based security system that allows users’ account information to be used by a third-party application in a way that does not expose the user name and password to that application.”


What can go wrong? ”The process of wiring up OAuth is pretty complicated for the average developer,” said Ramji. ”Also, it is still a spec in motion. No two apps really quite line up easily.”


That is the opening for Apigee. The company has built a single, simple API to talk to multiple end-services, he said. The hosted offering acts as a service broker that handles requests on your behalf. Developers can use Ruby, Objective C, Java and JavaScript to call the Apigee OAuth API that supported -when announced in August – Salesforce REST, Chatter, LinkedIn and Twitter APIs – with more to come.


Apigee’s work is emblematic of the work of API-intensive companies that may change the economics of the software industry. –Jack Vaughan


November 13, 2011  1:19 AM

Adobe gives up on Flash plug-in for mobile browsers

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

The mobile web application development world may create many unanticipated aches and pains if word out of Adobe this week is a guide. The company said it would give up work on Flash plug-ins for mobile browsers.

Of course, the late Steve Jobs’ well-publicized disdain for Flash – he cited speed and memory issues among others – put Flash-on-the-iPhone into a skid well over a year ago. It had been perhaps the most ubiquitous web browser plug-in on PCs.

HTML5 has been on the rise in the mobile space, but why abandon a flagship product on the hot mobile platform?

Since the initial announcement met much concern among Flash development community members, an Adobe manager of developer relations looked to clarify things. Adobe’s Michael Chambers emphasized the cost of mobile development efforts due to mobile devices’ :

• Differences in screen sizes, resolution and interaction models between mobile devices and desktop PCs
• Generally slower, and higher latency network connections (which is often metered) on mobile devices, which makes it cumbersome, sometimes expensive, and sometimes impossible to repeatedly load rich content from the web on demand.
• The tight integration with the underlying operating systems that native applications provide.
• The tight integration between mobile app stores and the mobile operating systems, which removes most of the friction for discovering new content.

” For each new device, browser and operating system released, the resources required to develop, test and maintain the Flash Player also increases,” he continued. If it is true that this is difficult for one of the largest software companies, how vexing will mobile development strategy be for development heads at non-software companies? What do you think?

November 2, 2011  5:05 PM

Lisp creator John McCarthy, 84, dies

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

The ‘creator of Lisp’ may be nicer than the ‘father of garbage collection.’ But John McCarthy could answer to either sobriquet. He died last week, at 84.

With Lisp, he gave a language to artificial intelligence and set the stage for reasoning systems and robots still a’borning. With garbage collection, he began to solve a problem that had begun to stymie computer advances.

Here, for perspective, is OMG leader Richard Soley’s take on the work of John McCarthy:

Although I never had the opportunity to meet Prof. McCarthy (he inconveniently left MIT for Stanford about the time I was born), his life and work had a profound influence on me.  I worked on MacLisp, CommonLisp and other Lisp systems the entire time I was at MIT, including a detailed stint on garbage collection systems (which he invented, before I was born).  The ideas that he brought to computer science, cognitive science and the nascent field of artificial intelligence (the name of which he coined) were literally decades ahead of their time, and that kind of forethought is rare.  I was lucky enough to work with some of his contemporaries, but many, many of his students; his life’s work enriched mine tremendously.

November 2, 2011  4:56 PM

Comment: SOA and the portfolio

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

Increasingly, serious SOA efforts are about managing a portfolio. That means sorting through the corporate assets to see what should be service-enabled, what should be left as is, and what should be retired. This is all about the wider, enterprise view.

It is hard to ultimately succeed with SOA services unless you take the wider view. That view must include an understanding of the organization’s overarching goals.  SOA has a technical angle, yes. But too often, SOA advocates have sent the business owner into trances with technical particulars – WSDL handshakes, ESB performance tuning metrics or service normalization patterns.

A shared vocabulary is what is needed, writes William Ulrich, head of TSG consultancy, featured in a recent SearchSOA article on application modernization issues. He sees the term and practice of business architecture gaining definition. Check out ”William Ulrich on ‘Business Architecture’- Seeking a common language.” – Jack Vaughan

October 25, 2011  3:47 PM

Azure adds integrating Service Bus

Jack Vaughan Jack Vaughan Profile: Jack Vaughan

The Microsoft Azure cloud effort is a fairly stupendous technology undertaking, but it remains somewhat unknown beyond the ranks of .NET development teams. At the outset, Microsoft started with a bit of clean slate – it skipped SQL support. Based on customer feedback, it has adjusted along the way, supporting relational data as well as non-relational, and coming up with a pretty robust offering in the process. Continued »

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: