Thursday, October 25, 2012

query on myisam taking long time in stored procedure

There was a very simple query which was taking time inside stored procedure like 20 sec.
If  I execute this query directly on the server, it was taking only 13 milli sec.

Using the Full Process List, I found that mysql was adding collation parameter to the query
 something like

NAME_CONST(' ',_utf8 COLLATE 'utf8_general_ci')

I found that the columns in my table have different char set. If you change the char set of innodb table, it changes for the columns as well, but the same is not the case with myisam.

Collation causes the full table scan instead of using the index.

Corrected the collation, and now it works as expected.



Limitations in MongoDB

I recently started exploring MongoDB for storing unstructured data. The choice to explore MongoDB first was based on statistics showing popularity of NOSQL databases where MongoDB outperform others.

The list of limitations is solely based on my exploration and may not be relevant to the most recent release or upcoming releases as they may have been taken care of

  • Does not support Join. This results into lot of denormalization. Multiple queries needed to collect information
  •  Does not support Transactions though it supports atomic updates.
  • Missing aggregate functions
  • Drivers for different languages have different behavior like the driver for Ruby does not support decimal like in Currency data type. You have to store cents in a different field.
  • Collection name cant be longer than 128 characters.
  • namespace file size is fixed to 16 MB by default which lets it store approx 24,000 namespaces. This means that the number of collection and indexes in your database cant exceed 24,000. This can be changed though.
  • Data file largest pre-allocated size is 2 GB.
  • You cannot delete individual documents from a capped collection nor can you perform any update that will increase size of document.
  • All String values must be encoded in UTF-8. There are plenty of situations where old encoding is used and issues pop-up while importing this data.
  • Issues with Datetime conversion with Ruby driver, not sure if this issue is there with other drivers as well. You cant use date classes that maintain time zone since a BSON datetime cant encode that data. There is no way to create custom BSON type.
  • BSON documents in MongoDB v2.0 are limited to 16 MB in size.

Thursday, December 15, 2011

ubuntu - apache start problem after reboot

After reboot of the server if you have trouble starting apache and you get the following error message
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80

This is due to password associated with the SSL certificate. After rebooting, system is trying to start apache as it has been configured that way, but unable to start due to required pass phrase.

There are two options, either remove the pass phrase or kill the process that is binding port 80. Following is the command to find that process


> sudo netstat -ltnp | grep ':80'


This will result into something like 



tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1393/apache2

> kill -9 1393

start apache and provide the pass phrase, you are good to go.

Thursday, December 8, 2011

a4j and IE 9 issues with framework.pack.js file

If you get the following error in IE 9


SCRIPT438: Object doesn't support property or method 'dispatchEvent'
framework.pack.js.faces, line 1754 character 26

SCRIPT16386: No such interface supported

framework.pack.js.faces, line 2373 character 3


This is related to the rich faces library 3.3.3.final

Apply the following to resolve this problem

Extract framework.pack.js from richfaces-impl-3.3.3.Final.jar (path - org\ajax4jsf\)

  • insert the following below line number 1914


Sarissa._SARISSA_IS_IE9 = Sarissa._SARISSA_IS_IE && (parseFloat(navigator.appVersion.substring(navigator.appVersion.indexOf("MSIE")+5))) >= 9;


  • After adding this line, change the following content on line number 2062


}}}}if(!window.DOMParser){if(Sarissa._SARISSA_IS_SAFARI){DOMParser=function(){};

to

}}}}if(!window.DOMParser || Sarissa._SARISSA_IS_IE9){if(Sarissa._SARISSA_IS_SAFARI){DOMParser=function(){};


  • Change the following on line number 2116


if(!window.XMLSerializer && Sarissa.getDomDocument && Sarissa.getDomDocument("","foo",null).xml){XMLSerializer=function(){};

to

if((!window.XMLSerializer || Sarissa._SARISSA_IS_IE9)&& Sarissa.getDomDocument && Sarissa.getDomDocument("","foo",null).xml){XMLSerializer=function(){};


Save the file and add the file back into the richfaces-impl-3.3.3.Final.jar replacing the earlier one.

Deploy and Enjoy

Friday, September 30, 2011

Creating Multiple Domain (UCC) CSR


Multiple Names on One Certificate


While it is not possible without TLS extensions to serve different certificates for a single IP (See here on how to setup apache on Debian for TLS extensions.) it is possible to have a single certificate that works with any number of hostnames. I’m not talking about a wildcard certificate but a certificate that allows completely different hostnames to be valid for a single certificate. For example www.foo.com and www.foo.org can share a certificate. This approach would not be appropriate except in certain circumstances. You wouldn’t want to have two different customers using the same certificate but a single customer may wish to use one certificate for all of their domains. Both Internet Explorer and Firefox honor certificates of this type. From what I read some Java SSL libraries do not handle this type of certificate properly but Java was the only exception.
x509 certificates, those that are served in SSL communications, offer a feature known as Subject Altnerative Names. A subject Alternative Name is an attribute that lists an alternate name for the subject of the certificate (that’s oddly fitting isn’t it?). In a web context that subject is the hostname. However it’s not just hostnames that can be an alternative subject. Email is an option as is IP addresses.
The first step is to create a CSR (certificate signing request) that contains the subject alternative names that you desire for your certificate. I will show how to do that using openssl. You will likely need to modify the default openssl.cnf file. In Debian this is located in /etc/ssl/openssl.cnf. Note that you may prefer to make modifications to a local copy and tell openssl to use your locally modified copy using the -config option. For simplicity I will omit -config localopenssl.cnf from my examples.


Config File Settings


You need to tell openssl to create a CSR that includes x509 V3 extensions and you also need to tell openssl to include a list of subject alternative names in your CSR. In my openssl.cnf I have the following:
In the [req] section

[req] req_extensions = v3_req



In the v3_req section:
[ v3_req ]  
# Extensions to add to a certificate request 
basicConstraints = CA:FALSE 
keyUsage = nonRepudiation, digitalSignature, keyEncipherment  
# Some CAs do not yet support subjectAltName in CSRs. 
# Instead the additional names are form entries on web 
# pages where one requests the certificate... 

subjectAltName          = @alt_names  [alt_names] DNS.1   = www.foo.com DNS.2   = www.foo.org

Generating the CSR

Then the CSR is generated using:

$ openssl req -new -out $CSR_FILENAME -key $KEY_FILE

To check to see if you got everything correct use:



$ openssl req -text -noout -in $CSR_FILENAME

You should see something similar to this:


Attributes:
Requested Extensions:             X509v3 
Basic Constraints:                 CA:FALSE             
X509v3 
Key Usage:                 Digital Signature, Non Repudiation, Key Encipherment             X509v3 
Subject Alternative Name:                 DNS:www.foo.com, DNS:www.foo.org