Head First Servlets & JSP

Today I bought myself Head First Servlets & JSP.

While I have absolutely no intention in passing any Java related exam or even do anything JSP-ish in the near future (see my reasons here, here and here), I had to have the book.


For one thing: While I have my problems with Java, I’m still very interested in it and the technologies around it. This is the reason, why I’ve already read one or the other book about JSP. The scond reason: The “Head First” series is absolutely the best way of how a tech book can be written. It’s a pleasure to read them.

They are that good, that it’s even worth reading them even when you don’t really need to learn what’s in them. It’s just fun to read it. Try it yourself!

XAMS (Exim) and SpamAssassin

It just came to me, that with the new custom_query-option for the SQL-preferences, it will finally be prossible to integrate SpamAssassin 3.0.0 into XAMS

For those that do not know: XAMS is a sophisticated configuration for handling multiple virtual email domains, keeping all users in a strictly normalized MySQL database.

In contrast to things like vpopmail, it’s easy to set up, does not require patches to any software component involved and is extremely feature-rich.

XAMS was built by Oliver Siegmar, taking my initial idea (german. written von de.comm.software.mailserver), cleaning it up and adding a web interface

I posted my SpamAssassin configuration to the XAMS Mailinglist, so read it there.



You may have heard of Geocaching.

This weekend I found my first cache. It was quite well hidden, but as I knew the territory (it’s where I lived from 1993 to 2000), it was not that difficult.

When I first tried to find the cache last sunday, it was already quite dark outside, so I had to give up. Yesterday, I’ve returned and finally found Magic Place / Forch-Denkmal

The picture was taken using my K700i. I didn’t have my camera with me

Somewhere around 9588…

OK. This has a definite technical reason and is neither wrong nor in any other way special. It’s just funny and reminds me of school where in a short presentation, someone did the same thing, so I though I can pot it anyway…

In PostgreSQL you can help the query optimizer to do it’s work even better by calling “VACUUM ANALYZE” – especially after inserting tons and tons of data.

I did that and found this status message:

INFO:  "art_pf": 209 pages, 3000 rows sampled, 9588 estimated total rows

What’s funny about that is that PostgreSQL actually counted the rows (I did a full analyze) and still talks about having estimated the count. And 9588 definitely is not what we humans call an estimation. When we estimate we talk in tens or even hunderts like “9000 estimated total rows or so”.

In the presentation I talked about at the beginning, the colleague of mine talked about a weather station “about 987.6 meters over sea level” which falls into the same category ;-)

mod_perl or not to mod_perl

Floating around the net I found a patch for my mod_perl problem I had with MT 3.1, so I have reenabled mod_perl, which actually sped up the wohle system greatly, but forced me to remove MT-Blacklist, as it’s not compatible with mod_perl environements (Internal Server Error, here I come!)

“No big deal”, I thought – deleting those five SPAM comments a day would not have been so bad – especially since MT 3.1 provides a far better comment-deleting UI than 2.6

Then, today, I had to change my mind: Between 6am and 12pm two of those f***ing SPAMMers actually posted stupid comment spam to nearly every posting in my blog. After deleting them, they gave me a rest just to continue their evil doing during the whole afternoon, forcing me to delete about 2 comments per 20 minutes. Inconvinient when I have to work in between.

So – for me, it’s back to non-mod_perl. It seems like gnegg.ch is popular enough for actually depending on MT-Blacklist. Very nice. Thank you stupid SPAMMers!

A look at Windows Installer

Before I begin, let me put this disclaimer: I’m biased, so this is maybe not objective, but it’s something I wanted to say. And who knows: Maybe you even think the same.

As you may know, Microsoft would really like to see all software using Windows Installer for its deployment needs. Windows Installer is a complex piece of technology, evaluating some kind of database that’s stored in those .MSI-Files.

Windows 2000 Server and later, namely with its Active Directory, provides the system Administrator with the ability to automatically install and update MSI based applications on the client computers, which definitely is a good thing. Additionally, MSI should provide end users with clean uninstalls, automatical repair and the solutions to COMmon [;-)] problems. Sound’s like a good thing, doesn’t it?

It would – if there was not quite a heap of problems associated with Windows Installer

  • First, the thing is intransparent and messy.
  • I have migrated my user profile to another machine, where not all the software I had on the previous machine has been installed. So the control panel was full of software that was not installed on the machine. Hitting “Remove” caused MSI to request the original installation MSI file (why the heck?) and with me failing to provide it (why should I redownload something just to remove traces of it from my machine if I don’t want it in the first place) and hitting “Cancel” removed the entry, but it reappeared when reloading the control panel applet. Cleaning the registry did help, but tell me of an end user capable of doing that.
  • Whenever I drop an URL from my Browser to the desktop, MSI pops up and wants to repair some software I’ve already removed. For this it asks me to provide the path to the original media. Why?
  • Creating Update-Packages is a pain in the ass: You have three possibiliteis:
    1. Create a “full update” which will first uninstall the existing version. That way you have to go great lengths to preserve the user’s data because it’s not that easy detecting whether the uninstall happens because of the upgrade or just is a normal uninstall. This, I want to add, is the recommended way of updating an application deployed by MSI
    2. Create some update-package. This often needs quite a bit of hacking to the MSI-File, leading to problems like MSI-Dialogs popping up asking for some files.
    3. Create a patch-File (.MSP). In MSI pre 3.0 this is a pain in the ass if you want to prevent the user from having the original MSI-File ready. Too bad, MSI 3.0 runs only on Win2k and later

Windows Installer is very tightly integrated into the system. Even small problems here and there (non-clean uninstallation or whatever) can cause major problems that are not really fixable. This is not what I call an end-user friendly technology.

And it does not end there: Have you ever tried engineering a MSI-File? You may begin by reading the SDK documentation I linked to above, but you will soon be overwhelmed – the beast is incredibly complex. But with complexity does not come feature-richness. For example, it’s impossible to install the .NET framework from an MSI based installation as only one of them may be running at the same time.

Because of this and many other problems, it’s the general oppinion to create a self extracting .EXE installing the prerequisities and then passing the control over to the MSI-File which still isn’t capable enough to do many things, setup authors today are used to do.

Big tool Vendors like WISE Solutions or InstallShield go great lengths to hide the comlexity of MSI and to add features not there in the basic version, while sometimes breaking validity of the generated packages or even the one big advantage of MSI’s: Transactional functionality. Thus, taking away the last benefits, MSI may have.

Conventional Installer Tools are availbable for free (InnoSetup, NSIS) and have a much more pleasant user experience: No silly questions for source packages, no confusing breakage and more.

Of course: Some things those conventional tools will never be able to provide:

  • Advertized Features (and Shortcuts)
  • Automatical Self-Repair
  • Advertized Installations (which allow restricted users to install certain packages)

    But to be honest: Which one of those features provides real value to the end user? I know many people that have installed MS Office, for example and no one of them – absolutely no one has instructed setup to install features on demand – nobody wants to insert the office CD at random events.

    In contrast: Everyone I know simply hates those Windows Installer dialogs popping up, requesting the source image. Lukas for example is unable to remove PGP Deskop becuase the uninstaller requires the installer package which can’t be provided as it’s packaged in a self extracting .EXE using a proprietary format. Simply reinstalling from this .EXE isn’t possible either because the extracted MSI detects the existing installation and want’s to uninstall but still does not recognize the extracted original MSI. Bad luck.

    So in the end MSI looks to me like an administrators thing, but not like a tool making the live easier for the end user. With tools like InnoSetup, I can create an user expirience that even non-tech-savy users understand and that even has no further problems popping up later. Granted: More advanced tasks are better integrated into MSI (Installations per User/Per System), but can be done with the conventional tools, if some thought is put into the installation.

    For now, I will definitely stay with InnoSetup and keep my supporting work focused on real application issues, not wierd MSI problems. For Administrators, installing PopScan for their users, we provide a detailed documentation describing, which file goes where and what the installer does, thus providing the administrator with the means of either create an MSI (which can be done automatically these days. The result is not optimized, but it does it’s job. Combined with our documentation, this can be a real alternative) or use other technologies to deploy the software.