The Blog

Open Days reservation system's high level overview - 2019

The LHC has a schedule of maintenance and performance upgrades. During these longer shutdowns CERN holds its major Open Days events. These allow the general public to visit areas normally restricted and used for research activity. Previous events have seen daily over 35k people visiting. To hold a big impact event successfully, certain preparations and arrangements are necessary. Our team’s responsibility was to deliver a reliable and highly available reservation system. This article gives a high level overview about the work that has been done and links together technical articles written about the Open Days reservation application.


Authored By: Viktor Kozlovszky

Published By: CERN IT-DB-DAR

Internationalization: concepts and implementations

We are in an era where lots of things can be achieved with just a few clicks and quick typing on the web. This simple and fast information exchange has made this method become a standard form of communication. The web removes physical boundaries and allows people with different nationalities and mother tongues to interact. Therefore it has become very important that all parties understand the information flowing through this channel. To provide the same experience for speakers of all other languages it has become essential to design websites with internationalization (later as "i18n"). The goal for this post is to give a better understanding about i18n and about the concepts behind the different framework implementations.

Authored By: Viktor Kozlovszky, Thomas Løkkeborg
Published By: CERN IT-DB-DAR

Keeping your logs clean with Apache Tomcat 9, log4j2 and spring-boot

These last days I've been playing with Apache Tomcat 9 and log4j2. You may wonder why I want to change the good an old Tomcat JULI. Well, although I love the simplicity of its configuration and the fact that JULI works, log4j2 offers a big variety of appenders that make it very interesting. Also I prefer the way of how log4j2 rolls the files, keeping the original name un-touched (e.g.

Testing web applications SSO with Keycloak

Usually when you are developing a new feature or fixing an issue, you want to focus in your business logic. If your application delegates the authentication in some SSO system you usually mocks the response from this last one. However for integration tests, it is nice to be able to test your application against the full SSO cycle, specially if you have to use things like the SAML2 Web Profile.

Oracle VPD as a safeguard for DML

Virtual Private Databases (VPD) is an Enterprise Edition feature related to security. It restricts the scope of Data Manipulation Language to a subset of the table rows by transparently adding a where clause before executing them. It is also called Row-Level Security (RLS). Where the policy is enabled, it is like having the selected DML (SELECT, INSERT, UPDATE, DELETE) operate on a transcient view. And the predicates for this view can be dynamic and even query tables that the user cannot see.

Minimal Oracle

The Oracle Database software is large, several gigabytes in Oracle Home for the part that is deployed on the operating system, and additional megabytes in SYSTEM tablespace for the part that is deployed as stored procedures (mainly the dbms_% packages). And this is not a problem with the traditional deployment methods where you can have a .zip golden image of the Oracle Home, and a database template to start a new DB. But this monolithic approach is not adapted to the current way people want to deploy software: