J2EE EAR File Structure

A diagram from IBM Websphere redbook. I just keep it here to remind my rusted high performance brain.

JNDI Application Client in WAS 6.1 - Part 2

Continued from my previous post, this post attempts to address some of technical intricacies that you might face when try to authenticate yourself outside Java EE containers when doing naming operations.

Previously, I simply assigned the necessary rights to EVERYONE in Websphere Application Server V6.1 Administrative Console to enable anyone (Including those Unauthenticated) to perform naming operations.

However, this setting is not appropriate in production environment because some operations such as removing bindings and create new bindings are considered as privileged operations that require thoughtful considerations.

Assuming that you are created a new WAS User named "NamingUser1" and assigned this user with relevant rights (i.e. CosNaming Delete, etc)

Now the trick is to pass these credentials to WAS from the Java program.

So, the first mistake that might happened is you assumed the following codes will work:

Hashtable env = new Hashtable();

env.put(Context.PROVIDER_URL, "corbaloc:iiop:localhost:2810/NameService");
env.put(Context.INITIAL_CONTEXT_FACTORY
,"com.ibm.websphere.naming.WsnInitialContextFactory");

env.put(Context.SECURITY_PRINCIPAL, "NamingUser1");
env.put(Context.SECURITY_CREDENTIALS, "password1");

No, this will not work. You will shoot by the below exception:

javax.naming.NoPermissionException: NO_PERMISSION exception caught [Root exception is org.omg.CORBA.NO_PERMISSION:
>> SERVER (id=11c328fe, host=eddy) TRACE START:
>> org.omg.CORBA.NO_PERMISSION: Caught WSSecurityContextException in WSSecurityContext.acceptSecContext(), reason: Major Code[0] Minor Code[0] Message[ null] vmcid: 0x49424000 minor code: 300 completed: No
>> at com.ibm.ISecurityLocalObjectBaseL13Impl.PrincipalAuthFailReason.map_auth_fail_to_minor_code(PrincipalAuthFailReason.java:83)
>> at com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRIBase.authenticateSecurityTokens(CSIServerRIBase.java:2575)
>> at com.ibm.ISecurityLocalObjectBaseL13Impl.CSIServerRI.receive_request(CSIServerRI.java:485)
>> at com.ibm.rmi.pi.InterceptorManager.invokeInterceptor(InterceptorManager.java:592)
>> at com.ibm.rmi.pi.InterceptorManager.iterateServerInterceptors(InterceptorManager.java:507)
>> at com.ibm.rmi.pi.InterceptorManager.iterateReceiveRequest(InterceptorManager.java:738)
>> at com.ibm.CORBA.iiop.ServerDelegate.dispatchInvokeHandler(ServerDelegate.java:602)

...
...

You need to use JAAS to perform the authentication.

To make the case clearer, let us focus on the following source codes:

package lab.namespace;

import java.rmi.RMISecurityManager;
import java.security.PrivilegedAction;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.security.auth.login.LoginContext;

import com.ibm.ejs.models.base.bindings.applicationbnd.Subject;
import com.ibm.websphere.naming.PROPS;
import com.ibm.websphere.security.auth.WSSubject;
import com.ibm.websphere.security.auth.callback.WSCallbackHandlerImpl;
import com.ibm.ws.security.auth.callback.WSCallbackHandler;

public class Connect {
public static void main(String[] args) throws Exception {
Hashtable env = new Hashtable();
env.put(Context.PROVIDER_URL, "corbaloc:iiop:localhost:2810/NameService");
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
final Context initialContext = new InitialContext(env);
initialContext.lookup("");

LoginContext loginContext =
new LoginContext("WSLogin",new WSCallbackHandlerImpl("NamingUser1","password1"));

loginContext.login();

javax.security.auth.Subject s = loginContext.getSubject();

WSSubject.doAs(s, new PrivilegedAction(){
public Object run() {
try{
initialContext.bind("hello", "1234");
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
});

System.out.println(loginContext.getSubject());

}

}

You also need to add the following JARs to the class path:

${WAS_INSTALLED_FOLDER}/com.ibm.ws.webservices.thinclient_6.1.0.jar

Then you crossed your finger and execute the program again. And yet it still fails.

Exception in thread "P=172625:O=0:CT" java.lang.SecurityException: Unable to locate a login configuration
at com.ibm.security.auth.login.ConfigFile.(ConfigFile.java:129)
at java.lang.Class.newInstanceImpl(Native Method)
at java.lang.Class.newInstance(Class.java:1263)
at javax.security.auth.login.Configuration$3.run(Configuration.java:239)
at java.security.AccessController.doPrivileged(AccessController.java:241)
at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:233)
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:260)
at java.security.AccessController.doPrivileged(AccessController.java:192)
at javax.security.auth.login.LoginContext.init(LoginContext.java:257)
at javax.security.auth.login.LoginContext.(LoginContext.java:426)
at lab.namespace.Connect.main(Connect.java:38)
Caused by: java.io.IOException: Unable to locate a login configuration
at com.ibm.security.auth.login.ConfigFile.init(ConfigFile.java:238)
at com.ibm.security.auth.login.ConfigFile.(ConfigFile.java:127)
... 10 more

Now you shall setup JAAS specific environment.

Copy the following files to your workspace:

${PROFILE_HOME}\properties\sas.client.props
${PROFILE_HOME}\properties\sas.client.props
${PROFILE_HOME}\properties\wsjaas.client.conf

Modify the sas.client.props

com.ibm.CORBA.validateBasicAuth=false
com.ibm.CORBA.securityServerHost=localhost
com.ibm.CORBA.securityServerPort=2809
com.ibm.CORBA.loginSource=none
com.ibm.CORBA.loginUserid=NamingUser1
com.ibm.CORBA.loginPassword=password1

Note: Here I assume that the bootstrap port is 2809.


Modify the ssl.client.props

user.root=C:/IBM/WebSphere/ND/profiles/AppSvr01
com.ibm.ssl.keyStore=C:/IBM/WebSphere/ND/profiles/AppSvr01/etc/key.p12
com.ibm.ssl.trustStore=C:/IBM/WebSphere/ND/profiles/AppSvr01/etc/trust.p12

Note: Here I just used the same keystore from the server. It might not be the case for production environment.

You will also need to modify the source code to include the following line:

System.setSecurityManager(new RMISecurityManager());

Create one new file named "security.policy" and specify the following in it.

grant {
permission java.security.AllPermission;
};

Note: This is just for demostration purposes. You should tune the security policy instead.

Lastly you must add few JVM arguments for execution.

-Djava.security.auth.login.config=${YOUR_PATH}\wsjaas.conf
-Dcom.ibm.CORBA.ConfigURL=${YOUR_PATH}\sas.client.props
-Djava.security.policy=${YOUR_PATH}\security.policy
-Dcom.ibm.SSL.ConfigURL=file:${YOUR_PATH}\ssl.client.props

Potential Mistake #2: JVM argument "com.ibm.SSL.ConfigURL"

The value specified for this argument must start with "file:" for file URL. Fail to do this will make your head spin.


Finally, the program will be successfully executed and the new String object is bound to the name space. You can use dumpNameSpace utility to verify this.


Good luck.

JNDI Application Client in WAS 6.1

If you deployed your application into the web container or EJB container of the J2
EE/Java EE application server and you try to perform naming operations, basically the container already setup all necessary environment configuration for you to obtain the initial context. Initial context basically is the starting point in the name space that you want to manipulate. In Websphere, an initial context can be treated as a connection to the name server where the connection is defined by the bootstrap host, bootstrap port and protocol as part of the provider URL.

In the event that you need to develop application client that runs outside the containers, then you shall need to configure this connection yourself or as part of the application assembly process assisted by the tool. AST and Rational Application Developer can do all these dirty works for you.

However, under the circumstances that you don't have the luxury of using these tools, then you really need to know what to do.

In this example, I'm using IBM Websphere Application Server V6.1 with FP0.

Sample code:

package lab.namespace;

import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.InitialContext;

public class Connect {

public static void main(String[] args) throws Exception {

Hashtable env = new Hashtable();
env.put(Context.PROVIDER_URL, "corbaloc:iiop:localhost:9809");
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");

Context initialContext = new InitialContext(env);
Context myCtx = (Context)initialContext.lookup("cell/persistent");
myCtx.bind("hello", "123");


}

Without additional information, when you execute this program, you shall hit the first error:

Exception in thread "main" javax.naming.NoInitialContextException: Cannot instantiate class: com.ibm.websphere.naming.WsnInitialContextFactory [Root exception is java.lang.ClassNotFoundException: com.ibm.websphere.naming.WsnInitialContextFactory]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:669)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:259)
at javax.naming.InitialContext.init(InitialContext.java:235)
at javax.naming.InitialContext.(InitialContext.java:209)
at lab.namespace.Connect.main(Connect.java:19)
Caused by: java.lang.ClassNotFoundException: com.ibm.websphere.naming.WsnInitialContextFactory
at java.lang.Class.forName(Class.java:164)
at com.sun.naming.internal.VersionHelper12.loadClass(VersionHelper12.java:57)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:666)
... 4 more

You can solve this by adding the appropriate JAR into your class path. Locate ws_runtimes.jar at

${your_was_installed_dir}\deploytool\itp\plugins\com.ibm.websphere.v61_6.1.0\ws_runtimes.jar

You can try to execute again, and this time possibly you will hit the second error:

Exception in thread "main" java.lang.NoClassDefFoundError: com/ibm/CORBA/iiop/ObjectURL
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at com.ibm.websphere.naming.WsnInitialContextFactory.init_implClassCtor(WsnInitialContextFactory.java:172)
at com.ibm.websphere.naming.WsnInitialContextFactory.getInitialContext(WsnInitialContextFactory.java:112)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.(Unknown Source)
at lab.namespace.Connect.main(Connect.java:19)

The stack trace pointed out that the program need more JARs.

Here you have 2 choices as solution to the problem.

1. Change your JRE from SUN to IBM

To do this in Eclipse, go to Windows->Preferences->Java->Installed JREs

And specify the location of IBM JRE

${your_was_installed_dir}\java\jre\

And set this JRE as default JRE.

2. Add in only the specific JARs in your class path

Locate the following JARs:

${your_was_installed_dir}\java\jre\lib\ibmorb.jar
${your_was_installed_dir}\java\jre\lib\ibmorbapi.jar

High chance is that you still encounter another error after you added the above JARs.

WARNING: jndiNamingException
Exception in thread "P=762318:O=0:CT" javax.naming.NoPermissionException: NO_PERMISSION exception caught [Root exception is org.omg.CORBA.NO_PERMISSION:
>> SERVER (id=144d42ac, host=eddy) TRACE START:
>> org.omg.CORBA.NO_PERMISSION: Not authorized to perform bind_java_object operation. vmcid: 0x0 minor code: 0 completed: No
>> at com.ibm.ws.naming.cosbase.WsnOptimizedNamingImplBase.performAuthorizationCheck(WsnOptimizedNamingImplBase.java:4745)
>> at com.ibm.ws.naming.cosbase.WsnOptimizedNamingImplBase.bind_java_object(WsnOptimizedNamingImplBase.java:1267)
>> at com.ibm.WsnOptimizedNaming._NamingContextImplBase._invoke(_NamingContextImplBase.java:125)
>> at com.ibm.CORBA.iiop.ServerDelegate.dispatchInvokeHandler(ServerDelegate.java:613)
>> at com.ibm.CORBA.iiop.ServerDelegate.dispatch(ServerDelegate.java:466)
>> at com.ibm.rmi.iiop.ORB.process(ORB.java:503)
>> at com.ibm.CORBA.iiop.ORB.process(ORB.java:1552)
>> at com.ibm.rmi.iiop.Connection.respondTo(Connection.java:2673)
>> at com.ibm.rmi.iiop.Connection.doWork(Connection.java:2551)
>> at com.ibm.rmi.iiop.WorkUnitImpl.doWork(WorkUnitImpl.java:62)
>> at com.ibm.ejs.oa.pool.PooledThread.run(ThreadPool.java:95)
>> at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1498)
>> SERVER (id=144d42ac, host=eddy) TRACE END.
vmcid: 0x0 minor code: 0 completed: No]
at com.ibm.ws.naming.jndicos.CNContextImpl.doBind(CNContextImpl.java:2322)
at com.ibm.ws.naming.jndicos.CNContextImpl.bind(CNContextImpl.java:534)
at lab.namespace.Connect.main(Connect.java:23)
Caused by: org.omg.CORBA.NO_PERMISSION:
>> SERVER (id=144d42ac, host=eddy) TRACE START:
>> org.omg.CORBA.NO_PERMISSION: Not authorized to perform bind_java_object operation. vmcid: 0x0 minor code: 0 completed: No
>> at com.ibm.ws.naming.cosbase.WsnOptimizedNamingImplBase.performAuthorizationCheck(WsnOptimizedNamingImplBase.java:4745)
>> at com.ibm.ws.naming.cosbase.WsnOptimizedNamingImplBase.bind_java_object(WsnOptimizedNamingImplBase.java:1267)
>> at com.ibm.WsnOptimizedNaming._NamingContextImplBase._invoke(_NamingContextImplBase.java:125)
>> at com.ibm.CORBA.iiop.ServerDelegate.dispatchInvokeHandler(ServerDelegate.java:613)
>> at com.ibm.CORBA.iiop.ServerDelegate.dispatch(ServerDelegate.java:466)
>> at com.ibm.rmi.iiop.ORB.process(ORB.java:503)
>> at com.ibm.CORBA.iiop.ORB.process(ORB.java:1552)
>> at com.ibm.rmi.iiop.Connection.respondTo(Connection.java:2673)
>> at com.ibm.rmi.iiop.Connection.doWork(Connection.java:2551)
>> at com.ibm.rmi.iiop.WorkUnitImpl.doWork(WorkUnitImpl.java:62)
>> at com.ibm.ejs.oa.pool.PooledThread.run(ThreadPool.java:95)
>> at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1498)
>> SERVER (id=144d42ac, host=eddy) TRACE END.
vmcid: 0x0 minor code: 0 completed: No
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:67)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:521)
at com.ibm.rmi.iiop.ReplyMessage._getSystemException(ReplyMessage.java:241)
at com.ibm.rmi.iiop.ReplyMessage.getSystemException(ReplyMessage.java:189)
at com.ibm.rmi.iiop.ClientResponseImpl.getSystemException(ClientResponseImpl.java:232)
at com.ibm.rmi.corba.ClientDelegate.intercept(ClientDelegate.java:982)
at com.ibm.rmi.corba.ClientDelegate.invoke(ClientDelegate.java:459)
at com.ibm.CORBA.iiop.ClientDelegate.invoke(ClientDelegate.java:1150)
at com.ibm.rmi.corba.ClientDelegate.invoke(ClientDelegate.java:778)
at com.ibm.CORBA.iiop.ClientDelegate.invoke(ClientDelegate.java:1180)
at org.omg.CORBA.portable.ObjectImpl._invoke(ObjectImpl.java:484)
at com.ibm.WsnOptimizedNaming._NamingContextStub.bind_java_object(_NamingContextStub.java:174)
at com.ibm.ws.naming.jndicos.CNContextImpl.cosBindJavaObject(CNContextImpl.java:3962)
at com.ibm.ws.naming.jndicos.CNContextImpl.doBind(CNContextImpl.java:2260)
... 2 more

The exception occured due to the fact that WAS V6.1 control the usages of CORBA Naming Service to only those users/groups who is assigned the following rights depending on the action.

Cos Naming Read, Cos Naming Write, Cos Naming Create, Cos Naming Delete

You will need to acess Administrative Console (Integrated Solution Console) to grant the rights.

1. Open Administrative Console
2. Go to Environment -> Naming -> CORBA Naming Service Groups
3. Click on the EVERYONE group (This is just for simplicity, you can use other group)
4. Select the right(s)
5. Save and restart the server.
6. Modify the original program

package lab.namespace;

import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.InitialContext;


public class Connect {

public static void main(String[] args) throws Exception {

Hashtable env = new Hashtable();
env.put(Context.PROVIDER_URL, "corbaloc:iiop:localhost:9809");
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");

Context initialContext = new InitialContext(env);
Context myCtx = (Context)initialContext.lookup("cell/persistent");
myCtx.bind("hello", "1234");

}

}

You're done. Good luck.

Composites Tech eyes Mesdaq listing in 2010

Eddy said: As if I care about something that "could" happen in year 2010. Totally numbed.

For now, the fifth largest composite supplier to Airbus is trying to find strategic partners interested in working with it

COMPOSITES Technology Research Malaysia Sdn Bhd (CTRM) has set a target of being listed on the MESDAQ market of Bursa Malaysia in 2010.

Its senior general manager business development, Wan Abd Halim Wan Abd Majid, said the planned listing is still under consideration as CTRM is doing a due diligence with several banks.

“At the moment, we are trying to find strategic partners interested in working with us,” he told reporters during a media visit to CTRM’s facility in Malacca today.

CTRM, the fifth largest composite supplier to Airbus, is 90 per cent owned by the Ministry of Finance and 10 per cent by Petronas.



It has a 445,000 sq ft plant for the manufacturing of composite component parts for aircraft.

With a book order of RM3.2 billion for various design and manufacturing ventures, CTRM projects a RM700 million revenue for the financial year ending December 2010, Wan Abd Halim said.

“We are confident of achieving about RM307 million in revenue this year from the RM238 million in 2007,” he added.

En route to the listing, the company is diversifying its business to drive growth. It is looking to be involved in the manufacture of hybrid cars, the monorail body and wind blades next year.

Meanwhile, Wan Abd Halim said the outlook for the aviation industry remains strong amid the global energy crisis as people still choose air transport for travel.

“The private jet business will also start to grow as certain groups of people are slowly using private eight-seater jets for travel instead of normal airlines. — Bernama

Author of 100 Things To Do Before You Die has died

Eddy said: So Ironic!

Author of 100 Things To Do Before You Die has died before completing his list
Dave Freeman, the co-author of best-selling travel guide "100 Things to Do Before You Die" has died aged 47, before completing his irreverent list.

By Lucy Cockcroft

Dave Freeman tried out every task he wrote about had managed to tick off around 50 of the adventures recommended by his book, including land-diving on the Pacific island of Vanuatu and running with the bulls in Pamplona, Spain.

His father, Roy Freeman, said he died on August 17 after falling and hitting his head at home in Venice, California.

An advertising agency executive, Mr Freeman co-wrote the 1999 guide - subtitled "Travel Events You Just Can't Miss" - with friend Neil Teplica.

The book poignantly starts by saying: "This life is a short journey. How can you make sure you fill it with the most fun and that you visit all the coolest places on earth before you pack those bags for the very last time?"

Relatives said Mr Freeman visited about half the destinations on his list before he died, and together he and Mr Teplica had been to nearly all of them.

"He didn't have enough days, but he lived them like he should have," Mr Teplica said.

The book's recommendations ranged from well-known pursuits and events, such as attending the Academy Awards or Royal Ascot, to the extremely obscure.

The more bizarre suggestions include taking a voodoo pilgrimage in Haiti, nude night surfing in Australia and competing in a yelling competition in North Carolina.

Each of the 100 entries were accompanied by a rating which indicated where they were on the scale between "grandma friendly" and "down and dirty".

One of Mr Freeman's favourite events was the Las Fallas festival in Valencia, Spain, where firework-filled papier-mache effigies of politicians and celebrities explode at midnight.

He tried out every task he wrote about and listed land-diving in the South Pacific as the most exhilarating adventure.

The centuries-old tradition, which he called the "original bungee jump", involves leaping off tall towers with just a vine attached to the leg. One Vanuatu islander fell to his death during a 1974 ceremony witnessed by The Queen.

The guide was born out of a regular website feature called "The Coolest Place on Earth".

As readers sent in accounts of their experiences at wacky festivals around the world Mr Freeman and Mr Teplica decided to dedicate themselves to trying them all out.

The success of "100 Things" went on to inspire dozens of spoof imitations, with titles such as "100 Things Project Managers Should Do Before They Die" and "100 Things Cowboys Fans Should Know and Do Before They Die."

Portfolio B @ 26-August-2008

Transaction Costs are excluded.

700 unit of Pelikan
Avg Buy Price = RM 2.72, Market Price = RM2.60, Unrealized Gains/(Losses) = (RM84)

14000 unit of IPower
Avg Buy Price = RM0.195, Market Price = RM0.195, Unrealized Gains/(Losses) = (RM0)

1000 unit of Uchitec
Avg Buy Price = RM1.69, Market Price = RM1.49, Unrealized Gains/(Losses) = (RM200)

Portfolio B @ 14-August-2008

Transaction Costs are excluded.

700 unit of Pelikan
Avg Buy Price = RM 2.72, Market Price = RM2.60, Unrealized Gains/(Losses) = (RM84)

14000 unit of IPower
Avg Buy Price = RM0.195, Market Price = RM0.195, Unrealized Gains/(Losses) = (RM0)

1000 unit of Uchitec
Avg Buy Price = RM1.69, Market Price = RM1.70, Unrealized Gains/(Losses) = RM10

George Bush - Olympic World Peace Vacation :-)

Efficient And Inter-connectivity Public Transport System

Eddy said: Hope this leads to some where.. actually. You think those Tan Sris and Datos will let you overtake their precious power?

PUTRAJAYA, Aug 11 (Bernama) -- The public can look forward to an efficient and inter-connected land transportation system within this year with the setting up of the Transportation Commission soon.

Transport Minister Datuk Ong Tee Keat said Monday the commission aimed to make the land public transportation system user-friendly for commuters and operators.

It would be a single regulatory body for land public transportation, thus making regulation, licensing and enforcement hassle-free and more efficient, he said.

He was speaking to reporters after attending a meeting to discuss the formation of the commission at the Treasury here. The meeting was chaired by Prime Minister Datuk Seri Abdullah Ahmad Badawi.

Currently 13 agencies are responsible for the country's land public transportation system.

Ong said that certain powers vested in certain agencies needed to be reviewed as the existing jurisdiction was found to be fragmented, hampering efficiency.

He said today's meeting fine-tuned several matters pertaining to land public transportation but he did not provide details.

The commission would not overlap the Cabinet Committee on Transportation as they complemented each other, he said.

IBM Exam 704 - Advanced DB2 DBA Certification

Taking advantage of IBM certification promotion offered to their business partners in Malaysia, I enrolled into the test 000-704 advanced DB2 DBA about less than one month ago. The test only costs me USD30. Primary study material is the "Advanced DBA Certification Guide and Reference for DB2(R) Universal Database v8 for Linux, UNIX, and Windows", ISBN #0130463884. Overall the study experience was a pleasant one because you get to dive into the rich technical details of IBM DB2 database engine and start to be amazed by this world class RDBMS.

Anyway I think that it is too naive to declare someone as certified Advanced DB2 DBA just for the sake of passing 56% out of 57 questions. Yes, the questions are breadth and tricky but it would be better if the number of questions in the test increased to let say 300, :), testing every nuances of DB2.

For me, even passing the exam with flying colors as usual, I think I'm only conquered maybe 35% to 50% of the total universe of DB2 version 8 LUW, not to mention my lack of exposures in DB2 for i5/zOS and version 9 universes.

I will work harder. :-)

Total Eclipse @ 01-August-2008

AWESOME!

If the sexy shoe fits…

by Bee McConville

I’d put money on the fact that every woman I know keeps a pair (or two, or three) of gorgeous high-heeled shoes in a secret stash at the back of her wardrobe. There is something so very sexy about the stiletto shoe that women find them irresistible to the point that some actually get addicted to buying them – remember Imelda?

Ridiculously high-heeled shoes are now back in ashion and our favourite female celebrities such as Victoria, Katie and Cameron can be seen regularly cavorting in front of the cameras, posing and preening, and trying very hard not to fall off their vertigo inducing platforms and heels. Take Gwyneth, for example, she was photographed numerous times recently wearing towering heels which were reported to be a staggering six or even seven inches high. However, Gwyneth commented that the media were grossly exaggerating and pointed out that, “Men measure inches differently than women.” Way to go, Gwynnie! However, it is quite true that high heels have become higher than ever.




So what is it about high heels that make them so attractive? Well, for a start a fabulous pair of strappy, vampy high-heeled shoes will make your legs look a million miles longer than they really are, and no woman in her right mind is going to pass up a wardrobe item that has that kind of effect on her looks for such a relatively modest cost. Shoes with soaring heels are also incredibly sexy and, believe me, the moment you put them on they make you swing your hips and walk in a way that falls somewhere between raunchy and shamelessly, sensually seductive.


So where are we expected to wear such fantastic footwear? That’s a good question as glamorous shoes are certainly not made for struggling around the local supermarket pushing a loaded trolley. Neither are they appropriate footwear for strolling along the beachside in downtown Pattaya as you are likely to be mistaken for a local lady boy as you trip and sashay in your dinky-do shoes.


No, there are only two places where femme fatale footwear should be seen. The first is definitely after dark in any fine restaurant or club where you can slink around showing off your longer legs to an appreciative audience. The second is in the bedroom (or in the bed!) where you can simper and pout as you strut around in your dominatrix spikes and get your partner’s heart racing. In fact, it is not just women who have a love affair with sexy shoes as it is the favourite fetish with men. Apparently, 64% of men get off on the seeing a woman in a pair of spiky heels and find it a real turn-on.




But the good news doesn’t stop there. Not only do high heels make you look long-limbed and luscious, they also improve your performance in the bedroom, and not just because they act as a visual aphrodisiac for him upstairs. It has recently been proven that wearing high heels actually improves your posture and, because of the tilt in the pelvis, they also tone up the pelvic floor muscles. And we all know, don’t we ladies, that strong pelvic floor muscles contract with increased control and intensity and thus have a very positive effect on our love lives!But before we get too carried away and rush off to purchase a pair of Manolo’s or Jimmy’s, a word of warning. In order to get the optimum effect from sexy shoes or kinky boots, you actually do have to be able to walk in them. It is no good donning fantastic footwear if you then stagger and trip around the room looking like a drunken flamingo. And even if you are planning on keeping your precious shoes solely for boudoir use, you still have to be able to walk enticingly to and from the bathroom or mini-bar. So it might be worth giving those spikes a test run for a few hours before going public.


It is also worth remembering that fabulous footwear is definitely not for wearing on a daily basis (unless you spend most of your day lying down), as extended wear can lead to a variety of extremely un-sexy conditions like bunions, corns, hammer toe, osteoarthritis, metatarsalgia and Morton’s neuroma! In addition, if you are a bit of a high-heel novice, you may well fall off your sky-high heels and roll over on your ankle causing fractures and sprains.

However, I’ll leave the last words on sexy shoes to George Bernard Shaw who pointed out that, ‘If a woman rebels against high-heeled shoes, she should take care to do it in a very smart hat!’ What more can I say?