Wednesday, September 24, 2008

Oracle OpenWorld, day 3

Tuesday was very diverse. I missed the 9AM session called "How to hack an Oracle Application Express application", because I wanted to finish my previous blogpost. However, before the third session started, I heard two people behind me talking how great this session was ...

So the first session I attended was Tom Kyte's keynote "The best way ...". I'm more a fan of technical sessions than keynotes, but this one was ok. He talked about best practices, that can only be good in your situation when the contexts are equal. If not, a best practice can easily be a nightmare. An example was the query "select * from t1, t2 where t1.id = t2.id and t1.small_distinct = :x". Two explain plans, one using two full table scans and a hash join, the other using index range scans, table accesses by rowid and a nested loop. Which plan is better? The answer is "it depends on the context". In a batch you definitely want the hash join to fetch all thousands of rows, but in an interactive application where you are only interested in the first row(s), you definitely want the indexed one. A quote I liked was "Don't tune a query - tune a process, an algorithm or the entire approach". Too often it occurs that a slow query can be tuned by not executing the query at all. I also liked this picture of Tom's favourite saying "Question Authority".

The next session was "Advanced Performance Diagnostics: What the GUI doesn't tell you", by Kurt Engeleiter and Jon Waldron. I didn't know the speakers, but the title looked interesting: advanced and something about numbers or statistics that are not visible through GUI's. They not only looked interesting to me: the room was full. However, the session was a big waste of time. Nothing advanced, only powerpointing through some basic AWR and ASH facts. And to top it off, I couldn't even follow the second speaker because he talked so fast with an Australian accent. Lesson learned: pick sessions more carefully and pick the ones from speakers you have heard of and know they are good.

Next in line was Steve Muench's "Oracle Application Development Framework 11g: New Declarative Validation, List of Values, Search and Services Features". The title says it all, I have nothing to add :-). Well ok, it was a good session with lots of new nifty features, clearly explained. The things that weren't clear, was not because of Steve's explanation, but because of my limited ADF knowledge. Declarative client side validations are great in general - provided they are validated in the database as well of course - and ADF 11g has delivered lots of it. APEX guys, please keep up!

I decided to skip Patrick Wolf's session "The Power of the Oracle Application Express Repository" in favour of Marcelo Ochoa's unconference session about REST webservices. He had only two attendees, so we got a private session about the differences between the SOAP and the REST protocol. The latter is capable of caching requests in a proxy due to an expiry date header and skip the XML-ish stuff, thus saving a lot of traffic and work. Next I talked with Marcelo about his DBPrism project. This software can be used to replace the mod_plsql engine of APEX and thus have proxy authentication inside APEX. According to Marcelo several companies already use his software for this reason and he never received bug reports, so it should be good. You can see the announcement on his blog here. I will definitely have to try it to see what's possible and what's not.

Since I skipped two sessions already, I just made it three and hang around in the OTN Lounge and talked to some now familiar people and with some new ones like Tim Hall (of ORACLE-BASE), Andreas Chatziantoniou and Hasan Tonguç Yilmaz.

The last session was Frank Nimphius' "Oracle Application Development Framework Web Application Security by Example". He showed several ways to implement client side security. The whole session I was thinking about why not implement this stuff in the database. Fortunately, in his last slides he recommended to do this as well, using features like VPD and database proxy authentication. Another plus was the live demo.

Now we'll have to wait for Larry's big "extreme performance" announcement tomorrow ...

No comments:

Post a Comment