A few months ago, Adobe approached us to get some feedback on Flex 4 and Catalyst and how they would fit into our design and development workflow (our workflow was recently covered by Forrester, if you're interested). Rather than just providing anecdotal feedback, we built out a real application without taking any shortcuts in our approach. To that end, we have just announced the first ever Adobe Flex 4 and Catalyst application called Cynergy.Congress. This application allows you to learn about United States members of Congress, including their terms, policies, committees, recent news and even videos of their testimony on the floor of the House or Senate.

I know I am aggregated by some tech-centric blog aggregators and if all I was passing along was a link to a Flex application, that wouldn't interest a lot of you. Well, as Dave Wolf announced in his blog entry, we will also be releasing the source code in the coming days so that you can download, explore, and extend the code to start getting familiar with the next version of Flex. Andy Trice, who is Cynergy's Principal Architect for Adobe AIR and Adobe Flex, was the lead developer on the project, so I can promise you that nothing but the very best practices were used during development and this isn't simply demo-ware. He has already started posting about his experience with the project and it provides some great insight into the new workflows that Adobe is introducing with the next version of the Adobe Flash platform. Have a look!

Forrester has been trying to understand the rich Internet applications (RIAs) design and development process. While many firms like Cynergy have been doing this sort of development for so long that it seems like it's old hat, the fact of the matter is that building real applications with technologies like Adobe Flex, Adobe AIR, Microsoft Silverlight, and Microsoft WPF is still pretty new and lots of companies are trying to get their heads around how to set up a successful workflow. After a lot of research, Forrester essentially concluded that Cynergy's approach -- and what we have learned by approaching our projects this way -- is the template from which other firms should be modeling their workflows, and Dave Wolf, Cynergy's vice president has blogged a nice summary with a link to a free copy of the report (which usually goes for $750).

Now, I want to be very careful with the messaging here. I still (barely) maintain a separate blog from Cynergy's blogs because I don't want to be a shill for everything we do -- at least, not on my blog. :) That said, one thing I've learned in the time I've been at Cynergy is just how hard it is to set up a repeatable workflow for designing and developing successful RIAs. And by "successful RIAs" I mean real, enterprise-level applications upon which you can build your business. Trust me, if this workflow were that easy, a lot more people would be doing it, and it's one thing to do something once but another thing entirely to continually "rinse and repeat" it successfully.

I encourage you to check out the report and compare how we're building RIAs with how you're building them (or would like to). At 7 pages, it won't take more than 15-20 minutes of your time but it could provide insights into a process that will save you hundreds of hours down the line. Oh yeah, and if you'd like to see the output of having a sound process, check out CynergyTV for some examples of real apps built to solve real business needs.

So Dave, you mean you've spent the last year re-building CynergyTV? Nope, not quite. That was done by an extremely talented team here at Cynergy that worked extremely hard to not only refresh the user experience but deliver the content in professional audio/video quality supported by lots of hardware and software upgrades in our data center. Incidentally, when I say team, I mean it in the truest sense of the word -- our president, Carson Hager, recognizing that we could and should present our accomplishments better and allowing guys to stop being billable in order to get this done; our Marketing group spending hours in the recording studio choreographing the audio/video; our User Experience group iterating through lots of potential look and feel options until it was nailed; our Rich Interface team implementing the user experience in Adobe Flex; and finally, our Enterprise Services and Network Support teams building out the services tier to support the streaming video content (not a trivial task as I've come to learn), notifying the appropriate people when the Let's Talk form is submitted, and then setting up the appropriate infrastructure to host it all in our data center. If that sounds like a lot of work, that's because it was -- and it was well worth the investment.

So back to my opening question as to why I've been so quiet. Well, if you head over to CynergyTV (after reading this post, of course), you'll see that one of the showcases is for an application we built called Quickcomm Enterprise, a telecom expense management (TEM) tool for one of our clients, Quickcomm. It is this application that has basically been most of the last year of my life. As the Technical Lead on the project (which is a combination senior application architect and project manager here at Cynergy), I have spent over 1,600 hours working with my team here at Cynergy and the team at Quickcomm to deliver the most disruptive TEM solution on the market and I'm extraordinarily proud and privileged to have worked with both teams.

Since the completion of that project a short while back, I have since made the transition for being a Technical Lead to Business Development -- yes, the dreaded "sales" guy. I was ready for a new challenge beyond coding and the growth opportunities here at Cynergy made this transition both seamless and a no-brainer. So now I get to put on my sales hat: If you're interested in speaking with us about an idea you have or have an existing application you want re-invented to provide a better user experience, drop us a line and we're happy to speak with you further. And of course, if you have any feedback at all about the re-launched CynergyTV, feel free to leave a comment and I'll make sure it reaches the right people immediately.

Lastly, if you're a developer who wants to work with a phenomenally talented team that continually delivers cutting edge applications, we'd love to speak with you about career opportunities at Cynergy. It's a great time to be building RIAs and we'd love for you to be a part of it!

Let's get one thing right out there though: Not all RIAs should be searchable by search engines. Many (most?) RIAs are not and should not be simple ports of HTML-based web sites over to these newer technologies. That would be a waste of time and money. RIAs really excel for true web-based application development -- think applications like Picnik, an online photo editor. There isn't any real value in Google being able to index the photo editing application itself -- that's sort of like indexing Microsoft Word.

However, an Adobe Flex-based RIA that captures the latest new stories and visualizes them -- i.e., displaying the titles in little bubbles and having more popular stories have larger bubbles -- is right in the wheelhouse of the utility of this announcement. The ability for Google and Yahoo! to be able to crawl the SWF itself for the content rather than having to expose the raw RSS feed, XML file, or whatever the source is incredibly valuable. A social network RIA that allows search engines to index public profiles -- think LinkedIn -- is yet another example of where the convergence of the sticky user experience Flex provides and the search engine power of Google and Yahoo! is extremely powerful.

Lastly, and this is a lesser point yet one I still wish to make, I've been to trade shows where AJAX-focused companies tout their products. Interestingly, I invariably hear them say as part of their pitch that one of the big distinctions between AJAX applications and Adobe Flex or Microsoft Silverlight applications is that AJAX apps can be searched by the major search engines. Well, the competitive advantage is leveled today. I certainly am one who is curious to see how Adobe's announcement plays out in reality (name the last technical solution you saw that worked flawlessly on the first try), but hopefully the AJAX vs. Flex/Silverlight debate can start to move back to what really matters: the user experience.

I just came across a phenomenal blog post outlining the different channel/endpoint options available in BlazeDS and LiveCycle Data Services along with a breakdown of the pros and cons of using each connectivity option.

I'm not a fan of link dumps like this, but, honestly, anything I write will just be a regurgitation of this excellent summary, so I'm going to break my own rule and direct you to Damon Cooper's blog instead. If you're doing any work with BlazeDS or LCDS, you have to read and bookmark this post!

With the release of Flex Builder 3 Beta 2 on Adobe Labs, when you now compile your application, Flex Builder only generates a debug version of the SWF by default. However, and this is the part that is tripping people up, there is no -debug suffix on the generated SWF file, so it will be named as if it were the release version. The big difference is that the file size will be much larger. This last point has raised a red flag with some developers, who mistakenly believe that the latest beta actually increases the file size of the release version of their application.

Why did Adobe do this? Well, if you've built a good size Flex application, you'll have likely noticed that the compilation time grows dramatically to the point where you can sometimes literally go and get some coffee in the time that it takes to compile your application. Seriously. This is (partly) because, prior to Flex Builder 3 Beta 2, both a release version and a debug version of the application were being generated in the output directory, so you were waiting roughly twice the amount of time for Flex Builder to do its job (OK, the delay is not quite that linear, but you get the point). Further, if you're using the Modules feature, you had to write some hack-ish runtime code to determine which SWF file to use between development and production. But when you're developing your application, you usually don't care about the release version of the SWF, right? Well, to reduce this "wait time," only the debug version of the SWF is created, and since the file name will always remain the same, your hack-ish runtime code is no longer needed.

OK, so this is great while you're developing, but what happens when you're ready to release your application and really do want the release version of the SWF? Well, the latest beta introduced the Export Release Wizard. Found in the Project menu, this handy wizard will create the release version of your application in a bin-release directory by default. It is in this new output directory that you will find a clean, compressed version of your application all ready to deploy to your production environment.

Mike Morearty and Tim Buntel of Adobe give excellent explanations of this change and I encourage you to take a look at their posts if you would like more information. It's a change that makes sense, but if you're a long-time Flex developer, then it's definitely going to take some time to get used to remembering it.

Big Disclaimer: Please be aware that nightly builds are not as rigorously tested for stability by the Flex engineering team before release, which is why you don't see them labeled with the official "Beta" tags. In fact, it is possible that some nightly builds may not work at all. Further, the nightly builds do not include further support for Adobe AIR, so you'll need to stick with the June release if using that technology.

Installation is as simple as backing up the "moxie" directory in your current installation (which is located under the "sdks" directory in the installation root) and then overwriting its contents with the downloaded zip (I also clean my projects in Flex Builder via the Project -> Clean...) option to make sure there are no lingering issues.

Unfortunately, there are no nightly builds of the Flex Builder 3 IDE available, but the Flex 3 Planning Guide indicates that a refresh will be available in early October (I'm guessing at MAX, even though it's technically at the end of September).

• Memory leak in Accordion.
• ViewStack containers are not GC'd - memory leak.

In a somewhat questionable move when you consider that this is just a hotfix, please be aware that some classes specific to the LiveCycle Data Services product (formerly Flex Data Services) have been moved out of the SDK and may break existing code, particularly for those of you who use the Cairngorm framework. Specifically, the Consumer class has been moved out of the SDK and Cairngorm makes a reference to it in the ServiceLocator class. Alistair McLeod has posted more details on the issue and expects to have an update of Cairngorm available as soon as possible. Further, Matt Chotin has posted that the main installers will not be updated with the hotfix bits due to the lack of desire to update all the documentation, so if you need to re-install Flex Builder or are trying it out for the first time, you'll need to make sure you run the Hotfix 2 installer separately. Lastly, the update is cumulative, so you will not need to install Hotfix 1 first.

Also released was an update to the Flex Data Services product line. Perhaps most importantly, Flex Data Services is now named LiveCycle Data Services, though the Adobe site looks to have been not made the appropriate site updates as of this posting. Further, the links in the updater's readme file to the main product page, Release Notes, Installation Instructions, and Known Issues currently redirects to the Adobe.com home page, so there's no way of knowing what was addressed in this update. This isn't the first time that Adobe has released an update to a product without updating the supporting web site references for a noticeable period of time (i.e., days), and hopefully the disconnect is addressed in the future, as it's frustrating to not be able to get to the information we need to make important decisions about installing and/or updating a product.

What's interesting to me about this debate is that, once again, with the introduction of a new, potentially disruptive technology, it always winds up being an "either/or" discussion rather than an "and" discussion. That is, the debate can usually be distilled down to why one would use technology X rather than technology Y when the discussion should really be how one can use both technology X and technology Y. As a real-world example, simply replace "technology X" with "Adobe Flex" and replace "technology Y" with "AJAX" in the previous example and do a simple internet search. I mean, I thought that we, as developers, were in the business of delivering the best product to our employer/customer/client rather than a product that uses a specific technology simply because that's their personal preference? Did I miss something?

Dave Wolf, Vice President of Consulting at my employer, Cynergy Systems, wrote an excellent blog entry this morning entitled Wake up and see the Silverlight, which discusses just how phenomenally important Microsoft's Silverlight announcement is to the Rich Internet Application (RIA) industry. As he notes:

...[T]his week's news that Microsoft has officially named Sparkle - WPF/E as Silverlight and that it is clearly and finally on its way to market truly is the tipping point that establishes that RIA's are real, RIA's are the future and RIA's will shape the way we are going to be developing software for some time to come. Microsoft just justified and legitimized RIA. That is HUGE.

Dave hits the nail on the head in his entry, and I won't try and re-hash it here, as I wouldn't be able to do it justice.

However, my point is that this isn't about how Silverlight is going to squash Flex, or vice versa. This is about how the RIA industry just became the focal point for future development, and that's an incredibly important validation of Adobe Flex and, by extension, Apollo. By recognizing that the equivalent of the Adobe Flash Player is the future of delivering engaging web applications, Microsoft validated the Player as that delivery platform. Hence, they built their own.

Did Microsoft declare that Adobe is officially in their cross-hairs? Absolutely. Is the first release of Silverlight going to knock the snot out of Adobe Flex? Absolutely not. But let's be honest here -- for anybody that used either Flex 1.0 or Flex 1.5, those initial releases left a lot to be desired themselves, so let's not be so quick to bash Silverlight as a failure waiting to happen. It'll likely have its warts, much the same as Flex 1.x did. But, in true Microsoft form, once they get that second or third release out and their development community on board, the RIA space is going to have at least two major players from which developers will be able to deliver rich, engaging applications. I don't know about you, but I couldn't be more excited!

Have a look at Dave's entry to get a more thorough analysis of the impact of the Silverlight announcement. Don't worry Adobe fans, Flex isn't going anywhere. In fact, I think it got just a whole lot stronger!

1. You'll need to download the latest uninstaller (dated 11/14/2006) to get rid of the version 9.0.28 bits. You can likely just install the upgrade over an existing 9.0.x installation, but I know in the past that Macromedia-now-Adobe has recommended first uninstalling the existing Flash Player before installing the new version, so I tend to follow that to be safe. I had an uninstaller from the 9.0.16 release, and it threw a runtime error during the uninstall process for the 9.0.28 Player because a method was missing from one of the installed DLLs (sorry I can't be more helpful with the specific message because I resolved the problem before capturing a snapshot).
2. This problem I have yet to solve. I am using the Eclipse plugin version of Flex Builder 2.0.1 with the SDK Hotfix 1 installed and every time I go to launch one of my Flex applications, I now receive this lovely error message:

What really annoys me about this error is that it still launches the application without issue using the 9.0.45 Flash Player, but there's no way of turning it off via a "Remember this decision" error, so I now have to Click the "Yes" button every time!

If I happen to come across a solution to number 2 or if Adobe happens to post a workaround, I'll post an update back here.

However, the problem with the above code is that it throws a not-so-clear run-time exception:

Error: Error #2099: The loading object is not sufficiently loaded to provide this information.

Yeah, that's really helpful! This error prevents you from being able to see the event object except for actually setting a breakpoint in the Flex Builder UI and re-running the application in debug mode. However, there's a workaround that you can use to get the object to dump out correctly:

The key to the above modification is the last argument, which is an array of options to exclude when dumping the object. In this case, since the loading object info isn't available, just get rid of it!

I certainly recognize that there are several ways to inspect an object at runtime, and using ObjectUtil.toString() is just one of them. However, in the case that you use the above approach, remember to exclude the loaderInfo data from the dump, and you'll be all set.

A little over a year and a half ago, I stumbled across a posting on Javalobby that gave a step-by-step explanation as to how you can manage multiple Eclipse IDE installations. Using this approach, having to use multiple IDEs (or even just updating between, say, Eclipse 3.1 and 3.2) doesn't mean having to re-install your plugins for each one. I've been using this setup for a really long time now and have never run into issues with it.

Eclipse is a killer IDE that I still can't believe is free. Now you can enjoy using many of the rich plugins available without having to worry about re-installing everything between IDE updates!

Today we launched Cynergy TV, an interactive Flex-based channel where we will be publishing all sorts of showcases, flex tips, tricks, etc., that we hope will benefit the Adobe Flex community. As an employee at Cynergy, I'm incredibly excited to see where we take this, and I definitely plan on contributing as we move forward with the initiative.

So what's this about "Adobe Flex at its best?" Well, "episode 1" showcases some of our most engaging applications. I've noticed several flexcoders and blog posts from people who don't think Adobe Flex is verstaile-enough to be taken seriously or is limiting in its design. I simply disagree, and I hope that these showcases will provide some inspiration for you to create some truly interactive solutions. Our showcases really exhibit Adobe Flex at its best. From ColdFusion to Java to .NET, we've created high-impact solutions that integrate with all sorts of back-end systems.

Are you a developer who has worked with Flex or AJAX on some level and is interested in joining the industry leader in Rich Internet Applications? Shoot us an e-mail with your resume. We really want to hear from you. As it says all over our corporate web site, "Let's Talk." ;)

For a while, I just downgraded to the 9.0.16 version of the Flash Player that comes with the Flex Builder installer because that worked without issue. However, tonight I decided to investigate a bit further what exactly was breaking the plugin. As it turns out, it's relatively simple. To make the Flash Player compatible with Microsoft Windows Vista, Adobe changed the location of the flashlog.txt file that the debugger player writes to. It can now generally be located in this directory (on Windows machines...I don't have a Mac to test with unfortunately):

C:\Documents and Settings\[username]\Application Data\Macromedia\Flash Player\Logs

Make sure a file call flashlog.txt exists in that directory (if not, just create an empty file with that name in Notepad), open up the Flash Tracer plugin, select the Options button in the lower right of the pane, and paste in the new location in the "Select output file" box, making sure that flashlog.txt is appended to the end. Now restart Firefox and you should be all set. I have had no issues with the 9.0.28 release since this change.

I honestly can't say enough about the productivity increase this plugin has afforded me since coming across it. If you're having problems, using the above instructions should sort them out.

Update: My co-worker, Keun Lee, passed on some helpful information to me with regard to getting the Mac version of the plugin to work and has given me permission to re-print it here:

[T]he tracer will tell you where to set the location of where your flash player debug log file is located. You'll need to be careful as the location is specified in a pretty non standard format.

Hope that helps out the Mac people!

Adobe has provided an update to resolve vulnerabilities in Adobe Flash Player. These vulnerabilities would allow remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks. The flexibility of the attack varies depending on the type of web browser being used.

Apparently, Flash Player 7, 8, and 9 are all affected, but there is only an update available for version 9 at the moment. I should also note that the fix has been marked as "Important," which is one step below their highest severity level of "Critical," so definitely look into upgrading if possible.

For any Flash or Flex developers who rely on the Debug version of the player for development, Adobe unfortunately makes it hard to find the updated Players on their site, so here you go.

However, one thing I have been noticing is that a lot of the commercial web sites that use SWFs to deliver some of their content (i.e, user polls, etc.) are leaving lots of trace() statements in their code, apparently on the assumption that since the user is not running the debug version of the SWF, they can't see the debug output. Well, that's no longer a safe assumption, and while I haven't seen any security exposures as yet, it does emphasize the point that you should always strip out your debugging code before deploying any SWFs to production. One site that I'll keep anonymous has so much debug junk in their code that it practically crashes my browser when I try and load their page!

Anyway, just keepin mind that debugging statements can be viewed outside of the debug SWF, and you'll be all set.

To that end, I want to point you to the excellent CairngormDocs.org site that was recently set up by the Cairngorm Documentation Group. While there are links to sample apps and the API documentation, I specifically wanted to highlight the interactive Cairngorm Diagram Explorer, which shows a visual flow as well as the supporting code sample to execute that part of the diagram. It has really helped solidify the process of broadcasting, handling, and sending a response to a user gesture via Cairngorm.

One tip though...do yourself a favor and save the SWF to your desktop and run it in the standalone Flash Player rather than through your browser. Doing it that way will allow you to view the diagram on the left of the page while displaying the related code snippet on the right side.

First off, it's important to make sure you have the Cairngorm SWC file properly added to your project. Since that's beyond the scope of this tip, you can check out Joe Rinehart's step-by-step instructions for doing so. After double-checking that I had the SWC properly imported, I couldn't get the Cairngorm-specific code to appear when I referenced the appropriate paths, and I certainly didn't want to have to drop the source code into my project. After a lot of digging, I was able to solve my issue by doing the following:

1. Right-click on the project in which you're using Ciarngorm and select the Properties option at the bottom of the context menu.
2. The fourth option in the dialog box that appears is the Flex Build path option. Select that to switch to that view.
3. Click the Library path tab to switch to the SWC in the project build path.
4. Highlight the Cairngorm SWC file and click the Up button at the right to move it to the top of the library path.
5. Click the OK button and wait for the project to re-compile.
6. Optional: You may need to close the project and re-open it to get the highlighting to work.

Truthfully, I don't know why I had issues getting the hinting to work. I dropped in the Cairngorm 2.1 SWC and it just didn't want to pop up any of the hints for me. If you're having this problem, hopefully the above steps with resolve your issue.

Cynergy has quickly established itself as a leader in the Rich Internet Application (RIA) revolution, and I couldn't sit on the sidelines and watch while they had all the fun. Their collective talent and passion absolutely blew me away, and there was no second-guessing once I accepted the offer. You can see some examples of their expertise over on their blogs and the flexcoders mailing list (hint: search for "Cynergy" or "Dave Wolf" or "Andrew Trice" for some sample posts). In short: these guys know their stuff, and I'm hoping to uphold that level of expertise.

You may have noticed in the opening paragraph that I noted that I will be working with Java. Those of you who know me (or have read my other posts) know that I am a longtime ColdFusion developer (I just hit my ten year mark recently). This change means that I will be stepping away from ColdFusion for a little bit while I diversify my skill set with Java and Flex 2. I'm a bit sad, a bit nervous, but, most of all, I'm incredibly excited to be broadening my base and getting into areas of work that are new and challenging. Diversifying my skill set is something that I've been wanting to do for years, but just never found the time to do outside of reading books and playing around with personal projects. And while I firmly believe that ColdFusion will gain more and more traction down the road as more companies recognize its beautiful integration with Flex 2, the reality is that the lion's share of current Flex RIA work is using a Java backend. Further, it has been suggested they are open to eventually bring in more Flex/ColdFusion work down the road at Cynergy, so don't think I'm leaving the CF world forever. I look at it as a hiatus while I go cut my teeth with Java. Also, this site along with some other personal projects will continue to use ColdFusion as its backend as well.

OK, so I mentioned something in the title about the value of CFUNITED. Well, if not for the friends that I made down at the conference over the last two years, this opportunity likely would not have come to fruition. See, two years ago, I was fortunate to meet Adam Wayne Lehman (who is now a ColdFusion specialist for the North American Sales Team at Adobe). We have kept in touch since then, and, at this past conference in June, he introduced me to a good friend and then-co-worker of his, Cliff Meyers. We had a great time at the conference, and then caught up a few weeks ago. Cliff went to work for Cynergy just after CFUNITED and raved about them. At the same time, I was hitting a ceiling at my current job and decided to throw my candidacy out there to see what would happen. Fast forward to last Friday when the official offer was extended, and here we are! While I agree with Sean that there are more to conferences than just the networking, I have to say that there's no way that this opportunity would have come to pass as quickly as it did without CFUNITED. So if you're ever on the fence as to the value of this conference (or other conferences in your field), I'm happy to be a case study in their benefits! It has changed my life and I'm incredibly excited at the opportunities that lie ahead.

I'll be starting there towards the end of this month while I properly transition out of my current job. It may or may not be quiet on here until then!

However, I did take notice of one particular aspect of this case study's implementation that I think gets glossed over in the Flex 2 vs. AJAX decision-making process: visualizing your data. (And let's be honest for a second: while I know you'll hear many who say that you can use both Flash and AJAX together, including the Adobe brass, that doesn't seem to be happening in most applications that I've seen (with perhaps a smattering of notable exceptions); most are in one camp or the other.)

While developers will likely note that the cross-platform features of the Flex 2 platform are its biggest strength, I respectfully disagree. That's an incredible convenience, but it's not why I'm going to use it in my work. See, I'm of the school of thought that I need to present my users with the best experience possible based on the presented requirements. Humans are, by nature, visual beings. If presented with a table of data or a chart that presents that same data, a user is going to more quickly and efficiently draw his or her conclusion from the chart virtually every time. It's how our brains work. I think of the old cliche that "a picture is worth a thousand words." That may sound trite, but cliches become cliches because they're true. To that end, the most differentiating feature of the Flex 2 platform, to me, is the charting suite. The Flex 2 charting components allow users to visualize their data in ways that previously required third-party vendors and lots of supplemental code to interact with it. Andrew Tahvildary, vice president of development and Primavera Services (the subject of this case study) notes that, with Flex 2's charting components, "...we were able to use a combination of charts and data grids to provide multidimensional views over a large set of analytical data." I just don't know of many AJAX libraries that come out-of-the-box with this capability, and at Flex 2's price point.

Have you seen the Adobe Flex 2 Component Explorer yet (Adobe Flash Player 9 required)? There are 16 default chart types, and all of them are extensible so that you can customize a chart to your needs. Want to see what a real-world implementation of the charting components might look like? Have a look at the Dashboard example (Adobe Flash Player 9 required) and watch how selecting data slices in one part of the application affects the charts in the other areas of the application without pages refreshes or xmlHTTP requests. The power to visualize data sets, whether simple or complex, is a mostly overlooked feature when building applications, and the Adobe Flex 2 charting suite provides you with the ability to make your users much more productive at minimal development cost.

Have a look!

Just over a week ago, Rupesh Kumar, an engineer on the ColdFusion development team in India, posted a great tip for handling J2EE sessions with cookies disabled. Since my company's site requires cookies to be enabled to work (it's part of the service agreement since we're a subscription-based data provider), I haven't had to really worry about appending the session token to URLs. That being said, Rupesh's tip for seamlessly handling J2EE sessions in either situation is a nice little gem, and one I plan to start employing as I move forward. And the best part about it? The solution is a function that is already built into the ColdFusion language!

The URLSessionFormat() function is smart enough to determine whether or not cookies are enabled in the client's browser, and then append the session token (in the proper format) to the URL that is passed as its argument. Here's an example:

Here's the output with cookies enabled:

And here's the same exact code snippet with cookies disabled (tested using the awesome Web Developer Extension for Firefox):

How cool is that? Most importantly, notice that the jsessionid value is properly appended to the URL using a semi-colon. A lot of developers simply append the jsessionid as if it were just another URL parameter ("&jessionid=xxxxx"), but, as Rupesh points out in his post (and as it came up on a cf-talk thread recently), you must use the ";jessionid=xxxxx" format after the file name for the web server to properly process the request. Simply using the URLSessionFormat() function takes care of that for you.

It's amazing... Ten years in and I'm still learning new tricks all the time!

As a long-time ColdFusion developer, this announcement is one more point of frustration with the fact that ColdFusion seems to miss out on the larger audience exposure that its siblings seem to be enjoying. While this announcement seems to be in the context of promoting "Web 2.0" technologies (a Tim O'Reilly-coined term that I absolutely loathe, by the way), this seems like the type of agreement where letting ColdFusion ride the coattails of the Adobe Flex 2 marketing strategy could be a win-win for both sides.

Why? Well, you can't do a whole lot with Adobe Flex 2 if you don't have a server-side technology to do things like database querying, authorization/authentication, etc. It's a presentation layer technology (the "View" in the Model-View-Controller pattern for those wishing to be buzzword-compliant), and Adobe has been preaching for months now that the single easiest way to integrate Adobe Flex 2 with your back-end (the "Model") is via ColdFusion (in this case, the "Controller"). So why not add ColdFusion MX into this agreement and subsequently provide resources for showing just how smoothely integrated the two technologies are. You'd have the expertise of the Adobe ColdFusion team providing high-quality examples while the O'Reilly team provides the author/publishing/conference resources to expose this seamless integration to the masses. In return, O'Reilly gets an extremely passionate ColdFusion development community to support their efforts.

You almost literally can't find a competent developer who hasn't heard of or used an O'Reilly-published book -- they're everywhere and are usually excellent resources. While I know that they decided a while back not to publish a ColdFusion MX 7 book due to sluggish sales of the 6.1 version, there could have been alternative resources published with this agreement that might have focused even a small part of the spotlight on the power and ease of developing with ColdFusion (i.e., O'Reilly-backed articles, samples, etc.).

Adobe currently seems to have their marketing engine squarely focused on Adobe Flex 2 and ActionScript 3, as well they should. I just hope that the same zeal with which they're pursuing the growing rich internet application development community is equalled or surpassed with next year's ColdFusion 8, aka Scorpio, release.

Next steps for JRun and where it fits in the product calendar continue to be under discussion at the Product Manager level and such evaluation will be communicated to customers as soon as it becomes available.

I've felt for a few years now that JRun should have been end-of-life'd (is that even English?) as a standalone product. Frankly, it never has been terribly well supported (community-wise), and there was even one time where I called in a web connector bug and the engineer who literally wrote the code didn't understand what her code was doing!

I don't think it should be adandoned entirely though. Rather, I feel that any fixes and/or enhancements should be in the context of making complementary server products such as Adobe ColdFusion MX, Adobe LiveCycle, and Adobe Flex Data Services operate better.

If this is the end of the road for JRun, so long, and thanks. It's been a good (and sometimes frustrating) experience!

Double JSESSIONID Values Being Set

If you're using the Enterprise version of ColdFusion MX, you have the option of using the J2EE session variable mechanism rather than the built-in ColdFusion session variable mechanism. If you're not familiar with the difference, read this page in the LiveDocs to understand each option. I'll still be here when you get back -- don't worry.

Now that we're all back, the JSESSIONID is critical to ColdFusion being able to "look up" your stored session structure on each page request. And since I need to be able to replicate sessions in a cluster, which only J2EE session variables support, this is a must-use feature for me. However, when using the internal JRun web server (which you should only use for development), when you request your site's root (i.e., http://www.mysite.com/, ColdFusion wrongly sets two JSESSIONID values, which can cause it to "lose" your session scope on subsequent requests. Here is an example HTTP header that is set on an initial page request to a site root:

See the bug? There is a double Set-Cookie directive that sets not one, but two JSESSIONID values, effectively creating two sessions on your server for every one. This has a nasty side-effect in that more server resources are taken up per user because they technically have two sessions for every one, even though only one is actually used after the initial request. Interestingly, if I were to manually add the index.cfm page to the URL request, i.e., http://www.mysite.com/index.cfm, only one JSESSIONID value is set. So the bug occurs when requesting your site's root document without explicitly typing the desired CFM template. (And yes, if you note the Date value, you'll see just how long I've been trying to figure these bugs out!) Lastly, I should note that when I did a test in my MX 6.1 instance, the same bug exists there. So this isn't exclusive to CFMX 7.

Old DataDirect Drivers Ship with MX 7.0.2, Breaking Client Variable Updates

In my opinion, this bug (and yes, it's a bug) is the much bigger one of the two because this is one that will find its way out to a production environment if you're not aware of it, and has nothing to do with the web server being used. A long story short, Adobe ships the DataDirect 3.3 driver set in the 7.0.2 bits (released on 6/28 of this year), even though the 3.5 driver set was released as a TechNote last October. So much for the point releases being cumulative updates!

You might be wondering why this is such a big deal to me. Well, there are two reasons. First, we use Oracle 10g Release 2, which only the DataDirect 3.5 driver set supports. Second, it turns out that client variable records (in the CDATA and CGLOBAL tables) were not being updated, which meant that once you logged in to our web site (where a few client variables are set) and then clicked to a subsequent page, it would appear as if you had never logged in. The initial insert of the record was working fine (which you can see in the HTTP header sample I pasted above -- it's the CFID/CFTOKEN value), but any updates to the record would silently fail (I say "silently" because ColdFusion handles this for you under the hood, and it doesn't log anything when problems occur). I was going absolutely nuts trying to figure out why it wouldn't update, and the Spy feature of the JDBC drivers (described at the bottom of the aforementioned TechNote) simply wasn't working. After thinking and thinking and thinking, it belatedly occurred to me that the Spy features were only baked in to the 3.5 driver set. So, on a hunch, I ran the CF script below between my MX 6.1 instance (which was working perfectly fine) and the MX 7.0.2 instance to check the driver versions. (Note: The output is written to your log file, so your screen will be blank.)

The MX 6.1 results:

and the MX 7.0.2 results:

After seeing this, I swapped out the old 3.3.48 driver set with the 3.5.13 driver set and everything has been working without issue since.

If anybody on the Adobe ColdFusion team happens to read this, the installer bits need to be updated with the 3.5 driver set. If it passed your regression tests such that it was officially released as a TechNote, then all subsequent "cumulative" updaters and downloadable installers should contain the updated drivers. Further, the fact that the 3.3 drivers ship with MX 7.0.2 means that your System Requirements page is wrong because the 3.3 drivers do not work with Oracle 10g Release 2. Also, please don't call something "cumulative" if it is, in fact, not cumulative. Since I was under the impression that the Updaters were cumulative, it obviously wasn't my first thought to check the JDBC driver version for a regression. Now I need to go back and look at the web connector versions and other items to make sure that those were properly baked in to the latest release. Lastly, If you're not going to update the drivers, then you have to clearly state this in the Release Notes, as there was no mention of this whatsoever.

Anyway, I hope my two weeks of pure frustration helps somebody solve any related setup issues they might be having. Incidentally, my set is ColdFusion MX 7.0.2 on Red Hat Enterprise Linux 4.0 (SELinux turned off) using the internal JRun web server. The above bugs appear in my environment and I do not have a means of testing others. If you'd like to try and confirm these issues in other environments, go ahead and comment back here what you find.

Once last shout out to Jochem van Dieten for sticking with me on my forum thread on this subject. It was very much appreciated.