- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Hey, I would have done it for them from scratch... and I'd only have billed a single million...
Admin
(psst. Lucky for Accenture that they executed their name change and shed their original name not long after they were spun out from Arthur Andersen, which "imploded in a wave of accounting scandals")
:-)
Admin
They definitely didn't do that. The session ID is actually the stuff after the underscore.
Admin
It's not the session ID, it's the session....
Admin
This is a fake...obviously generated...
Admin
When they came to talk to us to tell us how fabulous they were, they explained that the rebranding people decided that the best words to describe their new direction was "an accent on the future" and thus "accenture" was born, complete with sideways ^.
Admin
Actually they converted it to hex to pass it through the enigma cipher.
Admin
You forgot to consider quantum mechanics. Each of these atoms consists of even smaller particles, which might be in a quantum superposition where they create a new session and in the same time do not create a new session; to measure the actual state, you have to reboot the server and see if a session dies or not. Yeah, that's a lot of possible superpositions, hence the long session id.
Admin
Should've outsourced it to India.
They could've gotten a site at least as good for under 1M euros.
Seriously, why would it cost even 60M euros to write a web portal?!?!
Didn't the government think this was a bit high?
I guess they don't give a darn if they waste taxpayers money anyway so they were willing to shell out 60M eorus but maybe they couldn't justify the 150%+ increase in price when Accenture 150M.
Admin
One of these... > ?
(Sorry, couldn't resist. ;-)
Admin
VB stands for Virtual Borland, not Visual Basic
Admin
To put that 1.6e8 Euros in the right context, only a part of that money was spent on the website; the internal IT of the "Bundesagentur für Arbeit" has also been renewed. Also included is some kind of spider (called "Jobroboter") that seeks vacancies on corporate websites.
Admin
Accenture - pronounced "ass enter"
Admin
Admin
Admin
I presume this spider requires all vacancies be listed in a strict XML format on every website with large fines for any company that lists a job opening in any other format.
I just cannot imagine a government doing anything that doesn't require a lot of red tape for someone to deal with.
Admin
For those of us living Stateside, that would make about $195,216,000 (courtesy of Google - yes, it does currency conversions, too). I could buy a lot of HDTV's with that....
Admin
What does it mean when a line is indented by 892 tabs? I can imagine a good portion of code inspection time debating whether it should be 894.
And this isn't the first boondoggle for the company. They bodged a contract with the Ontario (Canada) government a few years ago.
http://www.canadiansocialresearch.net/onbkmrk.htm#Andersen
Admin
<font size="5">I</font> like the list of meta keywords on their page. I'm sure that
Ausbildungsbedingungen and Zugangsvoraussetzungen are typed in
several times a day by people looking for thia site.
Admin
Wow. This is actually a lot like what I sent in today, except multiplied by a thousand.
GET parameters should come with some kind of warning label.
Admin
Admin
That looks like an IOR (CORBA object handle in string form), an underscore, and a UUID to me.
Admin
Your Tax Euros At Work Folks!
Seriously, for that kind of money the only "enterprise" thing I'd wanna see is of the friggin "starship" variation...
Admin
I don't speak german so I don't know exactly what's going on at that site and I may be missing a lot of the functionality, but from what I see I wouldn't have quoted more than a few thousand $ for that website.
So, umm, how do I go about winning bids for $200,000,000 projects that I can finish single handedly in a couple of weeks? What a crock...
Admin
I worked for SBC a while back and they brought Accenture (This was actually during their name transition) in to consult on a project. I was 22 or so at the time and so was everyone that Accenture sent our way. Most of them had chemical engineering degrees or accounting degrees. They were not programmers by trade, but they were being trained to do it Accenture's way.
Well, the VPs at SBC finally bitched and moaned enough that Accenture sent out some real developers and architects (btw...everyone has the title "architect" of some sort there...or so it seemed), but of course, those people cost more. So, the project was 8 months behind schedule at the 1 year mark (no kidding), and we were no closer to a solution at the 14 month mark. I left at the 18 month mark and the first iteration was almost done, a full 13 months behind schedule. Money well spent indeed.
Admin
I see their problem! They've got letters mixed up with their numbers!
Admin
they seem to be charging about $200,000,000 for every enterprise-artwork they create.
i sure would like to see their enterprisey $200,000,000 - 'hello world' - app.
the customer would have to pay $18,181,818 per character - now that's posh !
Admin
I am so relieved to see that Accenture is still capable of wrapping up simple problems in complexity enough to bamboozle what's left of IT intelligence inside government.
Admin
so. 160.000.000€... that's enough money to buy all good-looking girls of east-europe and create the largest porn-site ever. so we germans could earn enough money to build a rocket that brings all that unemployed crap and all those Accenture-guys up to f**king mars and store them there, where they belong.
damn. the real WTF in here is, why my fellows did elect that merkel-tussie and not me. i think i have better future-visions and i know how to get rid of all those burglars.
VOTE FOR ME!
Admin
<FONT face=Georgia>I don't think we realize the magnitude of what we're witnessing here. This is truly the new benchmark by which all other Enterprise solutions will be measured. We're watching history in the making, folks. [<:o)]</FONT>
Admin
It looks like some object has been serialized(maybe even encrypted afterwards), and added just before the session ID.
Maybe they wantd to pioneer a session without having anything on the server for longer than the request handling.
But the real WTF is that they put it INTO a COOKIE ALSO.
Admin
<FONT face=Georgia> > Accenture 's recent <a href="http://www.e-health-insider.com/news/item.cfm?ID=1795">struggles</a> wouldn't have anything to do with shoddy products, right?</FONT>
Admin
I tend to think you are completely correct, sir. =)
-dave-
Admin
Sorry, but that's not a WTF. I'm sure that, being an Accenture job, there's lots of WTF to be had, but this one simply isn't among them.
Privacy laws surrounding government web sites border on the paranoid. It is often a requirement that all cookies, not just persistent cookies, be disabled in the web server.
In order to preserve session state, Tomcat (and every other web application engine) needs a session cookie that uniquely identifies the user's session. Tomcat has a feature whereby if the client doesn't accept session cookies or the server is configured not to send them, it will instead encode the session ID in the URL of all links that refer back to the application. The programmer needs to do a little work to ensure that this occurs each and every time, but it is possible to write a complete enterprise-class web application without ever sending a cookie back to the client.
That explains why the session ID is encoded in the URL. Now for why the session ID is so large...
The back-end application server is the Borland Enterprise Server. I can't tell if they're using CORBA or EJB technology, but the encoded session ID contains enough information for the Apache web server IIOP plug-in provided by Borland to route the request back to the same application instance that served the previous request.
In a clustered environment, you could have requests serviced by any one of (for example) eight machines. If you hit a different back-end server every time you submit a request to the application, each server would have to take time to load your session from a persistent store before it even thought about servicing the request. This incurs a severe performance penalty as you would have only a 12.5% chance that your next request would be serviced by the same server that serviced the previous request. When you hit the same server on the current request that you did on the previous, your session is likely still in memory and the "reload session" performance hit is eliminated. In order to locate the same application instance that you used last time, the server name, cluster name, and Tomcat instance name all need to be encoded in the URL. In the event that your application instance can't be located (e.g. hardware failure), the IIOP plug-in will happily reroute your request to another server in the cluster, which will then rewrite your session ID to reflect the fact that the application instance has changed.
As much as it pains me to say this about Accenture, this is actually an example of good design as far as clustering and session management go. Based on the performance of the application, I'm sure there's a lot of real WTF behind the scenes, but not because of these session IDs.
Admin
that's the price of OSS
Admin
Yeah..this happens when you give contract to the famous T-Systems company...one of the top-5 software
and system companies in Germany.
Admin
That made my day... First time I actually laughed out loud while reading TDWTF.
Admin
Wow, how advanced. "Lowly" PHP can do that automagically and it doesn't even claim to be an enterprise-class platform.
And by the way, "enterprise"? That must be the greatest buzzword of all times...
Admin
I don't see what the fuss is about; we needed to store the session data, and when you cluster you can't store it one the server... has to go somewhere...
Admin
So? DailyWTF encrypts their forums with The Word That Shall Not Be Named Starting With J.
Admin
It means they're using the Whitespace language to do more enterprise-ness.
http://compsoc.dur.ac.uk/whitespace/.
Admin
Well, if you're in Britain, you get yourself onto the government's "preferred list" of suppliers ("preferred" is an understatement - government aren't actually allowed to look elsewhere) and then you pay lobbyists large amounts of money to encourage the government to introduce lots of shiny new IT schemes in almost every department - even creating new ones to keep the ball rolling (qv. ID cards) if necessary, and regardless of need or past experience - which will then come back to you in the form of obscenely lucrative contracts for piss-poor work.
Like stealing candy from a baby, really. If you have the right friends.
(And people wonder why I'm an anarchist...)
Admin
I went for a job at Accenture once, I was lucky enough not to get it.
Admin
Well, if you're in Britain, you get yourself onto the government's "preferred list" of suppliers ("preferred" is an understatement - government aren't actually allowed to look elsewhere) and then you pay lobbyists large amounts of money to encourage the government to introduce lots of shiny new IT schemes in almost every department - even creating new ones to keep the ball rolling (qv. ID cards) if necessary, and regardless of need or past experience - which will then come back to you in the form of obscenely lucrative contracts for piss-poor work.
Like the NHS IT system? Which is an Accenture CONtract.
CAPTCHA - enterprise.
Admin
Admin
VB's most likely for VisiBroker, Borland's CORBA implementation
Admin
Speaking about the "Arbeitsagentur" that reminds me of a "bug" a site from the "Arbeitsamt" once had.
In the job description pages were images. Ok, thats nothing wrong with it but the url to every description had the path to the image and the name of the job. So you could change both to whatevery you want, no check for correct name and path were done. Too bad they changed it shortly after it was found... but we had some fun before that :D
Admin
BTW, WTF ... why the heck doesn't that captcha thingy work?!?
Admin
Directly from the html:
That comment says something like: This file can only be accessed locally, please ignore errors on other machines.Admin
Well, actually, yes, the session + session ID stuff is generated... By that server they have at the "Bundesagentur für Arbeit". In fact you can generate this data yourself: Just go there and surf a just a little bit...
So sad...