Security is a wide ranging topic which operates on many levels and covers many technologies. The technologies involved include networks, operating systems, database systems, and application servers as well as manual procedures.
Application level security in the context of Java EE applications is provided by web and EJB containers. This article by Michael Sikora will be mostly concerned with EJB container security. However, as EJBs are often invoked from the web-tier we will take a brief look at web container security later in this article.
We will cover the following topics:
- Java EE container security
The aim of this article by Javier Collado is to show how tasks may be automated using Python together with STAF (Software Testing Automation Framework) by means of an example. We will first see a problem and then derive its solution using classical Python-only as well as Python+STAF. The implementation of the solution will evolve in different stages. This will help us in comparing both the solution in terms of simplicity and efficiency.Read Automation with Python and STAF/STAX in full
This article by Tarek Ziadé focuses on a repeatable process to write and release Python packages. We will focus on how to install, uninstall, develop, test, register, and upload a package.Read Writing a Package in Python in full
The re-architecture approach reduces the mainframe costs and legacy risks by migrating the application off the mainframe and re-structuring it using all the modern software tools and capabilities at our disposal. However, this very process of re-structuring the application, and essentially re-building it using knowledge and business rules mined from existing code, introduces certain risks. How can we ensure that the new application maintains functional equivalence, and operational characteristics of the original? Can we meet the performance and scalability requirements not only of the current environment, but future growth needs as well? Can we deliver the new application within the time and budget constraints agreed to at the beginning of the project? The older the application, the larger its scope and volume of code, and the fewer original developers available, the higher these risks may be.
This article by Jason Williamson, Tom Laszewski and Mark Rakhmilevich, takes a look at an alternative approach that attempts to balance these risks in a different way. Re-host-based modernization approach is focused on migrating the application off the mainframe to a compatible software stack on an open-systems platform, preserving the language and middleware services on which the application has been built. It protects legacy investment by relying on a mainframe-compatible software stack to minimize any changes in the core application, and preserve the application's business logic intact, while running it on an open-system platform using more flexible and less expensive system infrastructure. It keeps open the customer's options for SOA enablement and re-architecture, by using an SOA-ready middleware stack to support Web services and ESB interfaces for re-hosted components. And using an extensible platform with transparent integration to J2EE components, BPM-based processes, and other key tools of the re-architecture approach means you can start to re-architect selected components at will, without requiring changes to the re-hosted services running the remainder of the business logic.Read Introduction to Re-Host based Modernization Using Tuxedo in full
Joomla!, a very popular content management system (CMS) is as you may know an easy-to-deploy-and-use content management system. This ease of use has lent itself to rapid growth of both the CMS and extensions for it. You can install it on almost any host, running Linux or Windows. This highly versatile software has found itself in such lofty places as large corporate web portals, and humble places such as the simple blog.
Joomla! itself is inherently safe, but misconfigurations of the CMS, vulnerable components, hosts that are poorly configured, and weak passwords can all contribute to the downfall of your site. Hence, it's always better to ensure the security of your site.
In this article by Tom Canavan, we will take a look at how SQL injection attacks can occur to your Joomla website, how we can test for SQL injection attacks, and how to stop SQL injection.
Read Preventing SQL Injection Attacks on your Joomla Websites in full
There are various types of Content Management Systems (CMS) which are widely used for building and managing a website. Although Zen Cart is very good for running an online shop, it cannot be used for building a company website. Your organization may have a website running a CMS, and as you are going to open an online shop, you may need to integrate Zen Cart with that existing CMS. In this article by Suhreed Sarkar, we will see how we can integrate Zen Cart with some of the existing Content Management SystemsRead Integrating Zen Cart with Content Management Systems in full
When query results exceed the display area then you resort to scrolling and wish you had some way to limit the number of results displayed and comfortable to view without scrolling. Paging functionality which provides an answer to this is therefore a much desired feature. The Data Pager Control in Visual Studio 2008 provides this functionality when you create an ASP.NET web form under .NET Framework 3.5. It can be configured automatically using the GUI, or it can be installed manually after installing the ListView. In this article both of them are described. While the number of items displayed in a list can be declaratively coded, it is possible to set it at page load time as well.
This article by Dr. Jayaram Krishnaswamy describes how you may connect to SQL Server 2008 and display the retrieved data in a ListView Control on a web page. The ListView Control is the only control in ASP.NET that supports the new ASP.NET control, the Data Pager Control. This article shows how the data from a table in SQL Server 2008 is displayed in the ListView and how the Data Pager is configured to cycle the List View items.Read Using the Data Pager Control in Visual Studio 2008 in full
ExpressionEngine comes with a built-in photo gallery module included as part of the purchase fee. With the prevalence of digital cameras, having a place to upload and share photos on your website is a great feature of ExpressionEngine. In this article by Leonard Murphy we will:
- Install the photo gallery module
- Design our photo gallery to fit in with the design of the rest of our site
- Make it easy to upload new photos, add comments and descriptions, and otherwise create a very functional gallery
On our website, we can have multiple photo galleries independent of each other (the photos are in a different folder; the gallery has a different URL) or we can have one gallery for all our photos, using categories to distinguish groups of related photos.
For the purposes of this article we are going to create only one photo gallery, but if desired the same principles can be followed again to create multiple galleries.
To keep our photo gallery visually interesting, we will be straying just slightly from our toast website theme, and will not be using our photo gallery to display slices of toast.
Let's get started!
A database must always be ACID (Atomicity, Consistency, Isolation, and Durability) compliant. Databases comply with ACID requirements through the concept of transactions. In this article by Jonathan Gardner, we will see the differences in the transaction model of PostgreSQL and Oracle. We will look into the details of how PostgreSQL handles transactions and how it can be advantageous over Oracle's Transaction Model.Read PostgreSQL's Transaction Model in full
A business process is a set of coordinated activities that are performed either by humans or by tools with an objective to realize a certain business result. The order of these activities and the efficiency of those who perform the activities determine the overall performance of a business process. It is very much in the interest of every company to have business processes that are efficient and include only necessary activities, because this will allow them to work faster and more efficiently. In this article by Matjaz B. Juric and Kapil Pant, we will look at business process modeling, the main objective of which is to develop a process model that defines the existing process flow in detail.Read Business Process Modeling in full
The first step in protecting web services is to authenticate and authorize the web service requests. Authentication in web services is the process of verifying that the user has valid credentials to access the web services and authorization is the process of validating that the authenticated user has appropriate privileges to access the web services. Besides restricting access to users with valid credentials and proper privileges, Oracle WSM can track who accessed which service and when—to provide detailed audit trails. In this article, Sitaraman Lakshminarayanan explores how Oracle Web Services Manager can be leveraged to authenticate and authorize the web services requests.Read Oracle Web Services Manager: Authentication and Authorization in full
Tetris is a classic game. In this article by Stefan Björnander, we will develop a version very similar to the original version. Seven figures of different shapes and colors fall down and the player's job is to move and rotate them into positions so that as many rows as possible are completely filled. When a row is filled, it disappears. Every removed row gives one point.Read Application Development in Visual C++ - The Tetris Application in full
Knowing where something isn't can be almost as valuable as knowing where something is. If it isn't there, then the time and resources aren't wasted looking in the wrong place. We need to make sure that we have a broad base of methods to manage our future search capabilities. In this article by John Farrar, we will be discussing about the built-in search engine and the custom search engines (Google) in ColdFusion.Read Search Engines in ColdFusion in full
In general, once the FreeNAS server is configured and running, it doesn't really need much attention, it should just work. However, there are lots of different features which can be configured. In this article by Gary Sims, we will see how user management is done in FreeNAS.Read Local User Management in FreeNAS in full
The thought of creating your first skin may be intimidating. You may believe that there are steps that will have to be done just right or there's no point even getting started. The fact is that once you understand some simple concepts, skinning is relatively easy. Ultimately, you will need to know your HTML and CSS markup and styling, but that is common in any type of web design you would do anywhere. This article by Darren Neese is geared toward those who have never created a skin, and it will get you over any anxiety you thought you had about creating a skin.Read DotNetNuke Skinning: Creating Your First Skin in full