Best approach to create a security environment in Java

Similar Messages

• Best Approach to create Security / Authorization Schema for an APEX Apps

  Hi,
  I am planning to create a Security / Authorization Schema for an APEX Application.
  Just want to know what is the best approach to create the security feature in APEX, so that it should be re-used in other APEXApplications too..
  I am looking for following features...
  1. users LOGIN and then user's name is stored in APEX_USER...
  2. Based on the user, I want to restrict the Application on following levels.
  - TABS
  - TABS - Page1 (Report
  - Page2 (Form)
  - Page2 (Region1)
  - Page2 (Region1, Button1)
  - Page2 (Region1, Items,....)
  AND so on.....basically depending on user....he will have access to certain TABS, Pages, Regions, Buttons, Items...
  I know, we have to create the Authorization Schema for this and then attach these Authorization Schema to the different Level we want.
  My Question is, what should be the TABLE structure to capture these info for each user...where we will say...this USER will have following access...AND then we create Authorization Schema from this table...
  Also what should be the FRONT end, we should have to enter these detail...
  SO, wondering, lot of people may already have implemented this feature....so if guys can provide the BEST Approach (re-usable for other APEX Application)....that will be really nice..
  Thanks,
  Deepak

  Hi Raghu,
  thanks for the detial info.
  so that means..I should have 2 table...
  master table (2 columns - username, password)
          username    password
     user1       xxxx
     user2       xxxx2nd table (2 columns - username, chq_disp_option)
  - In this table, we don't have Y/N Flag you mentioned..
  - If we have to enter all the regions/tabs/pages in the Applications here or just those regions/tabs/pages for which are conditionally diaplayed.
  - so that means in all the Pages/Regions/tabs/items in the entire Application, we have to call the Conditionally display..
  - suppose we have 3 tabs, 5 pages, 6 regions, 15 items..that means in this table we have to enter (3+5+6+15) = 29 records for each individual users..
            username    chq_disp_option
     user1       re_region1
     user1       re_region2
     user1       tb_main
     user1       Page1
     user1       Page5
     ----        ----     - how you are defining unique name for Regions..i mean in static ID or the Title
  - is the unique name for tab & item is same as the TAB_NAME (T_HOME) & Item Name (P1_ITEM1) or you are defining somewhere else.
  Thanks,
  Deepak

• Best approach to creating a TOC for product catalog using data merge

  What is the best approach for creating a TOC for a product catalog (over 1,000 items) using Data Merge?
  The TOC would contain the product Categories. 
  So for example, Category A items could go from pages 1 - 3, and Category B items would start at pg 4, but if new items were added to Category A, then Category B may start from pg 6. 
  From the Data Source, there are 5 Data Fields I've chosen to be displayed.  If this were a regular digital print document, I could use the Paragraph Style method for creating a TOC, but if I make any one of the Data Fields a certain Paragraph Style and use that for the TOC, it'll populate the TOC with that Data Field for all the items. 
  Any suggestions?

  Peter Spier wrote:
  TOC is not interactive in the ID file, though it can be in a PDF that you export (there's a checkbox to create PDF bookmarks). You might want to think about using Cross-references (rather than hyperlinks, I think) to build the TOC. You have to do it manually, but once done it should maintain itself, whereas a TOC is built automatically, but must be regenerated after you edit the doc.
  One caveat witih TOCs created from cross-references: Although changing the text of an x-ref source paragraph (for example from "Patatas and tamatas" to "Tomatoes and Potatoes,"and/or when the source paragraph flows to the next or previous page) update automatically or when invoking "Update cross-references," MOVING a cross-reference source paragraph to a location before or after another source paragraph, does not change their sequence in the pseudo-TOC. You'll need to manually move the reference in the pseudo-TOC to the correct position in the sequence of cross-refs. So, put the task of checking the order of x-refs in the pseudo-TOC on your before hand-off check list.
  HTH
  Regards,
  Peter
  Peter Gold
  KnowHow ProServices

• Best approach -To create RTF template having more than 50 tables.

  Hi All,
  Need your help.I am new to BI publisher. Currently we are using BIP 11g.
  I want to develop.rtf template having lots of layout and images.
  Data is coming from different tables (example : pulling from around 40 tables). When i tried to pull data from 5 tables by joining tables. It takes more time using data model in BI publisher 11g saved in xml and used in word doc.
  Could you please suggest best approach  weather i need to develop .rtf template via data model or query to generate a report.
  Also please suggest / guide me .
  Regards & Thanks in advance.

  it's very specific requirements
  first of all it's relate to logic behind
  as example 50 tables are related ? or 50 independent tables ? or may be 5 related and another independent ?
  based on relation of tables you create sql statement(s)
  how many sql statement(s) you'll have lead to identify ways to get data, as example, by package or trigger etc
  kim size of resulting select statement(s)
  if size say 1mb it's must be fast to get report but for 1000mb it can consume many time
  also kim what time it's not only to select data but to merge data and template
  looks like experimenting and knowing full logic of report is only ways to get needed output in projection of data and time

• Best approach to creating layouts and design pages for windows store 8.1 applications?

  Hi Everybody,
  Actually I want to design pages for windows store 8.1 applications which are compatible for all windows phone with different resolutions. I want best approach for designing pages, currently I am using * type divisions and designing the pages rather than
  that is there any best approach?

  Here is another some helpful docs:
  Laying out an app page
  Laying out your UI (HTML)
  Laying out your UI (XAML)
  Navigation design patterns
  Choosing a layout (HTML)
  Command design patterns
  Guidelines for advertising
  Guidelines for multiple windows
  Guidelines for projection manager
  Guidelines for resizing windows to tall and narrow layouts
  Guidelines for scaling to pixel density
  Guidelines for window sizes and scaling to screens
  Hope helps.
  --James
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Question on best approach to create sales orders in R3

  Hi
     We have a scenario wherein XI should read data for sales orders from a SQL server DB and then map this information onto an IDOC and post to R3. Now, there is some information needed to fill in some segments of the idoc - that has to be looked up from a lookup table in R3 itself.
  One of the ways to do this is use BPM and do a synchronous lookup to R3 ( or a rfc lookup directly from the mapping in XI ) , build the IDOC and then use idoc adapter from XI to post to R3.
  Another approach - we were thinking of is use an ABAP proxy - and within the proxy - do the lookup- build the idoc segments and then use MASTER_IDOC_DISTRIBUTE function module to create the idoc ? This way, we will avoid the rfc lookups to R3 from XI.
  ( Use of idoc inbound user exit to do the lookup is not feasible in our environment )
  Any thoughts on whether the second approach can be used and pros and cons on the two approaches ?

  Hi
  I would have chosen ABAP proxy approach reason is it is allowing me only one touch point to make changes. With this performance is better. Steps are less as in case of BPM performance is less compared to proxy and i have to do additional effort to do RFC lookup to read the table from R/3.
  Even looking at future support perspective its easy to maintain the proxy interface and enhancements can also be addressed in easily.
  Thanks
  Gaurav

• Best Approach to create LDAP structure in OID

  We are currently in the process to create LDAP schema and structure in OID 11g. This schema and structure in OID will be then used by Oracle products such as OIM, OES, OAM and others to perform user authentication, coarse grained authorization, fine grained authorizaiton, attribute mappings, etc.
  I wanted to know if there is any Best Practices approach/guidelines we can use to define this schema and structure now so we don't encounter any obstacles and limitations while using OIM, OAM and OES.
  Will appreciate quick response.
  Thanks!

  I understand that the LDAP structure design depends on the business goals and requirements and we are defnitely building the schema in that lines. But the thing we want to make sure is how flexible are the products like OIM, OAM and OES to provide user authentication(if the user is deep down in the tree), authorization (if the user needs to be authorized to services having attributes deep down in the tree), mapping complex relationships and permissions in conjunction with OID.
  I think the other way of asking this question would be what we should take into consideration while designing the LDAP structure in OID as the backend LDAP store and what things we should leave whille designing LDAP structure in OID that could be considered while designing the authentication, authorization process in OIM, OAM and OES.
  Our goal is to keep the LDAP structure simple and flexible but at the sametime use OAM, OES and OIM at their best capabilities to serve our purpose without lot of customizations required.
  Thanks!

• Best approach to create Package Structure and .content.xml

  I am aware that we have a schem.xsd for generic package content.xml creation and neither do vault.xml and other associated xml files in the META-INF folder of the package.
  I want to know if there is some recommended approach to build the package and xml files, specifically content.xml programmatically on the file system. I know that we can use package manager (API not the GUI/screen) but that comes into picture when the folder structure and xmls files are created. I am interested to know a standard procedure of acceptable procedures to build the structure. I have seen folks use JDom/SAX etc to build this and even velocity to try it out using templates but that looks largely as a workaround. Can anyone help with some inputs on this?

  We've been successful at using ANT as a Build tool to run XSLT 2.0 using the Saxon XSL processor.  We have processed both CSV and XML files into packages.  This started out pretty simply, but grew more complex than initially thought.  There are a lot of subtlties that can be overlooked in the package format.  Also if your filters aren't right it will happily delete a lot of data.  Thankfully it appears uninstalling can recover these most times, but I'd recommend testing packages on a throw away instance.
  I've posted an example Ant + XSL that goes from CSV > XML > Many XML Files > CRX Package Zip: https://github.com/odu/crx-package-xsl-example.  There is also some info on some of the complexities of a package mentioned on that page that may be helpful, even if Ant / XSL isn't your route.
  Can you share more about your use for building a package, what format is the source data in, etc?  This example is really only useful for batch loading.

• Best Approach for Creating an Extract File?

  Now that we are switching to PeopleSoft, I need to create a file each week based upon data in PeopelSoft that is modified before being written to the file. What is considered the best way to do this? Write some PS SQR, App Engine program? Batch program in Java (I'd be abel to do this the fastest but maybe it is not the best choice). I don't really know what to do, as I've never extracted data from PS before. Thanks.
  Ken

  I recommend creating an Application Engine and using a File Layout.
  Here is the [PeopleBooks information on File Layouts with the File API|http://download.oracle.com/docs/cd/E13292_01/pt849pbr0/eng/psbooks/tpcr/htm/tpcr17.htm#g037ee99c9453fb39_ef90c_10c791ddc07__1454] . PeopleBooks has some pretty decent [code examples|http://download.oracle.com/docs/cd/E13292_01/pt849pbr0/eng/psbooks/tpcr/htm/tpcr17.htm#g037ee99c9453fb39_ef90c_10c791ddc07__1429] . In particular, look at the WriteRecord example.
  One of the advantages to a file layout is that you just define what fields you want in the file, and the PeopleCode takes care of formating the file. To create the file layout definition, you will be adding a new definition in Application Designer --> File > New ... File Layout. Here is [some information in PeopleBooks|http://download.oracle.com/docs/cd/E13292_01/pt849pbr0/eng/psbooks/tapd/htm/tapd21.htm#g037ee99c9453fb39_ef90c_10c791ddc07__7705] about that part. You set the file type (CSV, Flat, or XML) on the File Layout properties (click the properties button on the toolbar). If you have a Record definition in the system that resembles the format (# of fields) in the file, you can just insert that record into the File Layout. Otherwise, you have to insert the fields one by one. For each field, double click on the field name to set the properties for the field such as the position in a flat file or the tag name for an XML file.
  In the Application Engine, you will do most of the work in a PeopleCode action. If you don't already have all of the data in one table, I recommend creating a Staging table (staging record). Then, add a step to the App Engine program and a SQL action or two that will load all your data into that one staging table.
  In your PeopleCode action, you will use PeopleCode's SQL object to loop through the rows of the staging table. This is in the WriteRecord example, but here is the [SQL object documentation|http://download.oracle.com/docs/cd/E13292_01/pt849pbr0/eng/psbooks/tpcr/htm/tpcr39.htm#g037ee99c9453fb39_ef90c_10c791ddc07__1848] for more information.
  I hope I have pointed you to enough resources to help you figure it out. Post back more questions if anything is unclear or you get stuck.

• Best practice/howto create extendable, modular, client-distributed java app

  Hi!
  I was adviced to re-post here, following advice from this post http://forums.sun.com/thread.jspa?messageID=10611662
  I'll try to be consise, here's what I wonder about:
  The application:
  I am writing an application which I plan to offer for download and easy installation to end-users. The application will offer a set of services to the user. It is designed to run in the background on the desktop with a tray icon for easy administration.
  What I need help with:
  I am trying to make this application modular. E.g so that I can offer new services/extensions to the application for download at a later time. The user should then only need to download the new "plug-in" or module, install it on his computer with minimum effort and it should be plugged into the already installed application.
  The question:
  What is the "best / easiest" way of doing this?
  I have been looking into the OSGi frameworks out there e.g. Knopflerfish and Equinox and have started reading about JPF the "Java Plug-in Framework"
  I also just came across Platonos Plugin Engine
  What I want is a solution which does not create a huge code overhead or is difficult to use, I want to keep it simple, both for me as developer and especially the user, is this possible?
  - Looking forward to some input!

  genernic wrote:
  What I want is a solution which does not create a huge code overhead or is difficult to use, I want to keep it simple, both for me as developer and especially the user, is this possible?For the user? Certainly. For you, the developer? Not so much. Writing software is difficult, that's all there is to it. Frameworks like Equinox (Actually, Eclipse RCP might well be right up your street) do indeed relieve you of some of the burden of, say, writing a plugin mechanism, but they come with their own learning curve. They won't just do it for you, with a couple of easy clicks of a button. Generally, the easier you make things on your user, the more pain it is for you as a developer.
  Eclipse RCP gives you some good wizards for getting started, but you'll still need to get an understanding of what's going on, or you'll be stuck when you hit a problem.

• What's a best tool to create a site web with java?

  hi.
  I create a web application with servlet,but i serach which a best tool to make an interface site outher to html.and which uses a java.
  i read that is there a javascript,javaFX but idon'tknow.
  can one help me,please?

  Oh, you wanted an alternative to HTML? Javascript isn't. It's just supplemental.
  There's no real alternative to HTML. You can use Flash, JavaFX or Silverlight, but either you still need to embed it in a HTML page or it (auto)generates plain HTML.
  As I don't have practical experience with JavaFX, I can't tell when it will be "perfect" for a web application.
  There's a JavaFX subforum out here, try browsing it, there are fairly a lot of "JavaFX or not?" topics there.

• What is the best approach to capture TBOM's for a SAP SRM system/functionality?

  Hello SCN Community,
  It would be much appreciated if somebody could share some information about the following....
  What is the best approach to create TBOM's for a SAP SRM system? The SRM functionality is basically consisting out of multiple ABAP Web Dynpro's that are connected as a process via a SAP Portal (as is understand it). The entrypint to the SRM functionality is via the SAP Portal.
  Do I first have to create a link to the Portal via an SAP Web Application link in SOLAR01 and then start recording? Will it record only the portal objects or also the ABAP Web Dynpro objects?
  Do I have to list all the separate ABAP Web Dynpro's in SOLAR01 and use those as a starting point?
  I am myself more familair with more classical SAP ABAP ECC systems and transactions.  I could hardly find any information on the use of BPCA and the required TBOM's in the area of SRM.... Any help would be much appreciated!
  Kind Regards,
  Guido Jacobs

  Hi Guido,
  today was a new blog released, maybe this helps:
  BPCA - Powerful Risk Eliminator
  Best Regards,
  Christoph

• How do I make a "security environment"?

  I need to do something I don't even know if is possible..
  We have a code that handle crypted data, and we have another software that is open source and need to manipulate this data, both are desktop stand alone softwares.
  I'm wondering, is there a way to create a "secure environment" to use the open source software as a plugin, restricting this software's access do external world (I don't want it to externalize my decrypted data)?
  Any help would be appreciated.

  You can install a home grown SecurityManager in your main application. Whatever security policy you define for that SecurityManager will apply to plugins and libraries. You can forbid socket access, file access, system properties etc etc.
  You have a steep learning curve. A starting point is [http://java.sun.com/docs/books/tutorial/security/tour2/step2.html|http://java.sun.com/docs/books/tutorial/security/tour2/step2.html].

• Hi, we need to create the test environment from our production for oracle AP Imaging. we have soa,ipm,ucm and capture managed servers in our weblogic. can anyone tell me what is the best way to clone the environment, can I just tar the weblogic file syste

  Hi, we need to create the test environment from our production for oracle AP Imaging. we have soa,ipm,ucm and capture managed servers in our weblogic..
  Can anyone tell me what is the best way to cloning the application from different environment, the test and production are in different physical server.
  Can I just tar the weblogic file system and untar it to the new server and make the necessary changes?
  Can anyone share their experiences and how to with me?
  Thank in advance.
  Katherine

  Hi Katherine,
  yes and no . You need as well weblogic + soa files as the database schemas (soa_infra, mds...).
  Please refer to the AMIS Blog: https://technology.amis.nl/2011/08/11/clone-your-oracle-fmw-soa-suite-11g/
  HTH
  Borys

• Best approach to exporting and importing an environment

  Client is on 11.1.0.7. Windows 2008 R1. We have a need to export an environment that is using ASM and import that environment to another server that is not using ASM. Environment name will stay the same. Was hoping to get some advice on best approach for this and what would be involved. Thanks in advance.

  ...a need to export an environment...What do you mean by that? Are you referring to moving the data only or physically migrating the database? How big is the data/database size?
  If you only need to move data, export/import is transparent from ASM environment. If you need to migrate physical database from ASM to non-ASM in the same platform, you can use RMAN utility.