Several questions about Application Security

Similar Messages

• Several Questions about upgrading APEX

  Hello,
  I a several questions about upgrading APEX.
  I want to upgrade my APEX 2.0 to 2.2 and hopefully in a few month to 3.0.
  Is there a How To about upgrading APEX?
  What would happen to my applications?
  Would there be any problems about the applications when the APEX version is upgraded to another version?
  Thank you,
  Tim

  Tim,
  Yes there is (detailed) upgrade documentation provided with the upgrade itself, which you should definitely look through. The 2.2 and 2.2.1 releases are currently available here -
  http://www.oracle.com/technology/products/database/application_express/index.html
  You applications will be 'upgraded' as part of the upgrade process (i.e. they will continue to work with the new software once the upgrade is complete).

• Questions about application server architecture

  Hello guys,
  I have few questions about application server architecture�
  I have a task to build a server application which will do the following: Clients (special java clients) will connect to it and send some data for further processing on server side. Chunks of data will be relatively small but they will take a lot of time for processing (it is ok that it will be quite slow).
  Also server will run some sort of �database� where all clients� working data will be stored. So, in case a client loses its data he/she is always able to download it from the server.
  For me it seems, like server will consist of the following components:
  1. �Reception�. This part will be responsible for all client-communication procedures.
  2. �Data storage�. This part will simply store all clients� data and provide some API interface for clients through �reception� to manage it (add/get/delete and so on).
  3. �Processor�. Some sort of dummy-sophisticated module. It will take some input data from �data storage� when it receives order for this and process it. �Processor� will have two states: �busy� which means �processor� processing some data and �available� which means �processor� ready to process new data.
  4. �Manager�. This part will always check �data storage� for new data and �processor� for availability. When �processor� and new data are available �manager� will make an order for �processor� to take new data from �data storage� and process it.
  So, my question is the following: Which technology and approaches I should use to realize my plan?
  I think that I can make �reception� as a Session Bean, but I don�t know yet, what are the best for the rest, for example �manager� and �processor�. I was thinking about writing my own application server (and I can do it), but I would like to learn j2ee technologies, so I think it is a perfect chance for me (I read a lot about j2ee before I wrote this post, but all examples have only �account�-�bill�-�money transfer� I think it is quite far away from reality or I am doing something wrong ;-)!
  p.s. I am thinking about using JBoss as an Application Server. I tested it and wrote some tests. They work and run fast enough, so I like it. Moreover it has module architecture.
  Please, give me some advises and tips!
  Thank you in advance!

  1. �Reception�. This part will be responsible for all
  client-communication procedures.Session bean with remote interface.
  2. �Data storage�. This part will simply store all
  clients� data and provide some API interface for
  clients through �reception� to manage it
  (add/get/delete and so on).Session bean that will use entity beans or hibernate to work with persistant data.
  3. �Processor�. Some sort of dummy-sophisticated
  module.Use a message driven bean. Make Reception to enqueue a message when new data is available for processing. Processor will process the data and store the resut in database using Data Storage session bean.
  4. �Manager�. This part will always check �data
  storage� for new data and �processor� for
  availability. When �processor� and new data are
  available �manager� will make an order for
  �processor� to take new data from �data storage� and
  process it.It's redundand component, because application server will manage messages and processors.

• Several questions about oracle ASM in 11gR2.

  Hi, all.
  The db is 11.2.0.3 on a linux machine.
  I have several questions about oracle ASM functionality.
  1. V$ASM_DISKGROUP.ALLOCATION_UNIT_SIZE is the stripe size in bytes??
  2. V$ASM_DISK.DISK_NUMBER is unique to a physical disk??
  3. if the second question is the case,
  disk_number=0 (a physical disk) has 14 partition on it.
  And each partition belongs to several diskgroups.
  Is ths right??
  with q1 as (
       select /*+ use_hash(b,a) */
            disk_number,b.group_number,b.name,a.path,sum(os_mb) tot_size ,count(*) cnt
       from v$asm_disk a, v$asm_diskgroup b
       where a.group_number=b.group_number
       group by disk_number,b.group_number,b.name,a.path
       order by disk_number,b.group_number,b.name
  select disk_number,group_number,name,path,tot_size,
         sum(tot_size) over (partition by disk_number) disk_size,
         sum(cnt) over (partition by disk_number) parition_cnt_per_disk
    from q1
    order by q1.disk_number,group_number
  DISK_NUMBER     GROUP_NUMBER     NAME     PATH     TOT_SIZE     DISK_SIZE     PARITION_CNT_PER_DISK
  0     1     ARCH     /dev/raw/raw100     53256     454460     14
  0     2     AAAREDO1     /dev/raw/raw111     10240     454460     14
  0     3     AAAREDO2     /dev/raw/raw113     10240     454460     14
  0     4     CRS     /dev/raw/raw83     3000     454460     14
  0     5     BBBDATA1     /dev/raw/raw10     50232     454460     14
  0     6     BBBDATA2     /dev/raw/raw41     50232     454460     14
  0     7     BBBREDO1     /dev/raw/raw1     10240     454460     14
  0     8     BBBREDO2     /dev/raw/raw3     10240     454460     14
  0     9     CCCDATA1     /dev/raw/raw75     76400     454460     14
  0     10     CCCDATA2     /dev/raw/raw165     51300     454460     14
  0     11     CCCREDO1     /dev/raw/raw118     10240     454460     14
  0     12     CCCREDO2     /dev/raw/raw120     10240     454460     14
  0     13     CCCDATA1     /dev/raw/raw125     51300     454460     14
  0     14     BBBDDATA     /dev/raw/raw71     57300     454460     14
  .Thanks in advance..
  Best Regards.
  Edited by: 869578 on 2012. 12. 23 오후 10:05

  1. No. The stripe size always equals 128 KB in any configuration.
  (http://docs.oracle.com/cd/E11882_01/server.112/e18951/asmcon.htm#BABCGDBF)That is not a true statement. Please read the document, the stripe size depends upon what method of striping we using (fine-grained or coarse-grained)
  --from the same oracle document:
  To stripe data, Oracle ASM separates files into stripes and spreads data evenly across all of the disks in a disk group. The fine-grained stripe size always equals 128 KB in any configuration; this provides lower I/O latency for small I/O operations. The coarse-grained stripe size is always equal to the AU size (not the data extent size).
  --are we using fine grained or coarse-grained ? and how to change the striping method (using TEMPLATES)
  http://docs.oracle.com/cd/E11882_01/server.112/e16102/asmfiles.htm#g2223792
  also see following:
  http://oracletechlovers.blogspot.com/2012/06/asm-differences-between-corse-and-fine.html

• Satellite U405D - Several questions about overheat/disassembly/upgrade etc.

  Hi there,
  I have several questions about my one year old Satellite U405D-S2910
  1- When it works, after 2-3 hours (I usually run small programs like safari, msn messenger and bsplayer) CPU gets 85-90 C (178-188 F). When I play Age of Empires 2 (Come on, its an ancient game) like 2-3 hours it shuts down itself. What could be the possible reason?? By the way, let me inform you about the climate of the town I live, temp 30C - humidity 25-35% (nowadays).
  ps. Cpu= AMD Turion 64 X2 Dual-Core Mobile Processor. Model, RM-74
  2- I'm going to disassemble my laptop in order to clean its cooling units (I think reason of overheating is this). It doesnt seem like a desktop, so complicated. Ive seen a step-by-step disassembly(btw, its so hard to spell disassembly:) I think Im going to do this. What are your suggestions about it? any experiences could help me?
  3- My laptops Ram memory consists of 2X2GB PC5300 DDR2 667 MHz SDRAM, I want to replace it to 2x2GB MACH XTREME DDR2 1333MHZ CL9 NOTEBOOK RAM. Should I do it? Does it fit my laptop, work stable? any suggestions?
  ps. mainboard chipset AMD M780V
  4- finally :) , Should I use 64 bit OS or 32 bit OS (win7)? what OS would you use if you were me?
  Thank you.

  Hi buddy,
  1+2. I think everything is related to a higher internal temperature and you should clean your notebook using compressed air spray. Therefore its not necessary to disassemble it, just blow gently and shortly the air through the notebook. You can buy such compressed air spray from every computer store I think and it takes only 5 minutes.
  You can find an useful article about this here:
  3. In my opinion you should forget this update! The RAM speed is related to FSB of CPU and as far as I know on Satellite U405D its 667MHz so its already the fastest RAM that you can have. Save your money and buy a bigger HDD or in best case an SSD that can really improve the performance!
  4. In my opinion the answer is clear: Windows 7 64bit.
  Only a 64bit OS support full 4GB RAM. ;)

• Question about internet security...please help!

  Hi everyone,
  I have a question about the macbook's internet security.
  A few days ago I became aware that my sibling was using a laptop for internet use at my house which he got from a person that I do not trust. He is very computer-savy and we're worried that he may have installed some form of spy ware on that laptop and in turn, may have tried (or succeeded) in accessing my Macbook through some form of spyware. My house is hooked up with a D-Link wireless router, and at the time, it had no internet/access-password.
  So my question is, could this person have accessed my computer and personal information remotely by and through the laptop that my sibling got from him. I was under the impression that Mac's have very strong firewalls, but I have also heard that as long as he knew what he was doing, he could have accessed my computer. I don't have a wireless "network" set up at my house, I just simply use the router for internet. But my sibling told me that this guy was his "network administrator" which leads me to believe that he must have had remote access to the laptop.
  Can anyone with knowledge on this problem please weigh in and let me know what I need to do to confirm that no one has accessed anything from my macbook.
  Thanks!

  One option if you want to be extra safe is turning on FileVault (System Preferences -> Security), which will encrypt everything on your computer so that if somehow someone does gain access to your computer they will have a next to zero chance of being able to read anything they get from your computer. You have to have a lot of extra hard drive space on your computer to turn it on though.
  Also, a "network" is just a connection between computers, regardless of the internet is involved or not. So when you connect your computer to the router which gives you the internet, you are putting your computer on a network. Now I believe that in order for this person whom you don't trust to gain remote access to your computer, they would have to have more information such as an IP address for your computer, through the router in order to get to it.
  One thing I think is very important to consider that isn't on the technical side of things is something called "Social Engineering" which is a form of cracking, or hacking. You can do your own research, but in a nutshell Social Engineering is getting people that have access to something I'm trying to hack to give me information. For instance, this person you don't trust could be giving your brother the computer in the hopes that he will download something through your router to that laptop which could give him IP addresses and other information. And then when he gets that laptop back he could scan it for useful information and your brother wouldn't know he did anything wrong at all. The best way to avoid this is purely education and communication. Even if your brother doesn't share the same suspicions about this person, surely he will understand the need to be careful and smart when it comes to sharing personal information in the digital world.

• Important conceptual question about Application Module, Maximum Pool Size

  Hello everyone,
  We have a critical question about the Application Module default settings (taking the DB connections from a DataSource)
  I know that on the Web it is generally suggested that each request must end with either a commit or rollback when executing PL/SQL blocks "directly" on the DB without the framework BC/ViewObject/Entity service intervention.
  Now, for some reasons, we started to develop our applications with thinking that each Web Session would reference exactly one DB session (opened by any instance taken from the AM pool) for the whole duration of the session, so that the changes made by each Web session to its DB session would never interfere with the changes made by "other" Web Sessions to "other" DB sessions .
  In other words, because of that convincement we often implemented sort of "transactions" that open and close (with either commit or rollback) each DB session not in/after a single HTTP request, but during many HTTP Requests.
  As a concrete example think of this scenario:
  1. the user presses the "Insert" button. An HTTP request is fired. The action listener is executed and ends up with inserting rows in a table via a PL SQL block (not via the ViewObjects API).
  2. no commit or rollback after the above PL/SQL block is done yet.
  3. finally the user presses a "Commit" or "Rollback" button, firing the call to the appropriate AM methos.
  Those three requests consist of what I called "transaction".
  From the documentation it's clear that there is no guarantee that the couple AM istance + DB session is the same during all the requests.
  This means that, during step 2, it's possible that another user might reference the same "pending" AM/DbSession for his needs and "steal" somehow the work done via PL/SQL after step 1. (This happens because sessions taken by the pool are always rolled back by default.)
  Now my question is:
  Suppose we set the "Maximum Pool Size" parameter to very a great number (always inferior to the maximum number of concurrent users):
  Is there any guarantee that all the requests will be isolated in that case?
  I hope the problem is clear.
  Let me know if you want more details.

  Thanks for the answers.
  If I am right, from all your answers about resource avaiability, this means that even supposing the framework is able to always give us the same AM instance back from the AM pool (by following the session-affinity criterias), there is, however, no "connection affinity" with the connections from the DataSource. This means that the "same AM instance" might take the "a new DB connection", if necessary, from the connection pool of the DataSource. If that happens, that could give us the same problems as taking "a new AM instance" (that is, not following session-affinity) from the beginning, since each time an a new connection is taken (either via a new AM instance or via the same AM instance plus a new DB connection), the corresponding DB session is rolle back by default, clearing all the pending transactions we might have performed before with direct PL/SQL calls bypassing the AM services during the life cycle of our application, so that the new HTTP request will have a clean DB session to start to work with.

• Three questions about replication/security

  Hello,
  We are currently planning to build software for our sales persons using C#. Each sales person has a laptop and should be able to sync the client information when he/she has access to the internet/intranet. Sales person can update client information and the local database will be synced back to master server when the user is connected to the internet/intranet. My option was to go with Oracle lite (as client DB) and Oracle enterprise (Server DB). But after readying the posts in this forum, I believe Oracle XE can do the trick. Am I right?
  Second question is about the security of the replication. Sales persons can connect using the internet to sync the information back and forth. Is there a built in mechanism to secure the connection between the two DBs ( Oracle XE and EE)?
  Third question is about the recovery options. I read Mark’s post about the feature of Oracle XE. I understood that PIT recovery and achivelog mode are supported. But, the post also says that Tablespace PIT is not supported. Can some tell me the difference between PITR and TSPITR? If PITR is supported, can I restore the database to a specific date and time (i.e. Dec 2, 2005 2:00PM)?
  Thanks a lot

  Comments inline
  Hello,
  We are currently planning to build software for our sales persons using C#. Each sales person has a laptop and should be able to sync the client information when he/she has access to the internet/intranet. Sales person can update client information and the local database will be synced back to master server when the user is connected to the internet/intranet. My option was to go with Oracle lite (as client DB) and Oracle enterprise (Server DB). But after readying the posts in this forum, I believe Oracle XE can do the trick. Am I right?
  Yes - except that Oracle Lite comes with the synchronization built in, and it's tested to handle all the weird corner cases you have to deal with. XE will give you basic replication, however, you will have to build the connect, replicate (refresh materialized views), disconnect logic yourself (and test it). Personally I would spend the $100 on the Oracle Lite option
  Second question is about the security of the replication. Sales persons can connect using the internet to sync the information back and forth. Is there a built in mechanism to secure the connection between the two DBs ( Oracle XE and EE)?
  It depends by what you mean secure. When you connect XE to Enterprise Edition, it will use a database link to refresh the materialized views (replicated tables). Userids/passwords across the database link will be sent in an encrypted form. The data will not. I'm guessing you could use Oracle's Advanced Security option to secure the database links from XE to EE, but I'm not 100% sure. Tom may be able to give us a clue on this one. Also, note that DBLinks by default use the TCP/IP transport, so thats a hole you would have to kick in the firewall if the EE database was behind it (as it should be). Although replication can use HTTP as a transport mechanism
  (You can see all the issues you start to get into - the $100 dollars per Oracle Lite deployment is looking real goo to me right about now)
  Third question is about the recovery options. I read Mark’s post about the feature of Oracle XE. I understood that PIT recovery and achivelog mode are supported. But, the post also says that Tablespace PIT is not supported. Can some tell me the difference between PITR and TSPITR? If PITR is supported, can I restore the database to a specific date and time (i.e. Dec 2, 2005 2:00PM)?
  Yes - you can roll forward the entire database to a given point in time using RMAN (which will be in production). You cannot however roll forward just a subset of tablespaces (i.e a subset of the data) in XE. Tablespace PITR is an EE feature (and not for the faint hearted).
  Thanks a lot

• HT5312 a question about the  security-related emails

  Excuse me.ive forgot my security questions and answers.and what was worse my yahoo e-mail(which is the security-related emails ) has been closed few days ago.could u help me?

  The Three Best Alternatives for Security Questions and Rescue Mail
       1.  Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
       2.  Call Apple Support in your country: Customer Service: Contact Apple support.
       3.  Rescue email address and how to reset Apple ID security questions.
  A substitute for using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• Several Questions about Aperture Problems

  Having used Aperture for some time, and being a Mac user since 1985, I have a list of questions about Aperture that I need help with.
  1. Periodically operating the sliders will make an image turn black. Sometimes this is early in a session, sometimes late. Various workarounds will bring the image back, but once this starts, quitting seems the only option. Can anyone help me with why this happens and how to stop it?
  2. About 20% of the RAW files from my supported camera display the Unsupported Image Format error screen. These files operate perfectly in the manufacturers software and in other image management software that does not use the OS RAW libraries. Can someone help me with the cause of this and the solution (not a "workaround" but a way to make it stop happening).
  3. ALL of my RAW files from my supported camera, when I try to lift metadata, return the error message that there is no metadata to lift. But in fact, the metadata inspector displays metadata. How can I stop this from happening and experience normal metadata lifting?
  4. When I use the DNG format from my supported camera, a great many EXIF fields do not display, such as lens data. Can someone help me with DNG files, since these never generate the UIF error screen (cf. #2 above) as the manufacturer's RAW files do. I'm forced to use DNGs to have all my shots, but the EXIF data is not fully displayed.
  5. Today I opened Aperture and no previews would display. Aperture froze while updating thumbnails. I'd not done any non-routine edits or imported any unusual files or formats. Aperture then would not quit. Is it safe to attempt to restart Aperture?
  6. At times Aperture slows to the point of not working at all. Long pauses simply in trying to enlarge the selection circles for redeye removal, for example. What would cause Aperture to slow down without warning at any point in the workflow? How can I experience a more consistent operating speed from Aperture.
  7. How do other image management programs like Lightroom compare on these points? Is Aperture typical or should I seek a change in my workflow, improvement in my hardware, or some adjustment in my installation?
  Info: MacBook Pro, 4 GB RAM (apple), 320 GB drive, 45 GB free on drive; library of 3800 images. Fewer than 12 projects.
  Thanks for your assistance.

  n #3. It looks like you're absolutely right on this. I went back and checked on photos I'd edited and there was the altered metadata. +Many thanks for dispelling that concern!+ I love being a happy camper. Check that one off the list!
  On 1, I've followed the black-screen issues and pretty much all we know is that a workaround exists--usually selecting the crop box restores the picture, but a lot of times it blacks out again. Having used Apple products over 25 years, all of which was in my adult professional life, I haven't seen Apple willing to just let users tolerate an irritating "workaround." I think this is something that needs fixing.
  On 6--I don't understand how the rotational speed would produce erratic performance issues. I can go a month of reasonable performance, and then suddenly things bog down. Also, if that is the reason, this really ought to be part of the System Requirements, or at least, a recommendation. Maybe it is already--I should check to be sure. I confess this is one aspect I had not thought about.
  Thanks so much for thinking about these. I love my Apple products and have owned almost every generation of Mac since the "Fat Mac" (512K RAM! 800Kb Floppies!) and hate to stare at the screen and think I've been given a truly poor product--not in my DNA--but these things break my heart.
  Message was edited by: LawsonStone
  Message was edited by: LawsonStone

• Several question about SVN PKGBUILDs

  I'd like to make a PKGBUILD for an SVN version of a program. I have just looked at existing PKGBUILDs and now there are  several questions:
  * Why are PKGBUILDs made for particular revision? PKGBUILDs for the latest revision would not require maintainance and would be more useful for users... (IMHO)
  * Why does everyone make 'svn co' in their PKGBUILDs and not 'svn export'? I don't think that users will commit their changes under anonymous account anyway... (that will be 98% impossible)

  Lazer wrote:* Why are PKGBUILDs made for particular revision? PKGBUILDs for the latest revision would not require maintainance and would be more useful for users... (IMHO)
  Because you have to put one version when you write the PKGBUILD.
  Besides, it indicates that the maintainer of the PKGBUILD tested this particular revision.
  It is impossible to know if the PKGBUILD or the package will still work correctly at a future revision (there could be changes in the build system, other compilation problems, new bugs in the software, etc...)
  That said, makepkg by default will update the revision automatically when you run it. But this can be prevented with --holdver :
        --holdver    Prevent automatic version bumping for development PKGBUILDs
  * Why does everyone make 'svn co' in their PKGBUILDs and not 'svn export'? I don't think that users will commit their changes under anonymous account anyway... (that will be 98% impossible)
  Uh?
  $ svn -h co
  checkout (co): Check out a working copy from a repository.
  PS : have a look at /usr/share/pacman/PKGBUILD-svn.proto from abs package for a prototype of a svn pkgbuild.
  Last edited by shining (2008-08-17 09:08:05)

• Several questions about iCloud & iPod touch

  I have several questions regarding iCloud which I just started using yesterday. 
  So far most of my music has been uploaded, but many songs say that "an error occurred" so they were not able to be uploaded. 1) How can I get these songs to upload/try again? 2) These songs are currently on my iPod touch.  I haven't configured my iPod for iCloud/iTunes Match yet for fear of losing the music that is already on there.  If something from my desktop was unable to be uploaded, will it be deleted from my iPod when I set up my iPod for iCloud/iTunes Match?
  3) I have purchased music with my iPod but not synced it with a computer.  Will that music be lost if I start using iCloud on my iPod? Will it be uploaded to the cloud so I can access it on my laptop and desktop (which are both Mac products and set up with iCloud)? I no longer connect my iPod to a computer because the laptop it was connected to and had all of my music on died and my new one doesn't have enough storage.  My desktop is old and has my older music collection and I fear losing all of the music that is on my iPod (that I don't have anywhere else).  I hope that iCloud will help me with all of this- please tell me that it will!  5) I accidentally downloaded half of an album to my iPod and half to my laptop.  Will iCloud allow me to have the whole album on 1 device? Thanks so much!

  Lots and lots of questions
  The new Photos app in OS X should address much of this - it greatly simplifies syncing stuff across machines. Apple has details on it up here:
  https://www.apple.com/osx/photos-preview/
  It says "coming this spring" and a pre-release version has already been made available to developer testers.

• Quick question about SAP Security analyst responsibilities

  This question was posted on another site and I was asked by the moderator to  cross-post it here:
  On another discussion forum, the topic of the SAP Certification program came up. In the discussion thread, there was some debate about the subject areas tested on the exam for SAP security, so I am putting the question to you.
  At your current workplace, which of the following, if any, are responsibilities/ expected competencies of your experienced SAP Security analysts:
  Encryption
  Single Sign-on configuration/ maintenance
  Network topology (SAP router and web dispatcher)
  Operating system (SAP gateway)
  Database security
  J2EE
  To categorize the responses, it would be helpful to know if you consider yours is a relatively large SAP support organization or not.
  Thanks in advance for your responses and comments.
  Regards,
  Gretchen Lindquist

  Hi Gretchen,
  I am a consultant so have a slightly different perspective than an end user. 
  A typical client security engagement for me will involve 3 or 4 out of those competency areas and on top of that: secure communications & secure application (what I know and love as roles & users, some of our friends will refer to that as secure coding).  In general, security administrators at my clients focus on roles & users and their competencies are only in those area.  That is the same for small (<500 users) and large organisations (>20k users)
  In my opinion this is one of the problems with our industry and in particular with individuals who consider themselves SAP Security professional.  It is no secret that the wider security industry often views SAP Security practitioners as a bit limited in skills due to the lack of understanding of infosec basics.
  SAP security is not just roles & users, SoD's & SU53's.  They are an important part of securing SAP but only a few of the components.  As you have pointed out in the competency areas SAP Security is about the environment in which the SAP system resides and operates and our need is to ensure the C,I,A over those systems that support business processes.
  As an employer I expect a SAP Security professional to have understanding of all of those competencies (and a few more).  In the same way that GRC is much more than a tool provided by SAP, SAP security is a holistic subject that by necessity covers multiple subject areas.
  Regarding expectations of a security analyst, I expect them to be able to understand the wider security environment around their system and to be comfortable talking about things like comms security, SSO, secure programming (the basics), OS, network topology and DB security (the basics).  Most importantly they should know how they work together to form the security environment and where the dependencies or touch points are between them.  It's not unreasonable for basis and technical teams to perform much of the work in these areas but that is not to say that "out of sight is out of mind".
  I don't hide my views on the inadequacy of the certification process in it's previous incarnations.  SAP is doing great work to improve this which is a positive step.  What is critical is that a demonstration of competency (e.g. certification)  in SAP Security covers the whole subject (or as much as practical).
  If people want to break the topic down then that's great but resulting certifications should be pointed out as what they are e.g. Certification in role & user administration.
  I hope there is something in there to provoke thought & discussion!
  Regards
  Alex
  Edited for clarity by: Alex Ayers on Feb 9, 2012 9:49 AM

• The question about application priority in OCAP

  First question:
  I know the AIT includes priority for each application.
  But I find nothing about priority description in XAIT, may be I made a mistake about XAIT's structure.
  Second question:
  OCAP(10.2.2.5) define the priority range from 1 to 255. Where we can use this value, only in AIT?
  BRs.
  Alexander

  hi igor,
  you have to import the IDOC Types under the imported objects in the integration repository objects,
  what are all the data that coming out from the file adapter, you design the datatype.
  the target IDOC should be real and you do the mapping for the all necessary fields.
  refer: --
  File to IDOC:
  Re: how to Sending XML data to idoc
  IDOC Mapping:
  http://help.sap.com/saphelp_crm40/helpdata/en/77/a1d48b1ce06d40932e0a26f3c117ce/frameset.htm

• Several questions about migrating from iPhoto to Aperture

  I'm currently a heavy iPhoto user and am looking into migrating to Aperture. Can anyone give me a sense of what I to expect if/when I make this switch?
  Here are several particular things I'm wondering about:
  1. iPhoto works great as a computerized photo album for casual browsing. (I can see a page of different events with mouse-over previews, plus I can hide poorer shots so that I can just view the highlights.) Will Aperture be a step back in this department? If so, is it possible to "share" my Aperture photos with iPhoto without keeping two parallel copies of everything?
  2. When I import an edited photo from iPhoto to Aperture, will the iPhoto "original" become the Aperture "original" and the iPhoto "modified" become the Aperture "modified? Is the same true if I export an edited photo from Aperture to iPhoto?
  3. Does Aperture have an analog for "hidden" photos? I currently mark my best shot from a series by hiding the rest. Will I lose this marking if I migrate to Aperture or is there a way to preserve it?
  4. I currently have a number of short video clips (taken with my point-and-shoot's video feature) mixed in with the iPhoto albums. (iPhoto really does let me keep everything organized in one place!) If I understand correctly, Aperture won't let me store these in my Aperture library alongside the still-photos of the same subjects. Is this correct? If so, how have other people handled this?
  5. Do EXIF tags get re-read upon import from iPhoto to Aperture? I've got a number of iPhoto files which I've retroactively geotagged with HoudahGeo. Will the tagging be lost (since iPhoto is not currently aware of the geotagging as the EXIF tags have not been re-read)... or will Aperture now recognize this metadata?
  6. If worst-comes-to-worst and I give up on Aperture after a few months, how painful will it be to un-migrate back to iPhoto? More importantly, what album metada (e.g. events, albums, ratings, tags, notes, dates, hidden-ness, links between original and modified versions of a photo, iWeb references, etc.) will be lost? In other words, if I were to import everything from iPhoto to Aperture, wipe my iPhoto library clean, and then export everything back from Aperture to iPhoto, what information will have been destroyed?
  Thanks in advance for any answers to this long list of questions!

  Here are several observations (read: warnings) in case anyone else is considering migrating a significant iPhoto library to Aperture...
  A) Pictures marked as "hidden" appear to be silently skipped over (along with video clips, as was expected) when importing an iPhoto library to Aperture. They do not appear in the relevant Aperture project regardless of the filtering options.
  B) Both iPhoto originals and modifieds are imported. The former are given the keyword "iPhoto original" and the latter are given the keyword "iPhoto modified." Each pair of photos is put into a single Aperture "stack." Both photos are given the same tags/ratings (so, for example, the un-rotated, uncropped, poorly balanced original will show up alongside the nice clean "modified" if you were to filter for 5-star images), and both files are given identical "version names" (equal to the "name field" in iPhoto). In most cases the original -- not the modified version -- was set as the stack's "pick" and displayed when the stack was collapsed. *Significantly, I could find no way of creating a view in Aperture that showed one copy of each picture, with the "iphoto modified" version displayed for photos that had been modified in iPhoto and the original version displayed for photos that had never been modified in iPhoto!* (This is, of course, the way they are shown in iPhoto.)
  C) My understanding of "stacks" is that they are designed to help organize multiple "tries" at the same shot (e.g., I want to make sure that nobody's eyes are closed in the group photo, so I press the shutter six times in quick succession -- I'm going to pick a "best" one will be mostly interested in that shot from then on). This is a fantastic idea! However things get confusing if you are already using stacks to track original and modified versions (as described above)... particularly if your stack should contain six pictures plus original versions of each. Plus, as I mentioned, the "original" version is usually the default "pick" in each stack.
  D) After import, "iPhoto original" versions of portrait photos appear un-rotated. Normally, my cameras (including a Nikon D80, an iPhone, and others) mark photos' orientations and they are automatically displayed in the correct orientation. Aperture appears to consider this auto-rotation an iPhoto edit and helpfully displays the "iPhoto original" always in landscape.
  E) Aperture may incorrectly import events whose names contain a "/" or a ".", so if your event names contain dates, rewrite them with "-"s before importing to Aperture.
  F) Aperture does have a rough mouse-over-the-icon-to-flip-through view, similar to the "events" pane in iPhoto... although you will lose your choice of which photo serves as the default icon for each event when you import your library from iPhoto, and you cannot "hide" photos from appearing in the flip-through as you can with iPhoto.
  G) Perhaps it's my inexperience with the program, but I could find no way to sort the project list by date (vs. alphabetically), nor could I find any way to make a correction to a single photo's date/time.
  As a bottom line, remember that Aperture is definitely not "iPhoto Plus." It lacks a number of iPhoto's features, but in exchange gives you a number of really slick tools aimed at streamlining a digital photography workflow.
  I'd also encourage people to think very carefully before moving a large, well-organized iPhoto library to Aperture. You may lose a fair amount of information, and the result will take a lot of work to "make pretty" again. It does look like a nice program, though. Are you ready to relegate all of your existing pictures to an iPhoto "pre-history" and start over with a blank -- but much fancier -- slate in Aperture?