What is so special about the "Hot Towel" project template?

Similar Messages

• What is so special about the "ticket" login module stack?

  G'day,
  I am observing some odd behaviour with login module stacks.
  I have a custom login module that performs authentication using information in the HTTP servlet request. This custom login module does not require any interaction from the user. I want to use this custom login module when I authenticate to the portal.
  By default, the portal uses an authentication scheme known as "uidpwdlogon", which uses the "ticket" login module stack, which is configured to perform basic password login. When I attempt to access the portal I am presented with a username/password page and I need to enter a username and password, hit the "submit" button, and access to the portal is granted.
  So I replaced the BasicPasswordLoginModule entry in the "ticket" login module stack with my custom login module, and now access to the portal is granted automatically, as expected. There is no username/password page displayed.
  But if I create a new login module stack that contains exactly the same modules as "ticket" login module stack, and modify the "uidpwdlogon" authentication scheme to use my new login module stack instead of the "ticket" login module stack, then something odd occurs: I am now presented with a username/password page again. I need to hit the "submit" button to navigate away from this page before the custom login module stack will process, which will then grant access to the portal.
  If I change the "uidpwdlogon" authentication scheme back to use the "ticket" login module stack (which is exactly the same as the previous login module stack), then access to the portal is granted automatically without showing a username/password page.
  So: if the (modified) "ticket" login module stack is used, there's no username/password page shown. If a copy of that login module stack is used, then a username/password page is shown.
  What's going on here?

  G'day,
  Thanks for the reply.
  The relevant parts of the authschemes.xml file are as follows:
          <authscheme name="uidpwdlogon">
              <authentication-template>myloginstack</authentication-template>
              <priority>21</priority>
              <frontendtype>2</frontendtype>
              <frontendtarget>com.sap.portal.runtime.logon.certlogon</frontendtarget>
          </authscheme>
          <authscheme-ref name="default">
              <authscheme>uidpwdlogon</authscheme>
          </authscheme-ref>
          <authscheme-ref name="UserAdminScheme">
              <authscheme>uidpwdlogon</authscheme>
          </authscheme-ref>
  Note that I have changed the uidpwdlogon element to use "myloginstack" instead of "ticket", and changed the priority from 20 to 21, as suggested (but it should be noted that the outcome is the same regardless of priority).
  The "ticket" login module stack is defined as follows:
    EvaulateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
    MyLoginModule REQUISITE {...}
    CreateTicketLoginModule OPTIONAL {ume.configuration.active=true}
  and the "myloginstack" is defined identically as follows:
    EvaulateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
    MyLoginModule REQUISITE {...}
    CreateTicketLoginModule OPTIONAL {ume.configuration.active=true}
  When the "uidpwdlogon" authentication scheme is configured to use the "myloginstack" login module stack, the browser immediately opens up the normal username/password page. I wait for a few minutes (for logging reasons), then hit submit, and access to the portal is granted.
  The log output for this is as follows:
  Message : LOGIN.FAILED
  User: N/A
  Authentication Stack: myloginstack
  Login Module                                                            Flag        Initialize  Login      Commit     Abort      Details
  com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false                 true      
  MyLoginModule                                                           REQUISITE   ok          exception             true       Further authentication required from client
  com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true      
  Message : LOGIN.OK
  User: testuser
  Authentication Stack: myloginstack
  Login Module                                                            Flag        Initialize  Login      Commit     Abort      Details
  com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false      false                
  MyLoginModule                                                           REQUISITE   ok          true       true                 
  com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok          true       true                 
  Central Checks                                                                                true                 
  There are two login stack events because the first login stack event asks the browser to pass along authentication data, which is processed in the second login stack event.
  Also note that the time of the first login module event is a few minutes after the username/password page appears, suggesting that the portal is attempting to obtain information before it processes the login module stack.
  If I change the "uidpwdlogon" authentication scheme to use the "ticket" login module stack, then no username/password page appears and the security log is essentially identical to that of "myloginstack":
  Message : LOGIN.FAILED
  User: N/A
  Authentication Stack: ticket
  Login Module                                                            Flag        Initialize  Login      Commit     Abort      Details
  com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false                 true      
  MyLoginModule                                                           REQUISITE   ok          exception             true       Further authentication required from client
  com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true      
  Message : LOGIN.OK
  User: testuser
  Authentication Stack: ticket
  Login Module                                                            Flag        Initialize  Login      Commit     Abort      Details
  com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          false      false                
  MyLoginModule                                                           REQUISITE   ok          true       true                 
  com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok          true       true                 
  Central Checks                                                                                true                 
  I am creating the "myloginstack" login module stack using the Visual Administrator tool, by clicking the "Add" button for the "Policy Configurations" tab of the SecurityProvider service. Note that when I do this the entry for "myloginstack" gets a diamond icon, while the entry for "ticket" has a different icon (resembling a graph). I do not know what these different icons beside each policy configuration imply (is "ticket" different to "myloginstack" somehow?) nor how to create a new policy configuration that will have different icon.
  I assume the username/password page is shown because the <frontendtarget> element in the "uidpwdlogon" authentication scheme is defined to use "com.sap.portal.runtime.logon.certlogon". Perhaps there is another value I can use here that displays nothing and redirects the browser directly to the portal?

• What is so "Pro" about the MacBook Pro?

  "Pro" is short for professional and the Apple brand has been synonymous with creative professionals for at least 20 years... I know, asI am one of them. 
  Now, the MAC PRO (tower) is no doubt, a professional grade machine. With 4 hard drives, 2 DVD drives, 4 expansion bays, 5 USB ports and 4 Firewire ports, and a whopping 128GB RAM, I'd say it lives up to the name "Pro". This machine IS the industry standard in film editing, recording studios, graphic design, ect... The one catch, is that it's not portable...
  In come the MAC BOOK PRO. It's lightweight and has excellent battery life which is ideal for portability.
  Now here's what I'm getting at: When you're on the road, at a meeting, or working in the field, you're probably not going to need all of the hardware of the Mac Pro, but only 2 USB ports? That sounds like a joke to me!
  Say you meet someone at a cafe and you decide to transferring some files from your USB drive to his... That's it, you're done for USB ports. You can't even can't grab a charge for your phone, your ipad, plug in a digital camera or whatever because it only has 2 USB ports. And it really annoys me when I see these PC guys with laptops half the price of a MacBook and they're sitting there with all kinds of stuff plugged in. Notebooks like the Inspiron's and ASUS have 5 USB ports... FIVE!!! 
  So I ask you, "what's so pro about the MacBook Pro?" Having to constantly plug and unplug peripherals is quite amateur to me.

  Melophage wrote:
  rick268,
  the “Pro” in MacBook Pro was in comparison to the “Pro-less” MacBook. If the two USB ports on a MacBook Pro don’t suffice for your needs, then you can either bring along a powered USB hub, or you can simply not get a MacBook Pro — get one of its competitors instead, which has the number of USB ports which you need.
  I know I can get a USB hub, or better yet, I've been looking into a thunderbolt hub- I just wish I didn't have to sacrifice ports in Apple's conquest to make the thinnest laptop in existance.

• What can I do about the hackers in my devices.

  What can I do about the hackers in my devices. Pls help i need to know what I can do to take the hackers out of my devices.

  Aww drat! I was going to recommend "AttackA-Hak" which was free from VapourWare Inc.
  a) The likelihood of your Apple device being hacked is millions to one against.
  b) If it was, Apple would be very interested in seeing your device as you would be one of the first.
  c) Can I have whatever you're drinking please ...

• What can I do about the Other Item on my iPhone... It is using 2.2 GBs of memory...

  What can I do about the Other Item.  It is using 2.2 GBs of memory.... The largest user....
  That is 25% of RAM.....

  What can I do about the Other Item.  It is using 2.2 GBs of memory.... The largest user....
  That is 25% of RAM.....

• What do you think about the html5?

  I've been seeing developers philosophizing about the future, and I want to know what do you think about the brand new html5?
  mainly because the html5 can take out of the market technology ( flex ).
  thanks for the opinion!!!
  [email protected]

  Yep this is most definitely not just a rumor, I've found plenty of sources talking about this.
  Here's someone's take on HTML5, a non-Adobe perspective, from a Silverlight developer.  I thought this would be interesting to mention.  Not sure I agree 100% with everything said (IE may not be most used browser and I don't believe in DRM), but it's an interesting read anyway:
  Yes, you can do a LOT of stuff with HTML5 + JS that Silverlight is good for. But HTML5 will only reach Candidate Recommendation status in 2012 - if Silverlight keeps the current pace, it will be at V7 by then.
  HTML5 will only get you approximately what Silverlight had at V1.0. A Canvas element, some video playback capabilites, and a Javascript programming model. Can you imagine how further advanced Silverlight 4 is at the moment?
  Actually, scratch that - the video quality and availability of HTML5 is a lot worse than what Silverlight has to offer. There is no DRM, no Smooth Streaming, not even full screen! No GPU acceleration either. Even the codec HTML5 has to support is not standardized! This results in Firefox 3.6 having only Theora decoder, and Youtube experimenting with HTML in H.264 (on the same day FF3.6 launched), only playable in approx. 4-5% of the world's browsers.
  Internet Explorer is still the most widely used browser on the web, and does not have HTML5. Currently, there are more Silverlight capable browsers browsing the web than HTML5 compatible ones. I don't think that in the next 3 years you will be able to create an HTML5 app and hope that at least 50% of the world's population can view it without switching browsers. (and remember: installing a plugin is a lot less hassle than switching to a new browser!)
  HTML5 will not be truly cross-browser standard for quite a long time, if ever. There are too many things that the browser developer can do as they wish - just think about the aforementioned video codec issue. There are too many little differences in each browser's Javascript implementation to make it really portable.
  The developer story: nothing in the HTML + JS world comes close to the awesome Visual Studio and Expression Blend tools. Javascript is cool for small apps, but cannot hold a candle to C# when it comes to serious development. Fighting with browser and OS incompatilities takes up a huge amount of time for any HTML website or web app - with Silverlight you don't have this.
  Just compare what the best HTML / Ajax company in the world (Google) did with maps, and what MS did to see the difference. Go tohttp://maps.google.com/ (watch out - the Streetview part is in Flash, not Ajax), and compare it to http://www.bing.com/maps/explore/. That is the difference I am talking about.
  Of course he means (or should have meant) Flex/Flash rather than just Flash.  As for the GWT and other AJAX fanboys who I guess think browser compatibility problems are going to be a thing of the past (or won't be a drag on corporate bottom lines - haha), it makes you wonder what other wild fantasies they're envisioning for the future.  Next they'll come and tell us XML-based protocols are going to be as fast as AMF...

• What do you think about the iPhone 4 for my 11 year old daughter

  What do you think about the iPhone 4 for my 11 year old daughter

  It should be a good choice. I recently got the 5C which typically is $99 with supported carriers. Verizon, AT&T, Sprint provide attractive pricing with a two year contract or it you are adding a line to your current service. I have several friends using the 4S, and they have been very pleased with them.

• What do you think about the value of MacKeeper?

  What do you think about the value of the free download MacKeeper?

  See below.
  https://discussions.apple.com/docs/DOC-3036

• What do u think about the new imac quad, what do u think about the new imac quad

  what do u think about the new imac quad, what do u think about the new imac quad?

  I think you should buy me one.

• What do you think about the new and improved SiriusDecisions Waterfall?

  SiriusDecisions launched their new and improved Demand Waterfall this week at their Summit in Scottsdale, Arizona. For those of you who haven't seen it yet, I have attached the PDF for your viewing pleasure. What do you think? What's strong? What's weak? Do you agree with Tony Jaros that teleprospecting is a required step in the Marketing Qualification process?

  It makes a lot of sense from our perspective.  Our sales organization has always generated the bulk of our leads, so it makes sense to account for them and to build programs to support them.  It was a great conference - my first SiriusDecisions Summit.  I came away both energized and overwhelmed.
  Our Inside Sales team qualifies almost all inquiries via telephone, so it makes sense to me that "teleprospecting" is a required step.  The only exceptions are sales-generated leads, so the waterfall reflects that perfectly.
  What I like most about the new waterfall is that it creates a clear structure for us to focus more on developing lead nurturing and pipeline acceleration programs specifically for teleprospecting- and sales-generated leads.  I'll admit that we've neglected this (simply including those contacts in our marketing-generated lead nurtures).  Furthermore, it reinforces the need to tailor nurtures to the buyer's stage in the buying process.  We tend to move all of our contacts through the same campaign and nurture activities as if they're progressing together, which obviously isn't the case.
  I'd be interested in learning how other Eloqua users are getting data back from their CRM on a contact who has turned into a qualified lead.  How do you find this information out?  Do you then put them through an individual nurture that is focused on accelerating the deal?

• What burns me up about the Pixi (sprint)-If you can, help me out here

  This is a half rant half 'I hope someone can help me out here with something I'm doing wrong' post, because my experience with this phone makes me want to smash it into a developers face. (Try not to take offence, it's just a thought, I am actually physically stuck with this phone)
  Messaging:
  No time stamps for messaging? With my pending civil court case, it'd be nice to have this rudimentary gem that's been on every phone since 1998. But let's be honest...it's just nice to know when what was said. Awesome that I can save every message for 3 months. Blows that I can't figure out when it was sent.
  Missed Calls:
  OK being that I actually like to think of my pixi as a phone first, then a "computer", I'd love to be able to sift through my missed calls on the red missed call alert bar. Since I'm too much of a, "let's get this done now" guy, I hate loading an app to get to my missed calls off of a little button on an already small interface. If I don't want to load the app, I have to click on the missed call alert bar, make my phone dial the number, end the call immediately, and continue untill I go through all of my missed calls (Yea I've done it before, I hate loading apps that bad). How about if you drag down on the missed call alert bar, it pulls the top one off and reveals the PREVIOUS missed call. (Holy ----! Am I a genius, or am I just someone who actually used this phone for more than 3 minutes?) Hopefully I can just sift through my calls on the messed call's red alert ball, but I've tried it every which way and I don't think I can...Help me out here.
  SMS through missed call icon also only works when it wants to (software issue)
  Airplane Mode: I accidentally put my phone into Airplane mode like twice a week. This blocks all calls and you just don't even know it's on until you notice the plane on the screen. Why is it so easy? Does palm not realize the consumer base that this phone makes it to probably uses an airplane once every year? I mean I've never even been on a plane and I got suckered into this thing, yet I feel like I should be able to have enough frequent flier miles to go around the world 6 times accoroding to how much I accidentally turn on Airplane Mode. Wth? Whose idea was that?
  Facebook syncing: Seriously, who in their right mind wants every single one of heir FB friends on their phones? Certainly not me. Sorry I don't need to talk to all 400 people I've added from school. Best part is, once the syncing deed is done, you can't stop it. That's just brilliant. You spend an hour sycing your phone to FB, just to reset your contacts.
  Ringtones: Text messaging ringtones literally plays for about 10 seconds and stop. Who on gods green earth told you that it'd be Ok to play any ringtone for like 10 seconds? Seriously...? PLEASE tell me I can change this. I can't even get through the intro of a song in 10 seconds. That's just great. May I add my ringer just seems to have shut off today. Why and when, I don't know. But my ringer is on, turned up, and I'm just getting text messages and calls as I type this with no sounds. lol Seriously. I'm not even kidding. I don't know how to make the alert sound. That's absurd. lol Like really I'm laughing at how pitiful it is that this is what my phone does so I'll just type another lol to further express how much of a joke this phone is to me. lol
  Contact Reminder: Now I'm not sure what I'm doing. But pretty often, when trying to hurriedly dial a number, I accidentally hit contact reminder, load a new app. Meanwhile I have to get rid of the app and get to my phone. Now here's the kicker...I did it "hurriedly"(yea I make up words when I need to) which means I'm in a rush. Thx for not helping whatever situation I'd be in/have been in, Palm...You're supposed to work with me, not against me. :\
  Calendar: Awesome app. I actually bought this phone for its uses here. But I'm not sure if it's just me, or the phone, but I can't even have this thing remind me to take out the trash every WEDNESDAY. From what I can tell, I can only do reoccuring reminders by date, and not by day. Seriously? If I'm not missing something here and that is the case, you've completely failed your name Palm. Just saying, I mean jeez...
  Youtube: Now really. You almost outdid yourself with the youtube app. You could have made me forget of all of this phones shortcomings had you not just screwed up here too. Now I don't know who you have agreements with, but since I can't actually get the same vids I'd normally get on the computer (for example, music videos) to come up in my search, you've essentially turned youtube, "you"sless. Now that actually takes more effort in screwing up than not. This thing right here just makes me think you're trying to get me mad.
  Small keys:Won't even touch on that subject, I should have noticed from the get go. I knew it, thought I'd get used to it, but no. They are just too small and that's that. Not even blaming palm for this one.
  Palm taught me 2 things with this phone.
  1: Never buy from palm again, we just don't seem to agree on what a phone should do. I had great expectations in the Palm name, only to find out that I'm going to be enraged by the phone daily.
  2olidification in the notion that "if it's too good to be true, it probably is." Because that's exactly what I got out of the experience with this phone.
  So unless someone can set my problems straight, I'm going to be looking foward to my next upgrade like it's the last day of school for a 12 year old. At least life won't continue speeding by as long as I have this thing. I guess that's one bonus. :\
  The worst part is this is all that I can think of sitting here. I can probably edit this throughout any given day to make it into a small book. Which I would try to publish if I'm not flat out wrong about at least half of these "problems". Because if so...this phone should have never hit the market. No offense. Like I said, I actually have to use this phone. Palm just gets more money out of it.
  Thx if you read, and thx if you help me out. I hope someone tells me what I'm doing wrong and makes me look like a complete idiot. This is your chance, defend palm!
  Post relates to: Pixi p120eww (Sprint)

  Hi ChrisBell,
  my Pixi shows me the missed calls in a list of its own? I don't have many, so maybe I'm missing something. But I agree with your half-ranting to some degree. As a long-time Palm-user (my last phone was a Treo 680, terrible form factor, good UI), I am really disappointed with the standard software on this phone. Memos and Tasks, which AFAIK were there and useful even on the first Newton's, have regressed beyond the point of usefulness now (solution: Toodledo and Done!, at least for now).
  But ChrisBell: if you feel up for it, you could start tinkering. Many people love these phones so much they have started developing patches to solve the obvious problems skimmed over by developers. Try looking up "webosquickinstall" and "preware", and you will find over 300 patches and a lot of free software to help you out. I am not a computer wizard myself, but I am not scared of them either, and I have been able to make good use of all these extras made available by the community.
  just a thought, might help you out on a few of your half-rants

• Oracle Security : what do you think about the following policy violation ?

  If you install OEM10, you will be able to see if you violate some security guidelines :
  Interresting is revoking UTL_FILE from public, which is critical. Also revoke UTL_TCP and UTL_SMTP. This is going to upset an expert I know...
  Take care about the failed login attempts. If you set it to 10 to the default profile, and if your DBSNMP password is NOT the default password, then Oracle will lock your account after node discovery!
  In Solaris, you can disable execution of the user stack with the system parameters set noexec_user_stack=1
  set noexec_user_stack_log=1. I did not find how to do it on AIX. However, those settings may have side effects.
  About the ports, it complains about open ports, even if this is the port oracle listener is using! Simply ignore most of the violations there.
  About JAccelerator (NCOMP), it is located on the "companion" CD.
  Ok, Waiting for your feedback
  Regards
  Laurent
  [High]      Critical Patch Advisories for Oracle Homes     Configuration     Host     Checks Oracle Homes for missing critical patches          
  [High]      Insufficient Number of Control Files     Configuration     Database     Checks for use of a single control file          
  [High]      Open ports     Security     Host     Check for open ports          
  [High]      Remote OS role     Security     Database     Check for insecure authentication of remote users (remote OS role)          
  [High]      EXECUTE UTL_FILE privileges to PUBLIC     Security     Database     Test for PUBLIC having EXECUTE privilege on the UTIL_FILE package          
  [High]      Listener direct administration     Security     Listener     Ensure that listeners cannot be administered directly          
  [High]      Remote OS authentication     Security     Database     Check for insecure authentication of remote users (remote OS authentication)          
  [High]      Listener password     Security     Listener     Test for password-protected listeners          
  [High]      HTTP Server Access Logging     Security     HTTP Server     Check that HTTP Server access logging is enabled          
  [High]      Web Cache Access Logging     Security     Web Cache     Check that Web Cache access logging is enabled          
  [High]      Web Cache Dummy wallet     Security     Web Cache     Check that dummy wallet is not used for production SSL load.          
  [High]      HTTP Server Dummy wallet     Security     HTTP Server     Check that dummy wallet is not used for production SSL load.          
  [High]      Web Cache owner and setuid bit'     Security     Web Cache     Check that webcached binary is not owned by root and setuid is not set          
  [High]      HTTP Server Owner and setuid bit     Security     HTTP Server     Check the httpd binary is not owned by root and setuid bit is not set.          
  [High]      HTTP Server Directory Indexing     Security     HTTP Server     Check that Directory Indexing is disabled on this HTTP Server          
  [High]      Insufficient Redo Log Size     Storage     Database     Checks for redo log files less than 1 Mb          
  [Medium]      Insufficient Number of Redo Logs     Configuration     Database     Checks for use of less than three redo logs          
  [Medium]      Invalid Objects     Objects     Database     Checks for invalid objects          
  [Medium]      Insecure services     Security     Host     Check for insecure services          
  [Medium]      DBSNMP privileges     Security     Database     Check that DBSNMP account has sufficient privileges to conduct all security tests          
  [Medium]      Remote password file     Security     Database     Check for insecure authentication of remote users (remote password file)          
  [Medium]      Default passwords     Security     Database     Test for known accounts having default passwords          
  [Medium]      Unlimited login attempts     Security     Database     Check for limits on the number of failed logging attempts          
  [Medium]      Web Cache Writable files     Security     Web Cache     Check that there are no group or world writable files in the Document Root directory.          
  [Medium]      HTTP Server Writable files     Security     HTTP Server     Check that there are no group or world writable files in the Document Root directory          
  [Medium]      Excessive PUBLIC EXECUTE privileges     Security     Database     Check for PUBLIC having EXECUTE privileges on powerful packages          
  [Medium]      SYSTEM privileges to PUBLIC     Security     Database     Check for SYSTEM privileges granted to PUBLIC          
  [Medium]      Well-known accounts     Security     Database     Test for accessibility of well-known accounts          
  [Medium]      Execute Stack     Security     Host     Check for OS config parameter which enables execution of code on the user stack          
  [Medium]      Use of Unlimited Autoextension     Storage     Database     Checks for tablespaces with at least one datafile whose size is unlimited          
  [Informational]      Force Logging Disabled     Configuration     Database     When Data Guard Broker is being used, checks primary database for disabled force logging          
  [Informational]      Not Using Spfile     Configuration     Database     Checks for spfile not being used          
  [Informational]      Use of Non-Standard Initialization Parameters     Configuration     Database     Checks for use of non-standard initialization parameters          
  [Informational]      Flash Recovery Area Location Not Set     Configuration     Database     Checks for flash recovery area not set          
  [Informational]      Installation of JAccelerator (NCOMP)     Installation     Database     Checks for installation of JAccelerator (NCOMP) that improves Java Virtual Machine performance by running natively compiled (NCOMP) classes          
  [Informational]      Listener logging status     Security     Listener     Test for logging status of listener instances          
  [Informational]      Non-uniform Default Extent Size     Storage     Database     Checks for tablespaces with non-uniform default extent size          
  [Informational]      Not Using Undo Space Management     Storage     Database     Checks for undo space management not being used          
  [Informational]      Users with Permanent Tablespace as Temporary Tablespace     Storage     Database     Checks for users using a permanent tablespace as the temporary tablespace          
  [Informational]      Rollback in SYSTEM Tablespace     Storage     Database     Checks for rollback segments in SYSTEM tablespace          
  [Informational]      Non-System Data Segments in System Tablespaces     Storage     Database     Checks for data segments owned by non-system users located in tablespaces SYSTEM and SYSAUX          
  [Informational]      Users with System Tablespace as Default Tablespace     Storage     Database     Checks for non-system users using SYSTEM or SYSAUX as the default tablespace          
  [Informational]      Dictionary Managed Tablespaces     Storage     Database     Checks for dictionary managed tablespaces (other than SYSTEM and SYSAUX)          
  [Informational]      Tablespaces Containing Rollback and Data Segments     Storage     Database     Checks for tablespaces containing both rollback (other than SYSTEM) and data segments          
  [Informational]      Segments with Extent Growth Policy Violation     Storage     Database     Checks for segments in dictionary managed tablespaces (other than SYSTEM and SYSAUX) having irregular extent sizes and/or non-zero Percent Increase settings

  Interresting is revoking UTL_FILE from public, which is critical. Also revoke UTL_TCP and UTL_SMTP. This is going to upset an expert I know...Okay, as this is (I think) aimed at me, I'll fall for it ;)
  What is the point of revoking UTL_FILE from PUBLIC? Yes I know what you think the point is, but without rights on an Oracle DIRECTORY being able to execute UTL_FILE is useless. Unless of course you're still using the init.ora parameter
  UTL_FILE_DIR=*which I sincerely hope you're not.
  As for UTL_SMTP and UTL_TCP, I think whether a program is allowed to send e-mail to a given SMTP server is really in the remit of the e-mail adminstrator rather than the DBA.
  Look, DBAs are kings of their realm and can set their own rules. The rest of us have to live with them. A couple of years ago I worked a project where I was not allowed access to the USER_DUMP_DEST directory. So every time I generated a TRC file I had to phone up the DBA and a couple of hours later I got an e-mail with an attachment. Secure yes, but not very productive when I was trying to debug a Row Level Security implementation.
  I have worked on both sides of the DBA/Developer fence and I understand both sides of the argument. I think it is important for developers to document all the privileges necessary to make their app run. Maybe you don't have a better way of doing that than revoking privileges from PUBLIC. Or maybe you just want to generate additional communication with developers. That's fine. I know sometimes even DBAs get lonely.
  Cheers, APC

• What should I know about the recent virus on apple products?

  To Whom can best help,
  I recently learned about the recent virus that infected more than 500000 computers.  I heard many talk about the software apple uses as the safest software available.  However, now that I own a few products from apple, this recent virus that got ahold of some personal information has me wondering what is the best route to protect cell phones, ipods, ipads,  and macbooks?  is there an AV recomended?  It would be great to get some adivce from apple techies. I tried looking up some information on the recent problem that had happened, I was hoping it would be addressed on the primary page of apple but found it wasn't.  I am just a little paranoid about people accessing my info and try my best to stay ahead of the virus/trojans and stuff.  for these electronics are there any really really amazing security apps people would recommend?
  sincerely, a concerned customer

  First, it's not a virus but a trojan. We mostly recommend ClamXav 2.2.4 as anti-virus software for OS X.
  Two Helpful Links Regarding Flashback Trojan
  A link to a great User Tip about the trojan: Flashback Trojan User Tip
  A related link in the tip to a checker: Malware Checker Dowload Link
  A Google search can reveal a variety of alternatives on how the remove the trojan should your computer get infected. This can get you started.
  The trojan attachs through Java. If you don't have Java installed then you won't be affected. Java is not installed with Lion.

• What's so good about the Venture?

  Can someone help me to understand this?  Lately around here I've been hearing a lot of talk about people applying for or wanting the Venture.  I'm just now starting to do my research and it's going to take me several days to get through all the recent threads.  I'm going to read all of them but I may get antsy and apply for something before then. I understand that your venture miles can be redeemed for statement credits on travel.  You get 2x miles on all purchases.  But wouldn't 2% from Citi DC or Fidelity Amex be the same thing but way better?  Even if you travel all the time, having the option to spend your points elsewhere can't be a bad thing right?  Plus the Venture has an AF.   So from where I'm sitting, the Venture looks way worse than Citi DC or Fido Amex even if you travel.  What am I missing here?
  The signup bonus makes it worth the triple pull just barely, so I may apply if I can think of a good reason.  Convince me to apply for this card!  I don't care about a high limit on a card that won't be my main spender and has a high APR... I have 0% util so padding limits isn't useful to me.  Is that the only reason people are going nuts over this card? 

  Revelate wrote:
  core wrote:
  Can someone help me to understand this?  Lately around here I've been hearing a lot of talk about people applying for or wanting the Venture.  I'm just now starting to do my research and it's going to take me several days to get through all the recent threads.  I'm going to read all of them but I may get antsy and apply for something before then. I understand that your venture miles can be redeemed for statement credits on travel.  You get 2x miles on all purchases.  But wouldn't 2% from Citi DC or Fidelity Amex be the same thing but way better?  Even if you travel all the time, having the option to spend your points elsewhere can't be a bad thing right?  Plus the Venture has an AF.   So from where I'm sitting, the Venture looks way worse than Citi DC or Fido Amex even if you travel.  What am I missing here?
  The signup bonus makes it worth the triple pull just barely, so I may apply if I can think of a good reason.  Convince me to apply for this card!  I don't care about a high limit on a card that won't be my main spender and has a high APR... I have 0% util so padding limits isn't useful to me.  Is that the only reason people are going nuts over this card? Historically this forum goes all starry-eyed when creditors start handing out outsized limits. To be brutally honest, my Venture app - I don't care about the bonus, I do care about the limit not on that card, but when I go apply for a couple of cards I do care about (non-trivial lines on balance carrying cards just in case I need them to float in times of financial stress rather than just filing a BK and being done with it, even 3 months either way is enough time for me to get something to start paying down my debt). Beyond that don't need it, sitting on a CSP pre-approval which will be my long-term travel card, and I have a Fidelity Amex already though I wouldn't mind a CLI on that someday and for acceptance and online transaction fee reasons I'd rather have a Citi DC, but end of the day we've seen far too often that current limits beget future limits, and my limits are incredibly low compared to most people on this forum but now it's time to do something about that as I get close to credit card portfolio completion.  I don't need 200K limits, I do need more than the 34K I'm on now and I do need lower APR's than what I have access to now for financial defense reasons. Venture is part of the two step process to that for me, nothing more.My thought pattern exactly.

• What is Apple doing about the "Unable to download" problems?

  So, forgive me if these questions have been asked before. But I am new to Apple, just bought an iPhone about 2 months ago. I love my iPhone, but once you start getting into the world of the App store is where the problems seem to start flooding in. Specifically with the downloading and updating portion. Downloading is sometimes a breeze and sometimes a pain as is updating. Some days I have no problems downloading or updating apps. Other days I get error messages such as "unable to download" with an option of "done" or "retry."
  The "done" option is worthless because if you select it, the app is still unselectable and will stay that way for days and the only way around it is to delete the app and reinstall if you can even reinstall it without having problems.
  The "retry" option is also worthless because as soon as you select that option, not even a second later will the message "unable to download" pop up again.
  Some days I get the error message that says something along the lines of unable to download without a wifi connection. That confuses me because there are plenty of times when I have downloaded apps without a wifi connection. So why is it that sometimes I need a wifi connection and other times I dont need it. Second, I am connected to a wifi connection right now and my app still wont update.
  I dont know about you, but I sure as **** dont like seeing that red number 1 on my app store every day, but with the problems of updating apps sometimes im forced to just stare at it every time I unlock my phone.
  So what is Apple doing about these problems?? Because I've seen alot of threads on this discussion board but they all seem to have the same answers, "turn off the phone then turn it back on" "download over a wifi connection" "delete the app and re install"

  Have you called Apple tech support or visited an Apple Store to ask for assistance with the problem? If not, then you really haven't even given Apple the opportunity to assist you with this problem. This is not happening to every iPod touch by any means, so it's most likely an issue with your particular unit. Try the usual steps: restart, reset, restore.
  http://support.apple.com/kb/HT1430
  http://support.apple.com/kb/HT1414
  If that doesn't help, call Apple support or take the iPod to an Apple Store.
  Regards.