A Framework Approach to Building an Oracle WebCenter Intranet, Extranet, or Portal

Whether you already have or are planning to build an Oracle WebCenter-based intranet, extranet or customer portal, its overall success hinges on its time to market, ability to scale, and the presence of user productivity tools. Attend this webinar to see how Fishbowl’s Portal Solution Accelerator (PSA) can provide an extensible framework that bundles reusable templates and page layouts, standards-based portlets, and in-place security administration. Join us to discover how this framework can be applied (more...)

EM12c agent installation for Windows hosts…without Cygwin!

The majority of Enterprise Manager 12c Cloud Control agent installations are pretty straight forward, just do the usual checks, ensuring firewalls are open etc. and then deploy from the EM console.  The Windows installations are not as straight forward these days, as the deployment method uses SSH connectivity which requires the installation and configuration of Cygwin as a

Read More...

Why you’re not getting hired

If you’re applying for permanent positions and not getting hired even though you have the skills the organizations asks for, consider whether you are proving your ability to learn new things.

I’m often talking to people who believe their 20 years of experience with technology X or Y should make them shoo-ins for a job. However, they are not getting hired.

The reason is that a modern organization can’t depend on the same skill being (more...)

A Big Day at Enkitec

The #enkitecworlddomination bus has a few new stops on the tour…

Today was a pretty big day at Enkitec – one that probably comes as a shock to many people.  In case you haven’t heard, Enkitec has been acquired by Accenture, which still sounds a little weird, to be honest.  I’ve pretty much spent my entire career working a small shop (well, everything is small compared to Accenture), and I’m sure that there will be a (more...)

Introduction to Websockets and JSON-P API in JEE7

Websockets (JSR 356) and the JSON-Processing API (JSR 353) are both introduced in the JEE7 specification. Together with JavaScript an HTML5, they enable web applications to deliver a richer user experience.

Websockets allow you to communicate bidirectional and full duplex over TCP, between your server and different kind of clients (browser’s, JavaFX… ). It’s basically a push technology, where, for example events or data originating from the server or a client, can be pushed to all (more...)

Becoming a Fusion UX Specialist

Following the previous post discussing the changes in the requirements for the Fusion specialisation program, I thought I’d start attacking the list of exams required.

The one that looked the most interesting – to me – was the new UX (User Experience) exam. I’ve always had a soft spot for good design and I’d loved the revamped look and feel in Fusion release 8. I also liked the fact that the Oracle UX team had (more...)

Can you keep up? Nike couldn’t

Nike have been producing the Nike FuelBand for a couple of years, but have recently thrown in the towel. I own a Nike FuelBand and have enjoyed the fact that it’s pretty unobtrusive (just a matte black rubber wristband until you press the button).

fuelband

I’ve found that the gamification aspect – you are this close to your daily goal, shown with little colored lights – worked well for me. There is a sync feature with (more...)

April 2014 CPU

Hi Oracle Security Folks, Thanks to Oracle for fixing a batch of research I sent over in August 2013 regarding ADVISOR, DIRECTORIES, GAOP(GRANT ANY OBJECT PRIVILEGE) and also a critical privilege escalation which gains 8.5 in the CPU which I am not going to publish here as I want to give folks time to patch. [...]

Dumb triggers part 2 – session level control

In the previous post, I pontificated about triggers that "lock you in" to having them fire, which can create dramas when it comes to doing data patching.

Maybe you can design your application around this, but if you cant, the last thing you want to be doing is having to take an outage so that you can disable the trigger whilst you do your data maintenance.  Ideally you want the trigger to fire (more...)

Hacker-proof key

At my hotel in London this week, I received a physical key, not a key card. In a time where millions of hotel door locks can be opened by any half-competent hacker with an Arduino microprocessor, it was reassuring to receive a security service that is actually hard to break.

Are you using appropriate technology? Remember that your fancy computer systems are sometimes much more vulnerable than the systems they replace.

Really dumb triggers

Some people hate triggers, some people love triggers…

I am not that opinionated on them in either direction, but one thing I do hate, whether it be a trigger or not, is dumb code.  And today’s post just happens to be about dumb code in a trigger.

Consider this simple trigger (you see these everywhere pre 12c):

CREATE OR REPLACE TRIGGER MY_TRG
  BEFORE INSERT ON MY_TABLE 
  FOR EACH ROW
BEGIN
   SELECT MY_SEQ.NEXTVAL INTO  (more...)

Changes in the Fusion HCM Cloud Service specialization

Oracle have recently updated the requirements for the Fusion HCM Cloud Service Specialization program. Previously, there was a set of exams that partners had to get employees through and a client reference to attain. Now the specialisation is a lot more involved:

Previously the requirements were:

1x Fusion HCM 11g Sales Specialist
1x Fusion HCM 11g PreSales Specialist
1x General Product Support Assessment (v3.0)

plus 1 pass in either:
Fusion HCM 11g Human Resources Implementation (more...)

Get a plan to increase your confidence

Image

Cross Posted from my Personal Blog

I managed to get through high school and college never taking a second language, even in the ’80s this required advanced maneuvers through the academic handbook.  Why would I do this?  Was I against taking a language?

Nope.  I desperately wanted to take a language, but I lacked confidence.

The only language offered in my high school was Spanish, and I wanted to take French or Japanese (it was the ’80s).

(more...)

An accusatory error message

I found this hilarious

SQL> startup
ORACLE instance started.

Total System Global Area 1469792256 bytes
Fixed Size                  2402776 bytes
Variable Size             536872488 bytes
Database Buffers          922746880 bytes
Redo Buffers                7770112 bytes
Database mounted.
ORA-19821: an intentionally corrupt log file was found

Really ? I intentionally corrupted my log file ?  I dont think so !

:-)


SQL injection

Another big public username and password leak…

http://o.canada.com/technology/bell-canada-security-breach-391451/

Some good reading on how it was done, and thus ensuring your code isn’t prone to SQL injection here:

http://www.troyhunt.com/2014/02/heres-how-bell-was-hacked-sql-injection.html


Pluggable database and restricted sessions

Once you get into pluggable database territory, you might need to check your usage of "alter system enable restricted session", because unless you’ve patched, there’s a little bug which lets you enable restricted session, but wont let you get out of it ! :-)

For example:

SQL> alter session set container = pdb12;
 
Session altered.
 
SQL> alter system enable restricted session;
 
System altered.
 
SQL> select logins from v$instance;
 
LOGINS
----------
RESTRICTED
 
SQL> alter system disable restricted  (more...)

Moving away from wordpress

I am sick of this advertisement on my site.

Therefor I am about to move most of my posts to

http://sysdba.ch/index.php/postlist

 

Thanks for following my blog for so long.

Lutz Hartmann


OEM List of Values for Life Cycle Status

I’ve  heard several people ask for an editable list of values for Life Cycle Status on targets.  The unsatisfying answer is that you can not add your own category.

The reason may make it more acceptable.

Your management servers use the Life Cycle you assign to prioritize uploads.

If we were allowed to add our own values they would have to expose the prioritization algorithms. 

Feel better about it now?


Good IT hygiene

Everybody knows they need good dental hygiene – daily brushing and flossing, regular checkups at the dentist. But many IT professionals don’t realize they need good IT hygiene as well – regular maintenance, security patches, etc.

If you don’t practice good IT hygiene, you will experience pain down the line. I’d like to help you avoid that – get in touch.

Good IT hygiene

Everybody knows they need good dental hygiene – daily brushing and flossing, regular checkups at the dentist. But many IT professionals don’t realize they need good IT hygiene as well – regular maintenance, security patches, etc.

If you don’t practice good IT hygiene, you will experience pain down the line. I’d like to help you avoid that – get in touch.