So it seems like PCI compliance has a number of factors that are either unclear or they contradict each other in the requirements.
We have an ecommerce website that we manage. I see a large number of items that are required in section 6.3 that apply to internal and external applications (including web admin panels to those applications).
Then there are only a couple requirements in 6.6 that apply to public-facing web applications.
Is an ecommerce site considered to be part of the "External applications" or are those things like CRM's and Accounting systems and a ecommerce website is considered to be a public facing web application?
If it is an external application then under 6.3 you are required to have manual inspection of all code but in 6.6 you don't have to have manual inspection of all developed code if you employ a web application firewall. This is the primary point of my confusion.
Any open source server-side dialect like Python can be utilized to make a shopping basket. For a fledgeling, PHP sentence structure is less complex to process.
You have to learn PHP to assemble something like a shopping basket content administration framework.
With front-end aptitudes, you could create custom topics for open source stages like Magento to supplement your wage until the point when you learn PHP.
Related
Hi I am a college student and a newbie in web service. I did some research about web services however, and I am going to add a web service to some websites in my institute to integrate data from them. Since they are various CMS (like I mentioned in the title), I need info about them.
What I ask about is the features, advantages and disadvantages (and maybe the requirements needed) about web services in each of the CMS (DSpace, Moodle, EPrints, WordPress, Joomla, Open Journal System)... for example, if I’m not mistaken, WordPress provides web services like RSS. Do the others provide it too?
Sorry for the vague question, but I really have no idea - especially about DSpace, Moodle, OJS and EPrints - any information would be helpful.
Web services (which can be SOAP or REST based), you may call them also APIs, have little to do with RSS feeds (from my point of view).
Web services generally will provide an interface and exchange data. How they are implemented behind the interface they expose, it's not relevant to the client.
Wikipedia defines web services as a "software system designed to support interoperable machine-to-machine interaction over a network." As implementation they are more complex than RSS feeds and are usually used to integrate business applications (like connecting an ERP with a CRM system).
On the RSS part, all decent CMS should have RSS available (in a form or another) generally for sharing content.
From my knowledge Joomla! don't have any web services implementation (Joomla! is working on a draft document as we speak). Wordpress has XML-RPC Support.
So it's kind of important to understand what does "data" mean. Do you strictly refer to content (like articles, blog posts) or do you want to exchange other data as well (for example user data or other data stored in the CMS tables).
So to kind of answer your question, to integrate articles from all CMS probably using RSS feeds will be enough.
DSpace started life as an institutional repository software and is trending toward a more general digital asset manager. It really emphasizes preservation (checksums, auditing, item level versioning) and descriptive information of the content it handles. It generally handles any file equally well: a WARC, MPEG, TIFF, MS Office, etc., but it isn't really focused on web publishing of that content, but simply online access to and download of it.
There's an independent REST API for it, and it comes with SWORD support. Content can be published in an RSS feed - I don't know if DSpace has any functionality for importing content that way.
My first instinct is to say this isn't what you're looking for. DSpace is focused on long-term retention, organization and access to content, not so much quick (or automated) aggregation of content from online sources.
I want to write a .NET application that will interface in realtime with Dynamics NAV 2009 and 2013. The application will have to read and update entities such as customers and stock items.
Using the provided webservices seem to be the best candidate as a point for integration, and I've tried some basic tests reading, updating and creating items using webservices based on Pages and a .net client.
Unfortunately, I am very new to Dynamics, and I have some questions that probably reflect that lack of experience.
First - webservices can expose either Page or Codeunits. Is Page the correct option to use for interfacing to say - create a customer?
Secondly - My understanding is that Dynamics NAV is rarely deployed without customisation. Would a typical customisation in NAV e.g an addition of a field involve changing a standard Page, and will this change then be reflected in the webservice definition?
You are right - given your requirements, webservices are probably the best option for interfacing with NAV.
Regarding your first question: page web services know how to handle concurrency, and, thanks to the way Visual Studio encapsulates them, expose rich types that you can interact with from your .NET code. All the basic CRUD operations can be carried out using the exposed methods. For a more detailed comparison between codeunit web services and page web services, please refer to http://msdn.microsoft.com/en-us/library/dd355398.aspx.
I think most developers choose not to publish the normal pages (the ones aimed at the NAV Windows Client; previously known as the Role Tailored Client), but instead, create separate, tweaked pages for publishing as a web service. But, if you prefer, I guess you could add your custom field to the standard page and publish that as a web service.
Hope this helps! Good luck! :)
I am quite new to Sitecore WCM and have been doing a lot of research and readings. Could someone please help me to clarify the following
basics of Sitecore?
I've a number of ASP.net web applications. If I convert the project to Sitecore project will it just work magically?
If I want to create new site, do I need to manually create a new site in IIS or Sitecore does it when I publish?
Are there any online training videos available, could not find a single (except Sitecore marketing demo).
If we have MVC and Web forms applications, is it possible to migrate to Sitecore?
First off, welcome to Sitecore!
Regarding your questions:
I've a number of ASP.net web application. If I convert the project to Sitecore project will it just work magically?
A Sitecore website is an asp.net web application. It just happens to start off with databases, DLLs, and web.config entries that are ready for you to get the CMS up and running. Standard .NET code works just as normal. However, part of what happens when you first setup your site as a Sitecore website is that Sitecore starts intercepting requests for pages and attempts to bind them to pages in the content tree. If a content item doesn't exist with the matching path, it won't return.
This is particularly important if you plan on just standing up your existing pages alongside new Sitecore pages. Your URLs won't initially work, and you'll have to do some configuration to get them to resolve and be ignored by Sitecore.
However, if you do NOT want to put your pages alongside the site and instead integrate them into the Sitecore solution as content items, you'll likely need to re-architect your solution. Sitecore uses 'sublayouts' (ASCX) for different components on a page, and these need to be represented in the database and the code base, and then added to content items as part of their presentation details. This can be easy, if your site is already heavily architected towards components, but sometimes you'll need to create a bunch of ASCX to represent your different pages.
Your business logic should not be affected, unless you decide to make changes to start leveraging configurations in the Sitecore database or accessing properties of the current context item. In this manner, your code should execute "out-of-the-box".
If I want to create new site do I need to manually create a new site in IIS or Sitecore does it when I publish?
Sitecore doesn't "create" anything when it publishes. Publishing is really just an action of taking the content approved in the Master database and pushing it out to the Web database for the selected target. Your IIS sites, and anything else you need for your application, you just setup as you normally would.
Are there any online training videos available, could not find a single (except Sitecore marketing demo).
I highly recommend taking the developer training that Sitecore provides. It's a very good introduction to the concepts, especially if you aren't working with folks who have a lot of Sitecore expertise. It also allows you to meet some other folks who are getting into Sitecore and you can help each other out.
If we have MVC and Web forms applications, is it possible to migrate to Sitecore?
Sitecore is a .NET application at its core, and web forms work. MVC is also supported with the most recent versions of Sitecore.
I know this question is a little old, and already answered, but I think I have some info to add.
I've a number of ASP.net web application. If I convert the project to Sitecore project will it just work magically?
Nothing is magic. If you want the content management or marketing aspects of Sitecore, plan on rebuilding your site(s) within Sitecore.
If I want to create new site do I need to manually create a new site in IIS or Sitecore does it when I publish?
Sitecore is an IIS site. When you install Sitecore, it creates an IIS site along with at least 3 databases (core, master, & web). Sitecore can have multiple subsites, but they're all built within the single IIS site that is Sitecore.
Are there any online training videos available, could not find a single (except sitecore marketing demo).
These videos may not have existed when this question was originally answered...so here's a few I found useful.
Sitecore Training: Developer Fundamental Series - Creating Visual Studio Project for Sitecore
Sitecore MVC - Getting Started (Part 1)
Sitecore MVC -- View Renderings, #Html().Sitecore, and Models
If we have MVC and Web forms applications, is it possible to migrate to site core?
Webforms and MVC are both supported in Sitecore. You will be thinking of both of them in a different way whenever you are rebuilding them in Sitecore though.
1) You can create blank solution and add existing items like sublayout, css , javascript etc and obviously need to change some codebehind. But sitecore has different database structure compared to normal web applications , so you will need to create template, items etc.
2) For sitecore , you will need to create website in IIS and make entry in your host file as follows:
local path C:\Windows\System32\drivers\etc find hosts file and in that file add entry as
127.0.0.1 yoursitename.com
3) For demo video you can try Sitecore channel videos for basic sitecore learning from Youtube.
This is quite a concept idea. I would like to create a website that can be extend by different programmer a bit "a la facebook"
Let's me explain i want to develop a very simple core application that for example would store images and i want to develop or allow external developer to develop web app that would be able to act on the image i can take this example of an OS that would store files and you can "install" different program for example to view the files or edit.
How can i reproduce the model in the Web / cloud plateform using API ?
I hope this question make sense to any body.
Thank you by advance
Web Services. Try looking up REST and SOAP.
The Semantic Web is trying to solve this by publishing structured data with common ontologies.
See this example, describing the user's photos as RDF, using the FOAF ontology:
http://www.semanticoverflow.com/questions/201/describing-in-a-foaf-file-assets-of-a-user-photo-album-video-album-etc
The Semantic Overflow website is an excelent resource to find out more about the semantic web in general, and how creating webservices that use a common set of interfaces can allow a greater reach, because tools don't have to be specific to a website.
I work at a company with a large SAP investment, and we also have dozens of large .Net systems (mostly internally for engineering systems), and Java platforms (mostly for external web applications). As such, we have large development shops on ABAP, C#, and Java EE.
We have decent standards for which platform to use in which domain, but we don't have a lot of clarity around when to use web UIs and when to use desktop UIs.
I've seen some excellent research on this topic in the past (like this), but I'd like something a little more structured
I'd like to build a decision tree based on best practices to help with this question.
Some of the criteria I've seen in the past include:
Is the application targeted to users
with different OS configurations?
Does the application require OS-type
functionality for sorting and editing
data? (I know that AJAX /
asynchronous JS has made possible
much richer desktop-like
functionality to web applications,
but some would argue the desktop is
still king in this area)
Will a web application be able to
provide the availability,
responsiveness, clarity, and utility
that can be delivered with a desktop
application?
I think we are seeing the separation between Web and desktop applications softened quite a bit. Rich internet applications (with Flex, Silverlight, Ajax) started this trend, and WPF with XBAP is taking the user experience of browser-based applications to another level.
It is becoming a bit more involved to have this argument, because there are now more flavors in the spectrum between Web and desktop apps.
Some more questions to ask:
What is the primary objective of the app - data manipulation, or data viewing?
What is the number of data points/records that need to be viewed/edited together on one screen?
What is the organization's IT infrastructure look like? Will they be able to accomodate new deployment models?
Will users work with a central database from remote locations?
Does the organization have a VPN infrastructure of off-site users, and how do users authenticate?
Are there existing applications that the same user group is working with, and how are these applications deployed?
Does the application need offline capabilities?
Given that they are so different, what is the skill set of the development team for web and desktop APIs?