aruna sydu

Ranch Hand
+ Follow
since Jan 21, 2008
aruna likes ...
MyEclipse IDE Oracle
Merit badge: grant badges
For More
Hyderabad
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
1
Received in last 30 days
0
Total given
3
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by aruna sydu

Hi Martin Vassar ,

Thanks for the elaborate reply.

It really helped me look at other dimension of the problem ! Multiple database calls. I was stuck up at Synchronized.

Considering the above do you think it helps moving the logic from java to procedure and restricting to single database call ?

We cannot afford the downside or gaps in the sequence as it is in production working for many years.

Lately I have read about Reentrant locks. Does it help in this scenario ?

Please advice.

Thanks,
Aruna

Hi All,

We had a performance issue with the below code, it was synchronized at method level and so it was blocking all other threads and causing issue.

At a hight level the functionality of the method is to return unique NextSequence
getting a connection from the connection pool.
quering the database table to get the existing sequence.
Increment the sequence by 1
update the incremented sequence in the database table.
return the sequence.

Any thoughts on how to optimize the below code..?




Your inputs on how and why would be helpful.

Thanks ,
Aruna.

Subbu BV wrote:Thanks to all the ranchers and specially to java ranch in helping me to get the certification.




Congrats !!!

Can you please share your experience ?



Aruna.
11 years ago

Hi everyone,

The project I am working on extensively makes use of JMX Mbean’s ( Java Management Extension ) .
This includes using of its capabilities like monitoring, scheduling , you can perform start and stop operations on MBeans
The Mbeans are deployed on separate Unix server other than where application server is deployed.

So My question, Is there any alternative to using JMX which provides all the capabilities ?

Any insights will be greatly helpful

Aruna.
Thanks William Brogden and gurpeet singh :-).That's helpful.


Regards,
Aruna.
11 years ago
Hi All,

One of my friends came up with the below question.

I have a method in which I am operating on a ArrayList like adding elements removing etc etc.
Now when n * Threads access the method will there be any issue with the ArrayList data. Should the ArrayList be Synchronized ?

It was also mentioned that ArrayList was declared and initialized in the same local method. !


Any insights will be appreciated.

Thanks !
11 years ago
Congratulations !!!
12 years ago

Hi Jeanne,

Please bear with me as I am not very good at security.

For first question the answer is B.Principle of least privilege.When I read the question I thought all of the choices are required for minimizing the consequences of a successful attack.

And the answer to second question is B and C , I absolutely agree with option C , however i could not understand why procedure should be introduced in the design to mitigate the threat.

Please clarify.

Thanks & Regards,
Aruna.
Hi All,

I got the below questions from one of the Blogs written in course of preparing for SCEA.
Please help me getting the most correct answer to this questions as I have problem figuring out.


Which is an appropriate technique for minimizing the consequences of a successful attack?

A. Input validation
B. Principle of least privilege
C. Encryption of wire transmissions
D. Use of strong/two-factor authentication


Your company is going through an extensive security audit and it has been identified that your internet-facing web site is vulnerable to SQL injection from authenticated users. Which two are appropriate for mitigating this threat? (Choose two.)

A. Using security roles in the deployment descriptor
B. In stored procedures called with prepared statements
C. Adding an intercepting validation filter to your system,
D. Requiring SSL in the deployment descriptor transport guarantee.




Thanks!
Aruna.
Thanks Andrew,

Thats informative. As Part 1 does not involve any assignment submission ,i think this can be completed before sept 31 unlike the Aug 27th deadline for part II and part III.

Please correct me ,if I am wrong.Thanka!


Regards,
Aruna.



Andrew Monkhouse wrote:I recommend you read the Oracle FAQ on these issues.

My reading of their FAQ leads me to believe that you can complete parts 1, 2, and 3 at any time without having done the training - it can be done afterwards if you miss the Aug 31 deadline.

It is also worth noting that the new rules come into affect on Oct 1st, so the deadline is not Oct 1, but Aug 31. According to Oracle's FAQ, you should be planning to have enough time to get the assignment graded and to resubmit it if necessary if you really want to avoid the training - therefore they recommend you submit the assignment and take the part 3 exam before Aug 27th.

Thanks Kumar.



kumar naresh wrote:Part I can be completed without training but for Part II & III if you are not able to complete them before Oct 1 then you need to attend mandatory training.