What are primary architectural components of an ecommerce system?
Following are some of the primary architectural components of an ecommerce system: Functional Customer Profile Catalogs Pricing Shopping Cart Checkout Order Payment (Integration with multiple payment systems) Shipping (Integration with multiple shipping system) Fulfillment (Integration with external fulfillment systems) Campaigns (Promotions & discounts) Products Search Products reviews and ratings Non-functional Content Management Reports (Sales, web usage, user) Multi-channel Analytics
Logging Tips/Best Practices for Newbies
When starting the career of application developer in IT with one or more programming languages, one thing which is kept on back burner and kept for really long is logging. In fact, when I started my career as a programmer, when I realized that I wanted to know about what to log and what not to log, it was almost 4 years or so. This was my involvement in learning nitty-gritties of programming language itself, and not paying enough attention to logging at all. And, when I learnt most of it all, I realized how much value I added to programming by logging appropriate stuff in log files which was …
Migration Challenges from ATG 9.x to ATG 10.x
Following are some of the migration challenges from ATG 9.x to ATG 10.x: The migration can be achieved by executing scripts provided by Oracle, the information about which could be found in their detailed migration guide or the same can be accessed on this page. However, it is recommended to have an experienced migration architect deal with migration initiative from 9.x to 10.x versions. It has been found that migrating directly from any ATG 9.x versions to any ATG 10.x versions landed up with one or more issues. If the current ATG version is at 9.x, it may be advisable to first migrate to an intermediate 10.0.3 version and, then migrate …
How a Content and Digital Marketing Guy Can Change the Game?
Most of the small to mid-size companies are competing in the common technologies space such as Java/JEE, .NET and open source technology stack wherein they do not have much unique to offer. And, this creates tremendous pressure on the sales team to perform and sign on new customers in order to remain sustainable and profitable. And, the common techniques used by sales team to reach out to customer includes emails and cold calls. This methodology, however, does not prove that effective given every companies’ sales team adopt same set of techniques. This puts pressure on sales team as well as senior management teams to find out USPs that they have to …
Top 6 things to Avoid Logging
Following are some of the things you may not want to write in the log file or write in masked form: Passwords (goes without saying) Database connection strings Encryption keys/access tokens Sensitive personal data Session identification value (must be masked) File Paths (consider masking)
Different Roles & Responsibilities in a Business Process Lifecycle
Following are different roles and responsibilities involved in a business process lifecycle which consists of four key stages such as modeling, implementation, execution/control and monitoring/optimization: Process Owners: The primary responsibility of a process owner is to own business process from strategic point of view and has end to end responsibility for the process. The diagram below represents the spectrum of responsibility of a process owner. The details could be further read on this page. Process Analysts: Process analysts analyses the business processes with the process owners and define the process model including information such as activity flow, information flow, rules, documents, business policies, business rules, performance measures (KPI). IT Developers: …
What are different types of Business Processes?
Following are different types of business processes: UI intensive processes: Navigational flow and data aggregation is controlled from a user interface layer rather than in a BPEL process. These processes are used for cases where a GUI application performs the process orchestration or control. Synchronous transactional processes: These are a collection of short-running BPEL processes provide real-time responses to graphical user interfaces or for transactional sub-processes. These are used for cases when you need high performance and the caller needs a response immediately. Asynchronous transactional processes: The invoker/caller makes the request and does not wait for the responses. Process is assured to occur at a later time in a separate transaction. These processes are used for cases when …
Why REST with Bonita When You can Mix ‘N’ Match :-)
To give you quick overview on what is referred to as Bonita here, Bonita is referred to as BonitaSoft BPM Tool. As per BonitaSoft corporate website, Bonita BPM improves business operations by connecting people, processes, and information systems into easily managed applications. The blog aims to highlight some of the aspects of Bonita BPM REST API and, some of the reasons due to which one would want to go with REST based integration with Bonita BPM. Those of you working with BonitaSoft tool including Bonita Portal for accessing workflow applications on top of BonitaSoft workflow engine & Bonita Studio for creating workflows, may have been exploring to find out ways and …
Make Business Analysts Your Friend & Deliver Great Product
In my experience, I have found application developers not very clear on roles and responsibilities of business analyst (BA) and, more importantly their need in the project. Thus, they do not pay attention to what business analysts has to say on the requirements and end up faltering on various aspects of project execution due to lack of proper understanding of the business requirements. This creates a lot of frustration to both application developer and business analysts. Below is a diagram representing a conversation with BA and an application developer. What is the problem if business owners and application developers communicate directly without a business analyst as a bridge? The …
How to Create Your Next Web Application on WordPress
If you have decided to code your next web application on top of WordPress framework, following are some of key considerations that would help you to get started quickly: Database interactivity from your custom pages Creating custom pages Retrieving GET parameters URL Rewrite Following is detail on all of the above points: Database Interactivity: Having your custom pages interact with the database is one of the key. Following are tips to get set with database connectivity from custom pages.The database information including host, database name, username and password is all configured in the wp-config.php in the root folder. All you got to do is include wp-config.php file in your database …
Top 3 Most Visited Blogs for Great Software Code Quality
Following are top three most visited blogs this month in relation with software code quality: The rule I followed to become a great developer Refactoring 3000 lines of code Security code review tips for application developers Thanks to my readers for appreciating above blogs. I shall keep it flowing…
Strategies to Consider for Your Code Migration Project
Are you planning to start your code migration project. Have you been looking forward to accelerate your code migration project while ensuring that the quality is not compromised? Following are some of the strategies that you may want to consider for your code migration project: Development Methodology: As code migration requires greater team collaboration and frequent testable releases, it may be advisable to adopt agile development methodology such as SCRUM. With agile development methodology, the features to be migrated could be put in the backlogs and the migration is done based on this backlog. Agile development method ensures that you have complete visibility at all times on what is done …
Minimum Security Coding to do Before Your Website Launch
I am sure you are very excited to launch your website as soon as the coding for minimum functionality is complete. However, I would only suggest some of the following as bare minimum which you may consider as important things to be taken care before your website launch: Input validation: Some of the following OWASP top 10 vulnerabilities can be averted if only we do coding for input validation. You would give an argument that you actually do the input validation and what different you need to do. All I would say is what you do in form of input validation is one or more of business rules representing boundary …
If I Woke up as a Test Engineer One Day…
If I, being an application developer, have to spend a day as a tester, following are some of the activities I would do: Analyzing Test Cases: Examine test cases and make sure that the coverage is maximum in terms of including all test scenarios in relation with the use cases. Test Automation: Look for the areas which can be automated and suggest the same to my lead/manager. Digg a little deeper in the code to find bugs which are difficult to find in manual testing. Learn techniques in performance testing as I am very passionate about the same. Learn few tips and techniques in security testing, along with knowledge on …
The Rule I Followed to become a Great Developer
DISCLAIMER: The article is in no way an intention of bragging about my development capabilities. The intention is only to emphasize in so many ways on a rule which can surely, in my opinion, help developers improve quite a notch and become a better developer. I would like to reach as many developers as possible with an intention to create a belief in them regarding the principle I spoke. Thanks for reading the blog. Please feel free to share. For several years that I spent in IT industry while working on a different roles and responsibilities such as developer, technology lead and architect, I was looking for that ONE THUMB …
Security Code Review Tips for Application Developers
One of the key aspects of secured application development practice is Security code review. Security code review, as like normal code review, could be done either in automated fashion using one or more tools, or in manual fashion where one or more developers are involved in doing code review. Unlike application normal code review where one needs the knowledge of business functionality and programming language & related technologies’ knowledge, Security code review requires knowledge on different aspects of security including some of the following: Common threats (STRIDE can be a great place to start understanding threats) Vulnerabilities (OWASP Top 10 describes most common vulnerabilities) Remediation techniques recommended in that programming …
I found it very helpful. However the differences are not too understandable for me