We have publisher asking if we can pass The Trade Desk UID 2.0 via Tags or VAST.
I have researched this within the Knowledge-base but unsuccessfully.
Related
I wish to build a Saas in the future using angular. I have always wondered how to allow users to have access to different features depending on the different packages they pay for.
For example: bronze package allows user to send 100 emails.
silver package allows user to send 200 emails.
This is a very simple example but I believe the concept will still apply.
So how do we differentiate between user accessibility to specific features?
I think you need some underlying framework - like Symfony - to build an api. Symfony with api-platform is a good choice.
Then you build your Angular app and send api-requests via fetch or axios. Symfony and api-platform handles in this case all the restriction stuff via voters and so on.
From the Microsoft Dev Center, your Publisher ID is...
the string that uniquely identifies your Windows Store developer account in your packages. The publisher ID is assigned by Microsoft, and you can't change it.
This is likely to appear in a lot of Open Source repositories for Windows 8 because it is listed in the identity element of the Package.appxmanifest file which is required in order to build your project.
A search of extension:appxmanifest on GitHub reveals almost 5,000 files with this info since the appxmanifest is not on the default gitignore.
Here's GitHub's Help Page on Removing Sensitive Data, but I'm wondering if there's a reason to be worried about it in the first place.
Q: Is there a security reason why this should remain private?
There is almost no reason under normal circumstances to keep your Microsoft Publisher ID private. (I wouldn't be surprised if there's some unique edge case where you would want to keep it private. Somebody else would have to help me out there.)
Your publisher ID is distributed every time somebody downloads your app from the Windows Store. You can view this for any app by manually opening its AppxManifest.xml, or you can use PowerShell: (Get-AppxPackage -Name "*_APPNAME_*" | Get-AppxPackageManifest).Package.Identity.Publisher
For example, (Get-AppxPackage -Name "*netflix*" | Get-AppxPackageManifest).Package.Identity.Publisher returns
CN=52120C15-ACFA-47FC-A7E3-4974DBA79445, and running the command on an app I've published to the Windows Store gives me my personal Publisher ID.
Q: Is there a security reason why this should remain private?
I will not say that this is because of the 100% security reason. But there are other factors as well. As this Publisher ID which you have obtained from your developer account at the Store will help you create a certificate with a Publisher ID of your choice. You can also create a password.
Publisher ID helps you in signing an app package
If you either create a package for the Windows Store or associate your
app with it, the Publisher attribute is set to the Publisher ID that’s
obtained from your developer account at the Store when you sign in
during package creation.
So it is your publisher ID which is actually identifying you. So its better to keep it secure.(It is very similar to take it like you will not like to give your bank account details to anyone except the bank ;-))
So if your publisher ID is not secure or is public then you may loose that choice.
Check this To create or use an alternate certificate
Kunal Chowdhury, a Microsoft MVP, has his on a blog post. I suspect that if an MVP is comfortable doing so, then it is probably safe.
http://www.kunal-chowdhury.com/2011/12/what-is-packageappxmanifest-file-in.html
Mabye consider contacting and asking Mr. Chowdhury. I'm sure he could give you good advice in this area.
I've been looking into sockjs-tornado recently and am working on a chat function for a social networking site. I'm trying to get a feel for common methods used in building scalable multiroom chat functionality. I'll outline a couple of the methods I've thought of and I'd like to get feedback. What methods are used in the real world? What are the advantages and disadvantages to these methods?
Prereqs:
running tornado
using sockjs-tornado lib
sockjs-client lib for js
Everything else is open.
Methods I've considered:
For loop
This seems like the simplest way to go. You create a user class that subscribes to certain room classes. The user sends a message class that contains a room id and the server redirects the message in the loop only to users that have subscribed to that room. This seems to me to be by far the worst because the complexity is obviously at least linear. (Imagine 500 users connected at once to 5 chat rooms each.)
Multi-tasking/multiple server instances
This also seems like a bad idea because you could have 500 server instances running at any time on... different ports? I'm really not sure on the implementation of this method.
Native support
Now granted, a lot of libraries have this built in such as socketio. However that's not an option due to the sole node.js support. (I'm on tornado server.) Socks in particular does not have built in support for multiple "rooms".
Conclusion
I'm looking for resources/case studies, and industry standards. Any help would be appreciated.
I would just use a message queue server like RabbitMQ with a fanout exchange as each "chat room".
You can see an example of using a fanout exchange in Python here.
The Pika AMQP library works with Tornado, too.
The advantage with using a message queueing system is that you can have users connected to different Tornado processes on different servers while still being in the same "room", giving you high availability on the HTTP layer.
RabbitMQ also has HA capabilities (although not the greatest).
I'm struggling to understand what you would get from the Royal Mail if you bought their PAF file dataset of UK addresses.
I was expecting that PAF was some form of database which you would host yourself, and the Royal Mail provide APIs into that database.
However, after reading this, I'm presuming that all you get is a series of files containing the data. I can't find any obvious information regarding an API.
Are there any libraries available to help you handle these files, especially from Java?
Do you have to parse the file yourself and stick it in your own database, so you can do quick lookups from an application?
If all this is true, why would you ever bother buying this off the Royal Mail? Aren't all the third party providers, with their web based APIs, just far simpler to use - in terms of both programming and data maintenance?
Apologies if I've missed the obvious on this one, but I find the Royal Mail site lacking in information. I'm beginning to think that I've misunderstood their PAF file offering.
The postcode address file (PAF) is a set of data-files provided by Royal Mail that contain all address in the UK. My understanding is that it's normally updated every three months.
I'm aware of two companies that have products that supply APIs into the PAF data: QAS and Capscan. With these you're able to search addresses to find missing postcodes or vice versa. APIs include both web-based solutions and native calls.
Why you'd buy direct from Royal Mail? Because you'd want to write your own query tools rather rely on third party products or you want to do data-mining that other products can't provide.
Could you import into a SQL database? Yes, but only after you'd written your own PAF file parser.
Why use these over web-based tools? Because you're sitting behind an intranet, have limited internet access from servers, restrictive licensing from any web-based solution, etc.
It's all in wikipedia
http://en.wikipedia.org/wiki/Postcode_Address_File
Check out www.PostcodeAnywhere.co.uk a web-service based lookup site. Also desktop lookup app available. Decision likley to be based on lookup volume, ease of use, costs, etc. But for low-medium volumes, simple implementation in a few minutes and 'automatic' maintenance built-in.
I've subsequently found this page where you can order a sample data set. It states:
Please be aware that Raw Data contains no software and the data must be processed for use in IT applications. If you do not wish to program PAF or Postzon then we can supply it to you in a pre-written application known as UK Addresses on CD
The UK Addresses on CD page goes on about something called "UK Addresses Utilities", and it states:
The UK Addresses CD also contains a set of dynamic link libraries and provides the ability to interrogate the address datasets programmatically through a .NET 2.0(+) DLL.
I have written something in C# that can parse these files into SQL Server
https://github.com/Telexx/Royal-Mail-PAF-Parser/
Can anyone explain at a beginner-intermediate level the terminology of "bus", "transport" and "endpoint" in the context of an enterprise service bus? I'm a C# developer with a few years experience now, but only just starting working with an ESB.
It seems that the "bus" is effectively a queue to which you can send and receive messages. I'm fine with that. However I'm working on some existing code using NServiceBus and I think if I grokked the "endpoint" and "transport" terminology I'd make a massive leap forward in my understanding.
Let me try to clarify those terms to you:
Bus in context of ESB architecture should not be considered as simple queue for message dispatching. To allow integration of different services, ESB provides much more. Important additional functionalities of ESB:
Routing. Messages can be routed to different services, depending on message content or endpoint specification.
Message Transformations/Mediations between different formats
Transport protocol conversion. ESB should be able to seamlessly integrate applications
that use different transport protocols (JMS, HTTP/S, pure TCP, etc.)
Message enhancement. Messages can be enriched with missing data before further processing.
Security
Management and Monitoring
Those functionalites are provided by services that operate within ESB. Services connect to each other via endpoints - uniform, unique "addresses". Messages dispatched between endpoints are using unified transport (method/protocol that encapsulates message's payload). Application that natively use different transport, need to connect to ESB via suitable adapter - service that will provide necessary transport conversion. This way applications that use ESB are decoupled from each other and don't need to provide conversions themselves.
Of course, those are only very brief descriptions of terms. Remember, Enterprise Service Bus is only catch-term for specific kind of architecture (or concept), but it is not standardized in any way. So specific implementations can be very different from each other.
If you are interested in standardized ESB, you can take a look at JBI (Java Bussiness Integration). There are several open-source implementations of JBI avalable, among them Apache ServiceMix, Mule, OpenESB. Very good introduction to ESB technologies is presented in "Open Source ESBs in Action" book published by Manning.
I would recommend looking at resources related to Enterprise Application Integration (EAI), which revolves around the ESB and various models and patterns used to integrate solutions. Think of it is a GoF for ESB architectures:
http://www.enterpriseintegrationpatterns.com/
and
http://www.enterpriseintegrationpatterns.com/toc.html
All of these patterns would give you an idea of what people use ESB's to achieve and the patterns are useful for providing common pitfalls of do-it-yourself ESB integration. I've learned an immense amount through that book and through people that source from it.