Hi I am trying to develop an app that can talk to applets installed in UICC and enable payments.
When working on it , I lost a little bit because of lack of domain knowledge and it would be great help on following questions,
Global Platform vs Open Card Framework and Java Card, what is the different?
I found that I have to deal with CRS and so many different applets related to GP but I am lost here to understand what is the stack of these technologies?
Javacard specifies the runtime that runs your app (VM specs, bytecode format, general purpose APIs). What javacard does not cover is how applications are deployed, and managed remotely. This is the main purpose of GlobalPlatform card specification. GP defines a concept of security domains which support external stakeholder's assets in the card (application, data and security keysets). GlobalPlatform makes it possible to a third party to discuss with the card's issuer and deploy its secrets and assets in a way that the issuer cannot know about these. "OpenPlatform" is the former name of GlobalPlatform I believe.
Related
Getting Started with Bluemix, what were your first applications using the platform? They could advise me? And forgive anything for the question.
Thank you for attention.
I think it depends on what is your programming experience and your personal preference. If you want to begin programming with the classic Object-Oriented paradigm you should try Liberty runtime. Instead if you like the scripting languages maybe you could give a try to Python, Ruby or Go runtimes. All of them provide a sample application that you can extend as you want, and have very detailed documentation. I suggest you to take a look at IBM Containers, they are very interesting and powerful, and they make you able to do potentially anything with the platform.
If you come from the on-premise world, please notice that Bluemix is built on Cloud Foundry, and there are two important considerations to think about:
Local file system storage is short-lived. When an application instance crashes or stops, the resources assigned to that instance are reclaimed by the platform including any local disk changes made since the app started. When the instance is restarted, the application will start with a new disk image. Although your application can write local files while it is running, the files will disappear after the application restarts.
Instances of the same application do not share a local file system. Each application instance runs in its own isolated container. Thus if your application needs the data in the files to persist across application restarts, or the data needs to be shared across all running instances of the application, the local file system should not be used.
For this reason local file system should not be used.
Personally since I had some experience in JEE + WAS my first application was a Web app developed on Liberty Runtime.
I suggest you to become familiar with IBM Bluemix DevOps Services, that allows you to develop, build and deploy working on a web IDE.
So the various runtimes and services within bluemix provide 2 types of samples to help you get started. Boilerplate, which are samples you can extend to develop new applications and there is a "deploy to bluemix" button on other samples which can be used to automatically get the sample installed and ready to try. What you start with is usually something like this to see it working and then go from there.
This question already has been answered in a way. But I think what you are looking for are the types of applications you can develop using Bluemix.
To directly answer your question - the first application I developed used the Concept Insights Watson service to extract insights from some news articles and create a concept based news search. I also experimented with Language Translation service where-in I converted the contents of a web page from English to Spanish.
If you look through the documentation pages for the various Watson services, you would come across various use cases where a particular service is applicable.
On a more general note I can see that Bluemix would help us to write some really smart applications in an easy way. The Watson Services provide a real simple interface to all application developers by taking away the highly complex tasks of machine learning and AI algorithms which would need a good level of expertise if done on our own.
Additionally, Bluemix is just like any other PaaS for e.g AWS or Google Compute Engine or Azure. Bluemix does provide relational databases, queues, time series database containers etc as a part of the platform. These would need to be used by the application that you are developing to cater to use cases of inter-process communication, data storage etc.
Hopefully this answer provides you some insight on what applications you can write with the Bluemix concept insight services
Our local applications run on WAS ND. When we moved to trying Liberty on BlueMix(as application, not service), typical problems were mostly around 12 Factors.
Config && Dev/Prod parity --> Earlier our configurations were in files inside application or configured in WAS. With Liberty, we were forced to externalize that and it was easy to setup environment variables in BlueMix.
Process --> As state-fullness was no longer an option, we had to change our application to store session outside, in relational as well as document DB.
Logs --> Logs are not available in local logs files as earlier.
Ephemeral instances --> As mentioned by Umberto
was wondering if anyone had a solution (hopefully simple) for how to change the repository that a SAPUI5 app pulls from.
i.e. when I'm accessing my app (might be hosted anywhere, but for argument's sake lets say on HCP in EU) and I'm in the EU, it makes sense to use the EU repository:
https://sapui5.hana.ondemand.com/resources/sap-ui-cachebuster/sap-ui-core.js
when in the US however, I'm going to get much better performance if I use the US repository:
https://sapui5.us1.hana.ondemand.com/resources/sap-ui-cachebuster/sap-ui-core.js
But short of having a US app and a EU app, how can I achieve this? I don't want to pop-up a request for the user to allow their browser to know where they are via using HTML Geo capabilities http://dev.w3.org/geo/api/spec-source.html and it seems most solutions to map IP addresses to location charge a fee (which I don't want to have to pay)
The standard way for this sort of thing on the web (afaik) would be just to use one address and have a CDN sort it out for you.
This doesn't seem to have happened for SAPUI5.
Anyone know why not? Or perhaps it has, and I just don't know about it, that would also be a very happily received answer.
Now, as of January 2015 there is such a CDN (with geo routing) implemented for OpenUI5 (or more specifically, for everything below the URL https://openui5.hana.ondemand.com).
It does not only serve the data from the closest SAP data center (Germany, USA, Australia), but uses the popular Akamai CDN technology on top, which provides thousands of servers around the world.
See http://openui5.tumblr.com/post/108835000027/openui5-in-your-neighborhood-a-true-cdn-has-gone for more details.
there is currently no such CDN with automatic routing to the closest server, sorry.
Reasons? Lack of time, money, demand...
There may be even free offerings for Open Source libs, but the total of UI5 is larger than your typical JS lib, so I'm not sure they would want it. And in older IE versions the cross-domain loading wasn't working anyway due to missing CORS support, hence a local deployment was preferred. And custom-tailored minimized runtimes for apps are the best for good performance, this is also not something a CDN can deliver. So currently there is no such thing even though it would be obviously good to have.
UI5 will load awesome fast if is part of a real app. Real app means a installable app from an App Store were the UI5 library is part of the app itself and not loaded from a server. That is the real destiny of UI5 and not putting it on a Gateway/Server (the Fiori Way, although there is the Fiori Client which tries to solve this).
I understand that SAP wants SAPUI5 on the backend because of integration in the SAP software lifecycle management. But it is bought with bad performance and caching issues. A very high price in my opinion! Luckily OpenUI5 is free to be part of real apps.
I can't find a definitive answer on this, but a the moment I'm guessing not. If not, is there any possible workaround other than proxying via a server?
By way of interest, I'm just trying to connect to Gmail imap for a small test application...
No, WP7.1 does not support SSL sockets.
Edit
Typically you would use SslStream to implement SSL over TCP. Unfortunately, SslStream is not available in Silverlight or WP7. You have to roll your own (which is a bad idea, but possible), or use a third party library.
As mentioned by Eugene, there's SecureBlackbox, but that's more than a thousand dollars (minimum, depending on your many license choices) to use in a commercial product. If you're doing this on your own, that's probably too big an upfront cost. If you're doing this for your company, it might be a route to consider.
Another option might be to try to use BouncyCastle in WP7, however BouncyCastle doesn't currently release WP7 compatible binaries and may rely on framework items not available in WP7. This blog entry implies it might be possible, but will require some tweaking.
If you're a solo dev, I'd recommend at least trying BouncyCastle before considering SecureBlackbox. If you're doing your company's WP7 app offering, start with SecureBlackbox.
Our SecureBlackbox offers SSL support: you can use SSL engine with any transport (including sockets and pigeon mail) or you can use socket-based client component. There's a WP7-specific problem with certificate validation though - as WP7 doesn't let us access system certificates, you would need to have trusted certificates list in your application. Not a big problem with our components (SecureBlackbox includes complete certificate management as well), but you need to be aware about this extra step.
As far as I know, IPWorks by /n Software is offered for Windows Phone Mango, but I don't know exactly what they offer in SSL aspect.
I did get Bouncy Castle compiling for CF 3.5 - it's probably not a stretch to use that work for Windows Phone.
Internally we've been using an internal port of OpenSSL for Compact Framework apps for ages, and it wasn't a difficult port. I suspect getting that working under Phone also wouldn't be overly difficult.
I need to develop a mobi site for a client, do I need a specific server setup for this, or are there any additional server configurations that I need in order to render a mobi site or does it work the same as a normal website?
A .mobi domain is not different (in terms of setup/configuration) than a .com
Even from a technological point of view, you can develop a mobile oriented application using the web technology (Java, PHP, Python, PHP...) and hardware infrastructure you prefer.
From the developer perspective, there's good instructions for .mobi compliance here, and ready.mobi is a great and free testing tool to evaluate mobile-readiness using industry best practices & standards.
ready.mobi is a great tool for testing compliance for this. Also, there's good instructions for .mobi compliance here.
I believe that you should check the availability of Javascript in the target platforms.
Your server should be able to serve pages with the application/vnd.wap.xhtml+xml MIME type, otherwise some WAP browsers wil not render the page correctly (Nokia series 60).
Is there a online/cloud-ish app engine with an available Perl option?
I'd like to write and deploy a personal web app that's hosted by some existing web App engine (the app's fairly simple and resource-cheap, but does need small online storage. If anyone cares, it's basically a family-scope shopping list to be used off of smartphones and PC web browsers).
I'd rather not host it on my home PC's Apache, due to concerns about downtime (my broadband connection is less than stable).
The main candidate my investigations uncovered so far was Google App Engine.
My understanding is that Google App Engine only has Python or Java APIs. Catch is, I'm a Perl guy, with zero exposure to Python.
And if so, is that specific engine inferior enough to Google's engine that it would be worth it for me to learn Python just so I can use Google's? (I don't mind learning Python in theory but I am somewhat stressed for time so I'd rather not embark on that particular project for now - I just want to get the app done and use it).
There was an attempt at one point to get Perl running on the Google App Engine (GAE). However if I recall the nature of the GAE made these attempts difficult, and the group behind the push lost momentum.
Perl applications can (and are) easily hosted on AWS EC (Amazon), Linode (a Virtual Private Server (VPS) provider) and several other solutions. Linode specifically has a VPS solution for $20/month that can host a full Catalyst web stack and comes with, as of this writing, 16GB of storage.
For reference: Perl AppEngine - Project to get Perl on the Google AppEngine.
However like perigrin has already mentioned the project as stalled. Though note its stalled and restarted twice now so don't rule out another revival!
I believe GAE as had its growing pains and was just too much of a slippery moving target for the Perl AppEngine developers. With the inclusion of Java on the GAE it is/was hoped that things would settle down a bit.
Remember Google have promised that "other" languages would be introduced to GAE. So Perl and even Parrot VM may well get on there in the future.
Additional references:
Perl on AppEngine - Brad Fitzpatrick
GAE add feature list
PAE mailing list
/I3az/
Your best bet is to just get a basic web hosting account for $5 a month. As a random example, see Geekisp (This is the ISP I use for such things and have had great service.)
This give you most of the benefit of a cloud solution (ie someone else is doing most of your administration work, leaving you free to just handle the content.)
Learning both the Google App Engine API and Python is probably not worth it for an app that will never need to scale, which is the other main benefit of being "in the cloud".
Another option may be Phenona. It's in beta now but looks very promising.
dotCloud will host perl for you.
However, the cheapest plan (32MB of RAM) is $4.32/month