pci dss – Which Authentication mechanism to choose for PCI-DSS system

I want to create Angular 9 + Spring Boot application with strong security complaint to PCI-DSS security standard.

Which security protocol is preferred for user sessions in order to have high security when we use Angular and Spring Boot:

  • Session cookies
  • OAuth2
  • OAuth2 + JWT
  • JWT

for now I’m thinking to secure the application using JWT. Can you share what issue might I have using JWT and is it a good choice?

Is there a search engine with reverse search mechanism: processing multiple queries and retrieving a single result for each of them?

A regular search engine retrieves a number of results matching a single query. I need one that does the opposite: enables to input a number of queries and displays a single match to each of them. If there is no match, I need to know it too. An implementation of this approach exists, but its application is limited to the database embedding it (PubMed). Batch Citation Matcher enables a user to identify unique content in databases covering material also present in PubMed. A user can submit a text file and the engine transforms the content of the file separated in a required way into a number of queries, then displays a table with queries in one column and the information on whether the text of the queries was found in a database being compared to PubMed in another column. Is there an analogues application which can be applied to any website?

notifications – alert mechanism in python, azure

I am looking for a suggestion, I am currently building an alert mechanism application.

I have a list of mails who are concerned to the update of the data, I am using flask, python, azure to develop the application.

to send the email to people I can send them using SMTP server in azure cloud and then using python or by installing an outlook server in the cloud and then connecting that with python and by creating a cron job in the azure server where it sees for the changes and reports the changes in a certain time and send the email to a group of people.

another way is, using azure notification hub ( which I got to know when seeing such an application present in azure services or not). But I don’t know if it works or not fully yet the usage.

I am seeking help in this regard whether to use azure inbuild notification hub/ azure monitor or creating own service.

edited: for the group of people, right now I have a list of user and there information ( organization data) , as I am learning azure, I don’t have access to activate directory ( where I think using that I can make the application scaleable and define the group policies (restriction access to a certain part of an application)), is there another way to do same.

thanks

IS THERE A MECHANISM IN THE REPLICATION THAT DECLARES THAT ALL THE PUBLISHER'S RECORDS HAVE REACHED TO SUBSCRIBERS

We have a scenario in which material document postings are made in the plant and purchase invoices are posted at headquarters (against these material documents) to control the company. We have a two-way transactional replication setup between headquarters and factory. It often happens that material confirmations that arrive at the location of the plant do not reach the headquarters for jacking or purchase invoices that have been posted at the headquarters do not reach the factory and the replication monitor does not display an error. When a request comes in, we have to check manually. This leads to confusion when making decisions. Is there a way in replication to determine whether the affected material receipt entries from the plant location have reached the headquarters and whether the entries from the headquarters posted by the purchase invoice concerned have reached the plant location, OR a mechanism by which the gap between the two can be checked daily.

Kubernetes Deployments – own update mechanism?

Our deployment with migration works as follows:

  • Start with: ApplicationV1 -> DatabaseV1 (contains Events & ViewModel tables)
  • Create a second database "DatabaseV2"
  • Transfer most events from DatabaseV1 to DatabaseV2 and create new ViewModels (incompatible schema).
  • Up to this point, ApplicationV1 is still running and writing new events in DatabaseV1 (so that the downtime is minimal).
  • Now comes downtime: Quit ApplicationV1
  • Broadcast the remaining (recently added) events
  • Start ApplicationV2

What would be a good way to turn it into a Kubernetes deployment? We cannot use the RollingUpdate mechanism.

  • Is there a way to support this with ready-to-use Kubernetes mechanisms?
  • Is there a way to write your own deployment type (e.g. "RollingUpdates" or "Recreate")?
  • Is it better not to use deployments but to do the steps somehow manually? If so, what kind of Kubernetes concepts should we use? A job that then takes ApplicationV1 offline, then another job and then starts ApplicationV2?

What mechanism does WordPress use to prevent constants from being redefined?

I recently posted a comment on a general tech group on this line of code:

define('WP_POST_REVISIONS', true);

Someone replied, "If the original coders didn't know you couldn't redefine a constant, why should you trust any of their other codes at all?"

That asked me which mechanism in WordPress prevents themes / plugins / etc from redefining constants? I suspect it has to do with the order in which the code loads.

Blockchain – new consensus mechanism

I'm thinking about a hypothetical blockchain network structure. The idea is simple. Assume that each "miner" (node) on the network is identified and each person cannot have more than one identifier on the network. This means that in the event of malicious acts, we can permanently exclude a person from the network.
What structure of the consensus mechanism could we use in this network? Sure, the purpose of the speed and ease of transactions and their security.

Apple Music – Mechanism used to force iTunes Match not to match / upload songs

I have been using Apple Music for almost ten years and for the most part I have no complaints.

One problem I've encountered is that iTunes Match matches a title. Due to the constantly changing license / rights landscape, the title is removed from Apple Music. Fortunately, Apple Music / iTunes records which tracks are no longer available, but this has now happened for about 100 tracks in my library.

Has anyone else come across it / found a workaround?

Design Pattern – Use of switches as a filter or sorting mechanism

I looked up a website (page link here) and noticed this at the bottom of the page (one of the few times I managed to scroll that far):

Enter the image description here

It shows a toggle that is used to sort the comments added at the end of an article. I have never seen this before (at least in this scenario).

This is a different pattern than the one normally used for tables, i.e. H. Filter dropdowns or sort headers. I am thinking about the usability of this design pattern and whether it is something that was created specifically for a mobile long page initial design.

Is there another similar implementation example someone picked up from other types of websites?