- EngineeringWay

EngineeringWay

Shaping the great minds.

Saturday, 3 February 2018

Set Up Single Sign-On for Your Internal Users | Salesforce | SSO | Axiom

2/03/2018 11:36:00 pm
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session. On the back end, SSO is helpful for logging user activities as well as monitoring user accounts.
Some SSO services use protocols such as Kerberos and the security assertion markup language (SAML). SAML is an XML standard that facilitates the exchange of user authentication and authorization data across secure domains. SAML-based SSO services involve communications between the user, an identity provider that maintains a user directory, and a service provider. When a user attempts to access an application from the service provider, the service provider will send a request to the identity provider for authentication. The service provider will then verify the authentication and log the user in. The user will not have to log in again for the rest of his session. In a Kerberos-based setup, once the user credentials are provided, a ticket-granting ticket (TGT) is issued. The TGT fetches service tickets for other applications the user wishes to access, without asking the user to re-enter credentials.

Configure Inbound SSO with a Third-Party Identity Provider


Let’s start configuring inbound SSO with a third-party identity provider.

The head of your IT department, Dharmik Patel, tells you to set up Salesforce users with SSO so that they can log in to your Salesforce org with their engineeringway network credentials. Here, we walk you through the steps to set up SSO for engineeringway Tech’s new employee, Darshil patel. You’ll set up inbound SSO using the Axiom Heroku web app as the identity provider.

Is this starting to sound difficult? It’s not, really. Let’s break it down into simple steps.
  1. Create a Federation ID for each user.
  2. Set up SSO settings in Salesforce.
  3. Set up Salesforce settings in the SSO provider.
  4. Make sure it all works.

Remember what the prerequisite is for SSO? That’s right, a custom domain. Because you’ve already completed the unit to set up your custom domain, you’re ready to go.

Step 1: Create a Federation ID

When setting up SSO, you use a unique attribute to identify each user. This attribute is the link that associates the Salesforce user with the external identity provider. You can use a username, user ID, or a Federation ID. We’re going to use a Federation ID.

No, a Federation ID isn’t owned by an interstellar shipping organization with nefarious designs. It’s basically a term that the identity industry uses to refer to a unique user ID.
Typically, you assign a Federation ID when setting up a user account. When you set up SSO on your production environment, you can assign the Federation ID for many users at once with tools like the Salesforce Data Loader. For now, let’s set up an account for engineeringway Tech’s new employee, Darshil patel.

  1. From Setup, enter Users in the Quick Find box, then select Users.
  2. Click Edit next to Darshil’s name.
  3. Under Single Sign On Information, enter the Federation ID: ceo@engineeringway.com.


Tip: A Federation ID must be unique for each user in an org. That’s why the username is handy. But if the user belongs to multiple orgs, use the same Federation ID for the user in each org.

Click Save.

Step 2: Set Up Your SSO Provider in Salesforce

Your service provider needs to know about your identity provider and vice versa. In this step, you’re on the Salesforce side providing information about the identity provider, in this case, Axiom. In the next step, you give Axiom information about Salesforce.
On the Salesforce side, we configure SAML settings. SAML is the protocol that Salesforce Identity uses to implement SSO.

Tip: You’re going to work in both your Salesforce Dev org and the Axiom app. Keep them open in separate browser windows so that you can copy and paste between the two.

  1. In a new browser window, go to http://axiomsso.herokuapp.com.
  2. Click SAML Identity Provider & Tester.
  3. Click Download the Identity Provider Certificate.
  4. You upload this certificate later to your Salesforce org, so remember where you save it.
  5. In your Salesforce org, from Setup, enter Single in the Quick Find box, then select Single Sign-On Settings.
  6. Click Edit.
  7. Select SAML Enabled.
  8. Click Save.
  9. In SAML Single Sign-On Settings:

           1.Click New.
           2.Enter the following values.

      • Name: DemoSSO
      • Issuer: http://axiomsso.herokuapp.com
      • Identity Provider Certificate: Choose the file you downloaded in step 3.
      • Request Signature Method: Select RSA-SHA1.
      • SAML Identity Type: Select Assertion contains the Federation ID from the User object.
      • SAML Identity Location: Select Identity is in the NameIdentifier element of the Subject statement.
      • Service Provider Initiated Request Binding: Select HTTP Redirect.
      • Entity ID: Enter your My Domain name, including “https.” Use the subdomain name that you set up in the “Customize Your Login Process with My Domain” unit. Copy and paste it from the browser address bar.


Before you click Save, confirm that the settings page looks something like:


Click Save and leave the browser page open.

Step 3: Link Your Identity Provider to Salesforce

Now that you’ve configured Salesforce to know about the identity provider (Axiom), you teach your identity provider about your service provider (Salesforce).

You fill in a few fields in the following Axiom form. Easy peasy. Because you’re supplying Salesforce SSO settings, keep two browser windows open, one for Salesforce and one for Axiom.

  1. Return to the Axiom web app. If you don’t have the app open in a browser window, go to http://axiomsso.herokuapp.com.
  2. Click SAML Identity Provider & Tester.
  3. Click generate a SAML response.
  4. Enter the following values. Leave the other fields as is.
      • SAML Version: 2.0
      • Username or Federated ID: ceo@engineeringway.com
      • Issuer: http://axiomsso.herokuapp.com
      • Recipient URL: Get the URL from the Salesforce SAML Single Sign-On Settings page. Don’t see it? It’s at the bottom labeled Salesforce Login URL.
      • Entity Id: The Entity ID from the Salesforce SAML Single Sign-On Settings page.


When you’re finished, the Axiom settings page looks something like:

Step 4: Make Sure It All Works

OK, now that everything’s all configured, let’s make sure that it works. A successful login will be the complete proof.
  1. In the Axiom settings browser window, click Request SAML Response. (It’s way down at the bottom.)
  2. Axiom generates the SAML assertion in XML. Does it look like language used by a robot communicating with desert outpost moisture evaporators? Look again. You can see that it doesn’t look all that bad. To get to the interesting information, scroll through the XML.

Click Login.

If everything’s OK, you’re logged in as Sia at your Salesforce home page. The Axiom application logs you in to your Salesforce org as the user with the assigned Federation ID.
Congratulations! You just configured Salesforce SSO for your users who are accessing Salesforce from another app.

Friday, 5 January 2018

How salesforce handle 1.3 Billion Transactions A day and 24,000 database transactions per second - Technology explained!

1/05/2018 09:53:00 am
Salesforce.com is interested in being more open with the technology communities that we have not previously interacted with. Here’s to the start of “Opening the Kimono” about how we work.
Since 1999, salesforce.com has been singularly focused on building technologies for business that are delivered over the Internet, displacing traditional enterprise software. Our customers pay via monthly subscription to access our services anywhere, anytime through a web browser. We hope this exploration of the core salesforce.com architecture will be the first of many contributions to the community.
Salesforce platform is built on Oracle backend database, not just but a cluster of databases. They have built a layer of abstraction over that and you cannot access the database directly, but use their database queries (soql).
there are about 140 instances/nodes across NA, EMEA and APAC.  All customers in the world are assigned one of these nodes in their geographic region, meaning many customers share one instance.

Stats 

  • 17 North America instances, 4 EMEA instances and 2 APAC instances
  • 20 sandbox instances
  • 1,300,000,000+ daily transactions
  • 24,000 database transactions per second at peak (equivalent to a page view on other sites)
  • 15,000+ hardware systems
  • > 22 PB of raw SAN storage capacity
  • > 5K SAN ports

Software Technologies Employed

  • Linux for development and primary production systems
  • Solaris 10 w/ ZFS
  • Jetty
  • Solr
  • Memcache
  • Apache QPID
  • QFS
  • Puppet, Razor
  • Perl, Python
  • Nagios
  • Perforce, Git, Subversion

Logging In To The Salesforce.Com Service

We maintain a pool of servers to handle login traffic for all instances. A handful of servers from many (but not all) instances accept login requests and redirect the session to the user's home instance. This is what happens when you log in via login.salesforce.com.
Customer traffic starts with our external DNS. Once a lookup has successfully returned the IP address for an instance, standard Internet routing directs it to the appropriate datacenter.
Once the traffic enters our network in that datacenter, it is directed to the load balancer pair on which that IP lives. All of our Internet-facing IPs are VIPs configured on an active/standby pair of load balancers.

Inside The Instance

The load balancer directs the traffic to the application tier of the given instance. At this tier, we service both standard web page traffic as well as our API traffic. API traffic makes up over 60% of the traffic serviced by our application tier overall. Depending on the needs of the customer's request, it will be directed to additional server tiers for various types of backend processing.

Core App

The core app tier contains anywhere from ten to 40 app servers, depending on the instance. Each server runs a single Hotspot JVM configured with as much as a 14 GB heap, depending on the server hardware configuration.
The batch server is responsible for running scheduled, automated processes on the database tier. For example, the Weekly Export process which is used to export customer data in a single archive file format as a form of backup.
Salesforce.com offers a number of services including basic and advanced content management. We have a content search server and a content batch server for managing asynchronous processes on the content application tier. The content batch servers schedule processing of content types, including functions such as rendering previews of certain file types and file type conversion.

Database

The primary data flow occurs between the core app server tier and the database tier. From a software perspective, everything goes through the database so database performance is critical. Each primary instance (e.g. NA, AP or EU instances) uses an 8 node clustered database tier. Customer sandbox (e.g. CS instances) have a 4 node clustered database tier.
Since salesforce.com is such a heavily database-driven system, reducing load on the database is critically important. To reduce load on the database tier, we developed ACS -- API Cursor Server. This was a solution to 2 problems which enabled us to improve our core database performance significantly. First, we used to store cursors in the database but the deletes were impacting performance. Second, after moving to using database tables to hold cursors, the DDL overhead became a negative impact. Thus was born the ACS. ACS is a cursor cache running on a pair of servers, providing a method to offload cursor processing from the database tier.

Search

Our search tier runs on commodity Linux hosts, each of which is augmented with a 640 GB PCI-E flash drive which serves as a caching layer for search requests. These hosts get their data from a shared SAN array via an NFS file system. Search indexes are stored on the flash drive to enable greater performance for search throughput.
Search indexing currently occurs on translation servers which mount LUNs from storage arrays via Fibre Channel SANs. Those LUNs make up a QFS file system which allows single writer but multi-reader access. Like most other critical systems, we run these in active/passive with the passive node doing some low priority search indexing work. It then ships its results to the active partner to write into the QFS file system.
The translation occurs when these same LUNs are mounted read-only from a group of four NFS servers running Solaris 10 on SPARC. These SAN mounted file systems then are shared via NFS to the search tier previously described.

Fileforce

We maintain a tier of servers that provide object storage, similar in concept to Amazon's S3 or OpenStacks' Swift project. This system, Fileforce, was developed internally to reduce the load on our DB tier. Prior to the introduction of Fileforce, all Binary Large Objects (BLOBs) were stored directly in the database. Once Fileforce came online, all BLOBs larger than 32 KB were migrated into it. BLOBs smaller than 32 KB in size continue living in the database. All BLOBs in Fileforce have a reference in the database so in order to restore Fileforce data from backups, we have to start a database instance based on a database backup from the same restore point.
Fileforce includes a bundler function, developed to reduce the disk seek load on the Fileforce servers. If 100+ objects smaller than 32 KB are stored in the database, a process runs on the app servers to bundle those objects into a single file. A reference to the bundled file remains in the database along with a seek offset into the bundle. This is similar to Facebook's Haystack image storage system but built into an object storage system.

Support

Each instance contains various other servers for support roles such as debugging application servers and "Hammer testing" app servers in the app tier, hub servers which monitor each instance for health and monitor servers running Nagios. Outside of the instance itself reside supporting servers like storage management, database management, log aggregation, production access authentication and other functions.

 Salesforce database
I hope this overview of the salesforce.com technology architecture and stack has been interesting and informative.Thanks for reading!

Thursday, 21 December 2017

what's Blockchain technology? bitcoin blockchain ,database and bitcoin wallet explained - Engineeringway

12/21/2017 08:31:00 am
Last year, ICICI Bank announced that it successfully executed transactions in international trade finance and remittances using blockchain technology in partnership with a Dubai based bank Emirates NBD.
In 2008, a cryptographer who goes by the pseudonym Satoshi Nakamoto created a crypto-currency called bitcoin. Bitcoin is digital currency that allows you to perform peer-to-peer transactions without the help of a third party such as banks.
With a blockchain, many people can write entries into a record of information, and a community of users can control how the record of information is amended and updated. Likewise, Wikipedia entries are not the product of a single publisher. No one person controls the information.
Descending to ground level, however, the differences that make blockchain technology unique become more clear. While both run on distributed networks (the internet), Wikipedia is built into the World Wide Web (WWW) using a client-server network model.

  • What is blockchain technology?

A blockchain is an anonymous online ledger that uses data structure to simplify the way we transact. Blockchain allows users to manipulate the ledger in a secure way without the help of a third party.
A bank's ledger is connected to a centralised network. However, a blockchain is anonymous, protecting the identities of the users. This makes blockchain a more secure way to carry out transactions.
The algorithm used in blockchain reduces the dependence on people to verify the transactions. This technology used for recording various transactions has the potential to disrupt the financial system.

  • How it works?

blockchain enables two entities that do not know each other to agree that something is true without the need of a third party. As opposed to writing entries into a single sheet of paper, a blockchain is a distributed database that takes a number of inputs and places them into a block. Each block is then 'chained' to the next block using a cryptographic signature. This allows blockchains to be used as a ledger which is accessible by anyone with permission to do so. If everyone in the process is pre-selected, the ledger is termed 'permissioned'. If the process is open to the whole world, the ledger is called unpermissioned.

bitcoin blockchain ,database and bitcoin wallet explained

Transactions are broadcast, and every node is creating their own updated version of events.
It is this difference that makes blockchain technology so useful – It represents an innovation in information registration and distribution that eliminates the need for a trusted party to facilitate digital relationships.
Yet, blockchain technology, for all its merits, is not a new technology.
Indian IT service providers like Infosys and TCS have been throwing their weight around blockchain technology. Both these companies are using blockchain mechanism to create core banking platforms for banks.

  • Where can it be used?

Use of blockchain technology is not limited to the financial sector. It is being used in many other areas. For example, Honduras government has put all land records on a public ledger - the blockchain. The minute there is a change in ownership, it gets recorded publicly.

  • Is it safe?

The USP of blockchain is that it allows two parties to execute a transaction without any intermediary. Blockchain allows financial institutions to execute and verify transactions discretely without any human intervention.
The electronic ledger of transactions is continuously maintained and verified in 'blocks' of records. With the help of cryptography, the tamper-proof ledger is shared between parties on computer servers.
Experts believe that blockchain architecture can significantly bring down the costs and reduce inefficiencies in the financial sector.

Saturday, 16 December 2017

How to generate links that drive traffic, not just ranking. - searchengineland, SEO

12/16/2017 11:00:00 pm


Links are a crucial element of search engine optimization, and columnist Kevin Rowe believes that long-term SEO success relies on building links that drive real traffic.
What’s so great about referral traffic? Do you really have to ask?! Referral traffic is great because it gets your content in front of new audiences, creating new opportunities for audience engagement and conversions.

Many people see link building as a way to drive rankings. But, when done correctly, it can (and should) also drive traffic.

Driving traffic has a lot of benefits beyond the obvious potential increase in leads and sales. More website traffic can provide valuable analytics data about what users are looking for and what confuses them. It can also help grow engagement and potentially referral links on social media as others begin to share our content.

In this column, I’ll explain how to identify sources of links that drive actual traffic and how to evaluate your progress so that you can focus your efforts where they will have the greatest impact.

Identifying link partners

In order to find good sources for traffic-driving links, there are a few ways you can go: competitor research, rankings and influencers.

First, find the publications driving traffic to your competitors by using tools like SimilarWeb to find their top referral sources. Not only do these tools tell you who is linking to your competitors, but some can also show how much traffic your competitors are getting from those links.

Any site driving traffic/referrals to your competitors should be investigated and evaluated as a potential linking partner. Check each one for quality, verifying that they aren’t content scraper sites and are actually valuable resources for your target audience. If they pass the test, then consider approaching them for a link.

Of course, you shouldn’t just pursue links from sites that are driving traffic to your competitors. Review the top-ranking websites in Google for the terms you want to rank for and see if any of them can serve as good linking partners. For example, many industries have vertical-specific directories that provide both free and sponsored listings.

As always, do your research when approaching sites like this. Do the directories seem spammy, designed only to generate links for SEO purposes? Or are they legitimate sites that consumers actually use, like Yelp, TripAdvisor or Avvo? (Note that links from legitimate sites will often be nofollowed, but they are still valuable because they drive real traffic.)

If you want to do more of the heavy lifting when it comes to content, try approaching major and niche industry outlets that you can contribute content to. In addition to the above sites you found during your research, use a tool like BuzzSumo to find social influencers and reach out to them on their social channels or via email to see if they accept guest posts. These posts need to be highly relevant to the website’s audience, and be careful to follow any editorial guidelines and respect their rules for submitted content.

One last angle to try is to find industry influencers and sponsor or partner with them. Many influencers are willing to enter into partnerships with brands, where they will review or work with a company on content and social media posts to get the brand’s name out to their audience. Cost usually varies with audience size and the scope of the campaign.

Since the aim here is to drive traffic and branding, you shouldn’t run into any issues regarding Google’s linking guidelines. However, it’s important to ensure that all financial relationships are disclosed according to FTC guidelines and that you aren’t attempting to hide or sneak links into any content that you are sending to these outlets for publication.
Evaluating success

Once you’ve approached your chosen link partners and successfully obtained links, it’s time to review your work. After each month, check Google Analytics for referral traffic to see which new sites you’ve worked with are actually bringing you traffic. After three to six months, you’ll have a clear picture of which sites are worth your time and which aren’t. For instance, if Inc.com is bringing you more traffic than three industry sites combined, it might be better to pare down your industry sites to be able to submit more content to Inc.com.

Additionally, you can also see if there is an increase in overall brand search for your name using Google trends or Google Keyword Planner. Often, branding campaigns can result in more direct traffic, as well as organic traffic due to an increase in branded searches. By carefully tracking increases in direct and branded organic referrals, you can see the impact your branding campaigns are having. This can help you see the long-term benefits of your link-building efforts in growing your website traffic.

While tracking the data, be sure to also track your success building relationships with the influencers and websites you’ve singled out as potential link-building partners. This can show your progress to management and help you hone your pitch and messaging style.

links from authoritative domains are still influential in the ranking algorithm and they can still be great for branding. But if your manager is on you to increase referral traffic – not just links – focus on the types of links that actually get clicked.

Wednesday, 25 October 2017

10 Hidden but Powerful Google Tools for Business and Marketing – That You Never Heard Of And You Should Be Using.

10/25/2017 09:46:00 pm
You may have heard of this little thing called Google. You know, where 1.17 billion people go to find stuff on the web?
But Google is more than just a search engine. So much more.
In fact, Google offers a ton of tools in addition to its search engine that can be hugely valuable if you're a marketer.
So I decided to round up some of the most essential Google marketing tools at your disposal so you can be sure your business is taking full advantage of all Google has to offer.

1) Google My Business

Want to get yourself some free advertising on Google? I kid you not -- it's a real thing. 
Over 100 Billion searches are performed on Google every month. So, if your business is not discoverable on Google, you are losing out on a huge business opportunity. Fortunately, Google makes it easy for small business to list their business on Google products such as Maps, Google+ and on search engine.
Google My Business is a free tool that lets you list your local business easily. Its a great way to build your web presence and generate more leads.

2) Think With Google

Speaking of seeking data to help your company evolve, don't miss Think With Google. It's a free marketing resource loaded with consumer trends, marketing insights, case studies, industry research, and creative inspiration.
Think With Google is a nice place where you can get useful articles, various infographics and interviews of industry leaders. This site is updated constantly with loads of useful content that you can use to grow your business.
It also has collection of creative AD campaigns you can draw inspiration from.

3) GoMo

Did you know that 67 percent of people say a mobile-friendly site makes them more likely to buy a product or use a service? (Or that even if these people like your business, 50 percent will use you less often if your website is not mobile friendly!) Don't fall into the latter category. In last year's article about mobile marketing, I mentioned how Google offers a way for you to build a free mobile website for a year. Google's GoMo can also take your existing website through a free diagnostic test to determine to what extent it is (or is not) already mobile friendly.

4) Google Alerts

At ProfitBooks, we have to constantly keep ourselves updated with latest developments in the accounting and taxation industry. For this, we rely on Google Alerts. This very useful free service from Google sends you an email alert whenever there is any news about topic of your interest appears on internet.
With this, you can stay updated about your industry news and can even track your competitor! For example, you can sign up to get notified whenever someone mentions your company, products, executives, or your competition. Its super simple to use – you just need to add a topic or a search phrase and create an alert.

5) Google Trends

You're in the process of evolving your business with the changing times. You need to determine what kind of marketing language and descriptive terminology to use for your sales materials, website copy, and search engine optimization. Consider plugging some of your terms into the Google Trends search bar to see how searches for these terms have changed over time. Look for those still trending upward, and review the additional detail Google provides.
In addition to the Google Alerts, Google Trends can be a great tool for helping you monitor industry trends. It enables you to evaluate the popularity of certain terms, compare them against other keyword variations, analyze how their popularity varies over time and in different regions/languages, and shows related keywords, which can be helpful in getting new keyword suggestions.

6) Google Voice

In an era when people use their phones to surf the web, it's only natural to start using the web to manage our phones. Google Voice, albeit only available in the U.S., allows you to do just, making it easy to manage multiple phone lines, create personalized voicemail messages depending on who's calling, and easily transcribe voicemail messages, making it much easier to stay on top of a busy voicemail inbox. 
To learn more about the various features available with Google Voice, check out Google's support documentation, and watch the video overview below.

7) Google FeedBurner

Want to grow your reach? Then you should be allowing your visitors to subscribe to your website content, particularly your blog, using feeds. By setting up a Google FeedBurner account, your site visitors can subscribe to your content and receive regular updates via their web browsers, RSS readers, or email. And considering subscribers are extremely critical to the growth and reach of a business blog, offering subscription options for your content isn't something you want to overlook. 

8) Public Data Explorer

Google’s Public Data Explorer provides public data and forecasts from a range of international organizations and academic institutions including the World Bank, OECD, Eurostat and the University of Denver. These can be displayed as line graphs, bar graphs, cross sectional plots or on maps.

9) Keyword Planner

If you are planning to start advertising on Google, Keyword Planner will give you an estimate of search traffic and budget. Its a great tool to find out which keywords people are searching for more often. You can slice and dice the data based on geography, gender, interest, browser, mobile device and much more.

10) Google Scholar

Fed up of routine articles on a specific topic – like business growth? Get more meaningful information using Google Scholar. It is an online, freely accessible search engine that provides a simple way to broadly search for scholarly literature. It searches a wide variety of sources, including academic publishers, universities, articles, theses, books, abstracts and court opinions.
Google Scholar aims to rank documents the way researchers do, weighing the full text of each document, where it was published, who it was written by, as well as how often and how recently it has been cited in other scholarly literature.