Challenge Overview
Web Order and Invoice (WOI) is a supplier-facing Web application, accessible by enabled Suppliers via the Internet and manages the exchange of Order Management & Accounts Payable Business Transactions with suppliers via standard web browser interface. WOI is part of the PeS application suites that follows a typical development (Dev) and release cycle.
In the upcoming releases, WOI is implementing security remediation affecting how the system will be configured and how certain types of remediation will be performed. As such, WOI is looking for a set of mini-utilities that can be put together as a single cohesive tool in support of these remediation functions. This is the first series of utility creation competitions in this area. This series include
- this (design) competition – dealing with Java graphical user interface in retrieving a specific configuration, validating configuration from the database table, along with the ability to update the validated configuration into the table.
- a ‘sister’ (design) competition – WOI Security Scan Error Code and Message Retrieval Utility –. dealing with Java graphical user interface for error code and error message retrieval from a new database table
These design competitions will be followed by the actual utility development competitions that can then be integrated together as a single tool. In addition to the stated functions in this utility, this configuration validation and update utility may be expanded with additional function to delete existing row and insert brand new row into the table, or even expand validation to other types of configurations within the same table. Another enhancement includes performing similar validation for another similar application within the PeS Application suites.
As part of the remediation work, there will be a new set of configurations defined in a new database table. The configurations cover two main areas or tasks within the remediation work. In this competition, we will concentrate on the area dealing with HTML encoding and decoding definition in this configuration table. We are looking for a standalone Java graphical interface utility that follows defined logic in retrieving the corresponding HTML encoding decoding configuration, validating the configuration based on a defined set of rules, and offers the ability to update any corrections of the respective configuration into the database table. This utility helps system configurators, developers and testers alike in properly defining the configuration and catching mistakes during the various phases in the change request cycle. This also helps to quickly adjust configurations to test for error scenario before correcting the configuration for the next test case. The validation feature of this utility is a value-add to basic query tools such as IBM DB2 client and QMF..
Final Submission Guidelines
N/A