• GIS' eQuest+ Background Screening Platform Achieves Oracle Validated Integration with Oracle Taleo Enterprise Cloud Service –Read more
• Talent Q Achieves Oracle Validated Integration with Oracle Talent Management Cloud –Read more
  

Tune in on Wednesday, March 12 at 10 AM PT to watch a live OPN PartnerCast focused on Oracle BigMachines CPQ Cloud and Commerce updates, in addition to the most up-to-date news within the OPN community. Members will have the opportunity to submit questions, participate in polls and share comments during the live event via Twitter by using @oraclepartners or #OPN in your tweets. Join us and stream the webcast live from the Oracle PartnerNetwork homepage!

I write about social marketing…a lot. And I’ve found that the more tech innovation comes along, the more relentless expectations by brand leaders are that marketing be executed purely from automated, algorithm-driven machines.

The tech tools are stunning in their ability to gather, analyze, inform and direct customer interactions. I’m lucky enough to be with the only company with the depth and resources in business software across the enterprise to build a fully integrated marketing and customer experience environment. If I were a brand, I’d be nervous about messing with anything else.

But success unavoidably keeps boiling down to making content that attracts, holds, and inspires people. That is a human artistic endeavor. How do you make people care about the content you’re putting out? You don’t. You take what they already care about and craft your content from that foundation. Here’s what they care about.

1. Looking Good

Being associated with you is either going to be embarrassing or empowering. Your users want to look cool. If you give them content that makes them look cool if they share it, they’ll do it. If it makes them look like your salespeople, that’s embarrassing.

2. Not Being Played for a Chump

If you bait me with an awesome headline then fail to deliver value or generate interest in the first couple of graphs, I feel tricked. And I don’t like people who think so little of me they try to trick me. 38% of people who land on a page bounce almost instantly.

3. Feeling Like They Belong

Guess why people are on social to begin with. To connect. If they don’t feel they’re getting insider info or special deals from you, they don’t regard it as much of a connection. If they praise or reach out to you and get ignored, that’s full-on rejection, one of the deepest human fears there is. Heart+Mind Strategies found 72% of US users shifting back to using social primarily to stay in touch with family and friends. Brands are losing them.

4. Feeling Known

If you care enough to know what platforms they prefer, what kind of content they respond to, when they tend to be online, what kinds of images grab their attention, which of your products they use, etc., they’re far less likely to blow off or gloss over content that comes from you.

5. Not Having Their Time Wasted

That means your stuff better either entertain, inform, or both. Keep content fresh. If you can solve a problem they’re having, solve it. If you can make them smarter (overall, not just about you and what you offer), do it. If you can make them laugh, do it.

6. Being Able to Trust You

Robert Cialdini of Arizona State University writes about six “Weapons of Influence.”

Several revolve around authority and trust. Our default is to trust authority. Brands have a head start. You’re an authority…until you violate that trust. People also commit to and defend the choices they make. They’ll go to distance to support their choice to Like you, but can be pushed too far. And they trust groupthink. If your fans are happy and participating, there won’t be much dissent. But if the tide turns against you thanks to bad content, the dominos will fall quickly.

7. Things Being Fast and Easy

Resist your corporate urge to make things as complex as possible to prove to the people up the hall how hard you work. People move through social content lightning fast. Overthink what you’re doing and they’ll say “eh…” and move right past your stuff. Quick and easy to consume, quick and easy to share.

Some brands have started to question whether social users want content from them at all. eMarketer shows over half think brands should be creating timely digital content. So much for that excuse. They want content, they just want it to be good. And they’re working diligently to edit out the noise.

Don’t be noise. Test your content, make sure it touches on basic human emotional triggers, and you’re on your way to users looking forward to your content and turning into brand advocates.

@mikestiles
Photo: stock.xchng

Join us on March 12th for this educational webcast with Andy for Oracle Database insight.

Register at http://t.co/9EkuFaK7Zy

JD-Edwards EnterpriseOne and Oracle Sales Cloud have many things in common: both offer a rich standard set of functionality, both can be deployed rapidly and both offer the maximum return on investment. Combined together, they deliver most of the business processes functions that are needed to run a Small or Medium Business.

• Oracle Sales Cloud, build on the Oracle Fusion architecture using market standards such as Java, delivers all Sales Force Automation processes plus unique advanced features such as Territory Management, automatic Sales Prediction or Incentive Compensation. The Cloud based solution can be deployed within weeks and includes imbedded Customer data Hub, Analytics, Social Selling out-of-the-box. Users can work from a variety of devices or Interfaces, including mobile devices such as tablets or smartphones, as well as from Microsoft Outlook.
  
  
• From its release 8, Oracle Sales Cloud delivers pre-packaged integration with JD-Edwards EnterpriseOne 9.1, including Account & Contact data synchronization, as well as an out-of-the-box “opportunity to quote” process which enables the sales organization to create or update JDE quotes and configurations directly from their Oracle Sales Cloud opportunity screens!

Some of the benefits that any business may get from this unique combination include faster implementation, faster time to market, error reduction and better user adoption. Jointhe Oracle Sales Cloud partner community to find out more about the market’s most advanced Sales Force Automation cloud solution here.

• Configuring an Audit Log in Demantra Using Database Triggers Doc ID 1629974.1
• Demantra Configure to Order (CTO) Integration EBS Model BOM Example How To Doc ID 1630040.1
• Demantra APIs to Facilitate Integration with External - Third Party Source Systems Doc ID 1630505.1
• Demantra Indirect Modeling, Lift Decomposition, Definitions and Issues Doc ID 1630545.1
• Demantra Indirect Customer Modeling, Customer Scenarios, Modeling Approaches Doc ID 1630604.1
• Demantra PTP – Shipment vs. Consumption Forecasting Doc ID 1630628.1
• Demantra Database Best Practices Doc ID 1627586.1
• Demantra Customizations and BAL Upgrade Doc ID 1627590.1
• Demantra New Product Introduction (NPI) - Pooled Time Series (PTS) Doc ID 1627623.1
• Demantra Platform or Application Upgrading - Program Manager Recommendations Doc ID 1627664.1
• Demantra How Caching can be Leveraged to Potentially Reduce Performance Doc ID 1627652.1
• Level Member Caching Purpose Performance Guidance Doc ID 1627689.1
• Demantra BLE Mechanism Explanation and Details Doc ID 1627716.1

Announcement:
Replacement of APS Sizer with Value Chain Planning Reference Sizing Tool (RAS) Doc ID 1630684.1

Introduction

As part of the Federation and WS-Trust protocol interaction, OIF/OSTS will need to use PKI Keys and Certificates for non repudiation and integrity via the use of digital signatures and confidentiality via digital encryption.

In this article, I discuss about the Keys and Certificates management, including how to:

• Generate new keys and certificates
• Configure OIF and OSTS to use the new keys and certificates
• Implement a key rollover on a per partner basis
• Distribute the new certificates to partners

In a Federation/WS-Trust exchange, the following occurs:

• OIF/OSTS will use its own PKI Keys and Certificates to perform signature and decryption operations on the SAML messages:
• Sign outgoing SAML messages and Assertions (XML Digital signatures or Query String signatures)
• Decrypt incoming SAML Assertions (XML Digital encryption)
• OIF/OSTS will use the partner’s signing or encryption certificate to:
• Verify signatures on incoming SAML messages and Assertions (XML
• Optionally encrypt outgoing SAML Assertions (XML Digital encryption)

Example of SAML Messages with XML Digital Signatures:

<samlp:Response ...>
  <saml:Issuer>https://idp.com</saml:Issuer>
  <samlp:Status>...</samlp:Status>
  <saml:Assertion ...>
    <saml:Issuer>https://idp.com</saml:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:SignedInfo>
        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
        <ds:Reference URI="#idhmf9KzAhxleuJ-L3vaVr979Ffa0">
          <ds:Transforms>
            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:Transforms>
        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
          <ds:DigestValue>JGvBqil/NXa6dlMOn5ZhmBbOie8=</DigestValue>
        </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>VgOrU79ZJO4rzHiFTCDCGNmkb0...Y776QM4vEBBybIpbCCUih7I0aA==</ds:SignatureValue>
    </ds:Signature>
    <saml:Subject>
      <saml:NameID>alice@acme.com</saml:NameID>
      ...
    </saml:Subject>
    ...
    </saml:Assertion>
</samlp:Response>

Example of SAML Messages with query string signature (typically used by an SP to send the user to the IdP with an AuthnRequest):

https://idp.com/saml20sso?SAMLRequest=hZJRT8IwFIX%2FStP3sW5BTW7YEhRREtQFplHeytZBQ9fW3i7Kv3cUTdAHfL09t985J3eEvFUWxp3f6o
V47wR68tkqjRAeMto5DYajRNC8FQi%2BguX4YQ7pgIF1xpvKKEom%2FZ7U3EujM7r13iLEsaztoDItJVPjKhEQGW24QkHJbJJRWUfPu
LtTFyuuS7bbsLVcpK92OmdN8XYb9SLETsw0eq59RlOWDCOWRikrkytIhsAuV5QU3x6upa6l3pw3vD6KEO7LsoiKp2VJyYtwGGz3ApqP
DrEhgN1JEee%2F5YjCHbKHqC335%2BWHSZ%2B9CVIQ2ku%2Fp%2FlPaxhKG8UnRo6uLDz2i7NJYZSs9mSslPm4cYJ7kVHvOvE%2FPBk
kf%2BCdRisq2UhR0zg%2FQn9fQ%2F4F&RelayState=id--mAK1whfUGrvoLqqhU2ysXLWSIw-&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=S5TZ0uwK9SMZUgBfDaipbNhlLqbbSG9t4rgA9n3%2FwxFsK7H66IoK6G%2BDfaIUvc5bLtTrwmxsa2iB2gjFx8p5
Q6%2FgH8OtFbT7mKZ7z8FihgxxTKjHJ2FQocOEn%2FrkcRKAAq%2Blig5xVSlR%2BzLq1vkQzIMNOrfLw%2FM6uk3i%2Fk54EnQ%3D

SAMLRequest: SAML AuthnRequest message
RelayState: SAML 2.0 Relay State parameter
SigAlg: signature algorithm
Signature: signature bytes covering SAMLRequest, RelayState and SigAlg parameters

The OIF/OSTS PKI keys and certificates are stored in the $DOMAIN_HOME/config/fmwconfig/.oamkeystore Java Keystore file (note: this keystore is of type JCEKS, not JKS), and the OIF/OSTS settings reference the key entries from the .oamkeystore, so that they can be used by the components for SAML operations.

Install

During the installation phase of OAM, a key pair and self signed certificate will be generated and OIF/OSTS will be configured to use it for signing and decryption operations

• The OAM installer creates the .oamkeystore with a random password (see the “Setting new key entries” section on how to reset that password)
• A new key entry called stsprivatekeyalias is created
• RSA Key Pair
• Self signed certificate
• Subject and Issuer set to: “cn=<MACHINE_HOSTNAME>”
• Two entries are created in the OIF/OSTS configuration:
• osts_signing referencing the stsprivatekeyalias Key Entry in the .oamkeystore
• osts_encryption referencing the stsprivatekeyalias Key Entry in the .oamkeystore
• OIF is set up to use osts_signing entry for signature operations and osts_encryption for decryption operations
• OSTS is set up to use osts_encryption for decryption operations, and osts_signing for signature operations in the SAML Issuance Templates

Setting new key entries

The process of creating new PKI Keys and Certificates before using them in OIF/OSTS is two-fold:

1. Creating the key entry in the .oamkeystore
2. Creating the entry in OIF/OSTS to reference the key entry in .oamkeystore

Note: the keys and certificates need to be stored in the .oamkeystore; HSM are not supported.

Creating a new Key Entry in the .oamkeystore

As mentioned previously, the password of the .oamkeystore Keystore is unknown to the administrator, and it will need to be reset in order to make modifications. This operation is done via a WLST command:

• Enter the WLST environment by executing:
  $IAM_ORACLE_HOME/common/bin/wlst.sh
• Connect to the WLS Admin server:
  connect()
• Navigate to the Domain Runtime branch:
  domainRuntime()
• Reset the .oamkeystore password:
  resetKeystorePassword()
• Exit the WLST environment:
  exit()

One way to create a new key entry in the .oamkeystore is to use the JDK’s KeyTool application. In this example, two key entries with self signed certificates will be created, one with the alias samlsigning and the other with the alias samlencryption (replace $JDK_HOME and $DOMAIN_HOME by the correct path; for the keystore password enter the one you selected during the reset operation):

$JDK_HOME/bin/keytool -genkeypair -alias samlsigning -keyalg RSA -keysize 2048 -sigalg sha1withrsa -dname cn="ACME SAML Signing" -validity 1000 -keystore $DOMAIN_HOME/config/fmwconfig/.oamkeystore -storetype JCEKS

$JDK_HOME/bin/keytool -genkeypair -alias samlencryption -keyalg RSA -keysize 2048 -sigalg sha1withrsa -dname cn="ACME SAML Encryption" -validity 1000 -keystore $DOMAIN_HOME/config/fmwconfig/.oamkeystore -storetype JCEKS

Updating OIF/OSTS settings

Once the key entries have been created in the .oamkeystore, new SAML key entries must be created in OIF/OSTS before those keys can be used during SAML protocol exchanges.

To create a new SAML key entry in OIF/OSTS:

• Go to the OAM Administration Console: http(s)://oam-admin-host:oam-admin-port/oamconsole
• Navigate to Configuration -> Federation Settings or Security Token Service Settings
• Create a new entry:
• In the Keystore section, click the “+” button
• Enter a KeyID for the new entry (for example saml-signing)
• Select the alias for the new key entry from the dropdown which lists the key entries in the .oamkeystore (for example samlsigning)
• Enter the password for the key entry that you set when creating that key in the previous section
• Repeat the process for other entries if needed
• Apply

Note: different key IDs can reference the same key entry in the OAM Keystore

Using new key entries

Global Settings

To update the global OIF settings to use new keys and certificates to sign and decrypt SAML messages, perform the following operations:

• Go to the OAM Administration Console: http(s)://oam-admin-host:oam-admin-port/oamconsole
• Navigate to Configuration -> Federation Settings
• Select the Signing Key from the dropdown list of key entries (these entries are defined in the Keystore section). For example select saml-signing
• Select the Encryption Key from the dropdown list of key entries (these entries are defined in the Keystore section). For example select saml-encryption
• Apply (Note: after applying, you might need to redistribute certificates and/or SAML 2.0 Metadata to partners)

To update the global OSTS settings to use new keys and certificates to decrypt SAML messages, perform the following operations:

• Go to the OAM Administration Console: http(s)://oam-admin-host:oam-admin-port/oamconsole
• Navigate to Configuration -> Security Token Service Settings
• Select the Default Encryption Template from the dropdown list of key entries (these entries are defined in the Keystore section). For example select saml-encryption
• Apply (Note: after applying, you might need to redistribute certificates to partners)

To update the OSTS settings to use new keys and certificates to sign SAML messages, perform the following operations:

• Go to the OAM Administration Console: http(s)://oam-admin-host:oam-admin-port/oamconsole
• Navigate to Security Token Service -> Token Issuance Templates
• Click on the SAML Issuance Template you want to update
• Click on the Security tab
• Select the Signing Keystore Access Template Id from the dropdown list of key entries (these entries are defined in the Keystore section). For example select saml-signing
• Apply (Note: after applying, you might need to redistribute certificates to partners)

Key Rollover per Partner

When an OIF/OSTS deployment is involved with numerous partners, it might be difficult to change the global signing/encryption keys/certificates at once, since this would require notifying all the partners at the same time of the changes, and having them update their configuration with the new certificates/SAML 2.0 metadata.

Note: after updating the keys/certificates in OIF/OSTS, the Federation/WS-Trust flows will not work with the partners until they upload the new certificates in their system.

OIF/OSTS provides an easy way to perform a key rollover on a per partner basis, thus allowing the OAM administrator to plan how and when to notify specific partners of the key and certificates change.

• Performing key rollover for OIF IdP or SP partners involve:
• Setting up new keys and certificates as explained in the previous section
• Updating the IdP or SP partner configuration in OIF to use the new keys and certificates
• Notifying the partner with
• New SAML 2.0 Metadata specifically generated with those new keys/certificates
• Or new certificates corresponding to the new key entries
• Performing key rollover for OSTS Relying Party partners involve:
• Setting up new keys and certificates as explained in the previous section
• If not already one:
• Creating a new Relying Party Profile, which would be a copy of the current Relying Party Profile used by the Relying Party partner
• Creating a new SAML Issuance Template, copy of the SAML Issuance Template referenced by the currently Relying Party Profile used by the Relying Party partner
• Update the new Relying Party Profile to use the new SAML Issuance Template instead of the current one
• Update the new SAML Issuance Template to use the new keys/certificates
• Assign the Relying Party partner to the new Relying Party Profile

Note: OIF key rollover can be done via a group of partners by using Partner Profiles in the OIF configuration. I will discuss in a future article Partner Profiles in OIF and will include a section about key rollover using Partner Profiles.

OIF Key Rollover

When performing a key rollover for a specific partner, you will first need to update the IdP or SP Partner configuration in OIF via a WLST command:

• Enter the WLST environment by executing:
  $IAM_ORACLE_HOME/common/bin/wlst.sh
• Connect to the WLS Admin server:
  connect()
• Navigate to the Domain Runtime branch:
  domainRuntime()
• Update the partner configuration to set the Signing Key property (referenced by signingkeystoreaccesstemplateid) to the key entry ID defined in the Federation Settings -> Keystore section (in this example, saml-signing is the key entry ID; replace  <PARTNER_NAME> by the name of the partner in OIF; replace <IDP_OR_SP> by IDP or SP, the type of partner):
  updatePartnerProperty("<PARTNER_NAME>", "<IDP_OR_SP>", "signingkeystoreaccesstemplateid", "saml-signing", "string")
• Update the partner configuration to set the Encryption Key property (referenced by encryptionkeystoreaccesstemplateid) to the key entry ID defined in the Federation Settings -> Keystore section (in this example, saml-encryption is the key entry ID; replace  <PARTNER_NAME> by the name of the partner in OIF; replace <IDP_OR_SP> by IDP or SP, the type of partner):
  updatePartnerProperty("<PARTNER_NAME>", "<IDP_OR_SP>", "encryptionkeystoreaccesstemplateid", "saml-encryption", "string")
• Exit the WLST environment:
  exit()

Once the partner configuration has been updated, the partner needs to use the SAML 2.0 metadata or certificate information. To generate this information:

• If you need to provide SAML 2.0 metadata for the new signing and encryption key, open a browser and use the following URL to generate the metadata
  http://oam-runtime-host:oam-runtime-port/oamfed/idp/metadata?signid=<SIGN_KEYENTRY_ID>&encid=<ENC_KEYENTRY_ID>
• The signid query parameter contains the key entry ID for the signing certificate. Replace <SIGN_KEYENTRY_ID>
• The encid query parameter contains the key entry ID for the encryption certificate. Replace <SIGN_KEYENTRY_ID>
• An example would be:
  http://oam.com/oamfed/idp/metadata?signid=saml-signing&encid=saml-encryption
• If you need to provide the certificate file for the new key, open a browser and use the following URL to generate the certificate in PEM format:
  http://oam-runtime-host:oam-runtime-port/oamfed/idp/cert?id=<KEYENTRY_ID>
• The id query parameter contains the key entry ID for the certificate. Replace <KEYENTRY_ID>
• An example would be:
  http://oam.com/oamfed/idp/cert?id=saml-signing

Note: you can first generate the SAML 2.0 Metadata/Certificate and provide it to the partner before updating the partner configuration.

OSTS Key Rollover

To explain OSTS key rollover, we will take an example of:

• Three Relying Party partners: RP1, RP2 and RP3
• Two Relying Party Profiles: RPprofileA and RPprofileB, with RP1 and RP2 using RPprofileA and RP3 using RPprofileB
• Two SAML 2.0 Issuance Templates, SAMLIssuanceA referenced by RPprofileA and SAMLIssuanceB referenced by RPprofileB

The rollover will consist of switching the RP1 first, then RP2, then RP3, to have those partners use the new saml-signing certificate.

• To switch RP1, the following operations will need to be performed:
• Go to the OAM Administration Console: http(s)://oam-admin-host:oam-admin-port/oamconsole
• Navigate to Security Token Service -> Partner Profiles -> Relying Party Profiles
• Create a new Relying Party Profile called NewRPprofileA, copy of RPprofileA
• Navigate to Security Token Service -> Token Issuance Templates
• Create a new SAML Issuance Template called NewSAMLIssuanceA, copy of SAMLIssuanceA
• Update NewRPprofileA to reference NewSAMLIssuanceA SAML 2.0 Issuance Template

• Update NewSAMLIssuanceA SAML 2.0 Issuance Template in the Security tab to use the new key entry

• Navigate to Security Token Service -> Partners -> Relying Parties
• Open RP1 and configure it to use the NewRPprofileA Relying Party Profile: from then on, OSTS will use the new key entry saml-signing to sign outgoing SAML 2.0 Assertions for the RP1 Relying Party partner

• Download the new certificates from OSTS by opening a browser and use the following URL to generate the certificate in PEM format:
  http://oam-runtime-host:oam-runtime-port/sts/servlet/samlcert?id=<KEYENTRY_ID>
• The id query parameter contains the key entry ID for the certificate. Replace <KEYENTRY_ID>
• An example would be:
  http://oam.com/sts/servlet/samlcert?id=saml-signing
• Provide the certificate to the partner

Switching RP2 to the new certificate will be faster, since the new Relying Party profile and SAML Issuance Template have already been created.

To switch RP2, the following operations will need to be performed:

• Go to the OAM Administration Console: http(s)://oam-admin-host:oam-admin-port/oamconsole
• Navigate to Security Token Service -> Partners -> Relying Parties
• Open RP1 and configure it to use the NewRPprofileA Relying Party Profile: from then on, OSTS will use the new key entry saml-signing to sign outgoing SAML 2.0 Assertions for the RP1 Relying Party partner
• Provide the certificate to the partner

Switching RP3 to the new certificate will consist of repeating the operations executed for RP1, since the new Relying Party profile and SAML Issuance Template for RP3 have not been created yet.

Note: you can first provide the new certificate to the partner before updating the OSTS configuration.

In the next article I will be discussing about IdP administration and how to create SP partners.
Cheers,
Damien Carru

Please join us Wednesday, March 12, 2014, for a special partner webcast about Oracle CPQ Cloud, the BigMachines acquisition, and your go-to-market opportunities. In combination with Oracle's enterprise-grade cloud solutions, including Marketing, Sales, Social, Commerce and Service Clouds, Oracle and BigMachines will create an end-to-end smarter selling cloud solution so sales personnel are more productive, customers are more satisfied, and companies grow revenue faster.

Subject matter experts from Oracle Worldwide Alliances & Channels and Product Development (including Chris Shutts, former BigMachines co-founder and SVP) will cover the following topics:

• Benefits of the Oracle-BigMachines Combination
• Oracle's CPQ Cloud Strategy
• Partnership Opportunities and How to Go-to-Market with CPQ through Oracle PartnerNetwork
• Q&A

Date: Wednesday, March 12, 2014 - Time: 8:00 am, Pacific Daylight Time (4:00 pm GMT)

Registration is required in order to receive webcast access information. Register here

Java will be on display at SXSW, empowering developers and robots alike. See how Java is uniquely suited to support the Internet of Things at these presentations:

On Sunday, March 9th, at 3pm Angela Caidedo, Java Technology Evangelist, will show the Java Duchess Segway in "Beyond Beauty: JavaFX, Parallax, Touch Raspberry Pi, Gyroscopes, and Much More." She* is a Java SE Embedded-powered, self-balancing robot built using the LEGO Mindstorms EV3. (*Ambiguous pronoun reference intentional.)

On Monday, March 10, Nandini Ramani, VP of Java Development, will show how "Java Empowers the Internet of Things" at 3pm and how to "Navigate the Internet of Things" at 5pm.  

You can also see Java in Action at the Oracle Discovery Lounge at the Waller Creek Boathouse.  There will be demos, food, drink and cool air! Play a Java-powered, Twitter-enabled smart darts game. Join us for a (invitation only) reception Friday night. You can meet and get your picture taken with some of the crew of Oracle Team USA who won the America’s Cup. Oracle Discovery Lounge will be open 11am-7pm Saturday March 8 to Monday March 10.

Cash Management SR Options Have Changed!

You might recall in an earlier blog entry that we changed the options you have when logging a Payables SR in MyOracleSupport to try and help you get your SRs to the right engineers - first time.  We hope you are finding the new options beneficial and getting your issues resolved faster.  

The good news is that we have now extended this change to include Cash ManagementSRs.

Next time you create an SR for Cash Management you will notice different options available to you to ensure you get shown the most appropriate content for your problem area.  If the recommended solutions don't resolve your issue, then we ensure we ask relevant questions that will help the support engineer get to the root of your issue faster. We have also revised the diagnotics that we will request from you to further aid the resolution of your issue.

The new options available are structured as follows:

We hope these new options are useful and help you log your problem with the correct team - the first time.

Let us know what other topics you want to hear about on the Payables Blog by updating the thread on the Payables Community that was created for your feedback.  

By Jeff Haynes

The Bartender says, “Hey the two of you make a nice couple, what kind of work do you two do?” The HVAC Guy says, “I design and maintain systems that keep organizations productive – I keep things cool in the summer, and warm in the winter – nobody complains, everybody stays focused and engaged in the buildings I maintain.” The bartender then turns to the lovely Investigative Reporter.  She stares at them both incredulously – not speaking at first - and then finally says, “I look into any situation and root out half-truths, scams and cover-ups – I make people aware of the real story, protect them from making big mistakes The bartender, having seen his share of mismatched couples, rolls his eyes and says –“yeah, ok – good luck with all of that . . .” and moved his way down the bar towards a group of HR professionals who appeared to be playing hooky from a professional development seminar.

Well, believe it or not, these two very different personality types stayed together, got married, and today, their daughter is the prototypical Total Rewards Executive! She has merged the best from both of her parents – her Dad’s knack for dialing in just the right temperature, and her Mother’s hard-nosed, fact-based view of the world.

She has merged the best from both of her parents – her Dad’s knack for dialing in just the right temperature, and her Mother’s hard-nosed, fact-based view of the world.

So why is this Total Rewards personality amalgamation important in 2014? Well let’s set some context around the challenges that Total Rewards professionals are facing within the framework of the HVAC Guy and the Investigative Reporter.

HVAC Guy Perspective: What is the “temperature” and how does it impact the organization?

The “temperature” of the labor market is osculating wildly. Coming out of the recession, the US had over 8% unemployment; it’s now still relatively high at about 6.7%, or about 11.8 million people (BLS, Dec 2013).  So, competitive hiring rates should be pretty easy to set and employers should have the advantage right?  No so fast!   More than a third of jobs are going unfilled due to the lack of the right talent (Manpower 2013). And, get this, turnover rates are increasing – over the next 5 years they are expected rise from 20.6% to 23.4% (Hay Group 2013) as talent incumbents test the labor market.

Woah – what’s an HVAC guy to do?  Is it too hot, or is it too cold?  No one is ever happy!  This puts a lot of pressure on Total Reward programs to attract critical skill sets and retain those skill sets along with other high performers in the organization.  As merit-based base pay programs continue to languish with minimal budgets, and minimal opportunity to truly distinguish critical skills and high performers (Mercer 2013), many organizations are turning to variable pay: More than 80% of firms offer variable compensation programs, and 32% said they plan to increase the emphasis on performance-based pay (Deloitte 2013). Variable pay plans designed to differentiate through segmentation offers a customized approach to getting the temperature “just right” for the organization (WorkforceOne, 2009).    

Investigative Reporter Perspective:  What are the facts and how do “the readers” get information to make wise decisions?

Insightful stories don’t create themselves.  Perhaps once upon a time it was acceptable for a report or spreadsheet with a few data points to cross “a reader’s” desk with some week old information – leaving the reader somewhat illuminated, but still mostly in the dark.  Now static dashboards are a thing of the past, today’s “investigative reporters” are coming up with hypotheses, testing those hypotheses with seemingly unrelated variables, and providing predictive probability analyses.  For example, a “story” might present itself as “turnover”– but as any good investigative reporter knows, there is a story behind the story.  What are the variables leading to turnover – and what do those variables tell us about the characteristics of the workforce - not only now but 12 months from now.  And, what if certain variables could be altered – could we change our destiny?  Wow – now that’s a question worth investigation!

Ultimately, fact-based decisions and predictive analytics is a key element of strategy within HR to enable a competitive advantage (Davenport 2010).  Organizations that pay attention to their “investigative reporters” using business intelligence and workforce analytics within HR drive serious returns (Aberdeen Group):

• 14% year over year improvement in revenue per employee
• 2x customer satisfaction
• 13% increase in workforce utilization

With all that said, I believe there are at least two things Total Rewards professionals must do right now – #1 Understand the “temperature” externally and internally and get it right for their organizations, and #2 be skeptical, investigatory, analytical and predictive.

Of course these two points require advanced HR infrastructure - companies that have consistent, integrated talent management platforms are most effectively able to support segmentation and differentiation efforts in their rewards programs, and are best able to leverage analytics to get the complete story. In fact, firms with integrated HR infrastructure outperform their peers by 40% on revenue per employee (CedarCrestone, 2013).

Today’s total rewards professional – part HVAC Guy, part Investigative Reporter. It takes lot of technical expertise, professionalism, healthy skepticism and stick-to-it-ivness. So – are you the son/daughter of an HVAC Guy and an Investigative Reporter? If so, I look forward to seeing you at the World at Work Total Rewards 2014 Conference and Exhibition where Oracle will be highly visable as a Platinum Sponsor. Maybe we can talk a little HVAC shop, or a little investigatory journalism.

---

Jeff has broad HR-related skills, with a special interest in HR technology,  reward systems, performance measurement, incentives, and job structure.  His work has strengthened workforce commitment and motivation, increased labor competitiveness and improved performance. 

Jeff has over 20 years of both corporate and consulting human resources experience spanning a variety of industries, including telecommunications, high-tech, energy, manufacturing, healthcare, higher education and non-profit.  Prior to joining Oracle, Jeff was the Solutions Consultant for Aon Hewitt’s Compensation Outsourcing Division.   Jeff has also worked as an independent consultant and was the Principal consultant for Mercer HR Consulting in the Rocky Mountain Region.  Additionally, he led the global compensation and benefits organization for Micron Technology, a global, high-tech manufacturing firm, and the compensation function of Qwest Communications, a major telecommunications corporation.  He also worked for two other professional services firms: Effective Compensation Incorporated and Spectrum HR Systems Corporation.

Jeff holds a BA in Psychology from the University of Colorado at Boulder and a MBA with a concentration in Management from Colorado State University.  He is a Certified Compensation Professional (CCP) and member of the Rocky Mountain Compensation Association (RMCA). Follow him on Twitter @CompWonk

Last month was the fourth anniversary of Sun becoming part of Oracle, and it’s been four years marked by a crazy pace of development. Our Santa Clara campus is packed to the brim with our systems hardware and software teams, and they've been busy:

Oracle Solaris 11 and 11.1 have built on the rock-solid reputation of Solaris as the heart of enterprise computing, and introduced unique and innovative cloud technologies, and the SPARC team has been nothing short of amazing, moving through several generations of processors in a very short period of time.

The end result is fantastic engineered systems such as the Oracle SuperCluster M6-32, or if you're looking for something more on the building-block side, the SPARC T5-2. Not to mention our storage offerings, where Oracle Solaris sits at the heart of the Oracle ZFS Storage Appliance.

And where things have really sped up: our ability to work every day to design and execute solutions hand in hand with the Oracle database, middleware and applications teams.

Needless to say, we don’t have any plans to stop.

At the same time... we can’t help but notice what’s going on over at IBM.  A lot of stuff seems to be going up on the auction block. And we're not sure if they have any plans to stop that, either.

So, this seems like a good time to note some of the things we’re doing to make it as easy as possible to transition from the AIX/POWER world to the Solaris/SPARC world.  First off, we have a white paper:

Simplify the Migration of Oracle Database
and Oracle Applications
from AIX to Oracle Solaris

There's a web site with even more resources:

http://oracle.com/aixtosolaris

That's where you'll find information on why making the move to Oracle Solaris / SPARC systems is such a good idea, see what the business and performance advantages are,  learn how to plan your move and find out how Oracle can help. The bottom line: if you're going to run Oracle workloads -- or any other mission-critical workloads, you should run them on Oracle.

Oracle Technology Network also has a great AIX-to-Oracle Solaris resource page.

And on the Oracle Learning Library, there's training information on migrating from IBM AIX-based servers. 

If you want a bit more color commentary, Giri Mandalinka has an interesting take on this (provocatively titled "AIX Customers: Run for the Hills").  On the Oracle Hardware blog, Kelvin talks about how to "Migrate from AIX to Oracle Solaris in 4 Easy Steps". And over at the OTN Garage, Rick Ramsey has a "just smell those hydrocarbons" pic of a '68 Dodge Charger heading up a list of "Oracle Solaris 11 Resources for the AIX Sysadmin" .

WebLogic is Oracle's strategic application server for the Java EE Platform. And since Oracle decided to focus on it for commercial support, and to leave GlassFish free of any ties from commercial decisions, I decided to bring customers and users a series of blog posts about migrating Java EE apps from GlassFish to WebLogic.

GlassFish will continue to thrill as the Open Source Reference Implementation for the platform, its community, and source of innovation, like we are seeing through the Java EE 8 survey.

In this series, I will help GlassFish customers as well users to experiment, try, and evaluate Oracle WebLogic 12c (Java EE 6 certified) to deploy their mission critical applications. Continue reading through the first part, where I actually demonstrate "the Beauty of Java EE 6", by migrating a sample application without any code change.

And don't forget to follow @glassfish, @java_ee, and @oracleweblogic on Twitter! 

The MySQL developer tools team is pleased to announce 6.1 Beta 2 - the start of the public beta testing phase of MySQL Workbench 6.1

MySQL Workbench 6.1 is the upcoming major update for the official MySQL graphical development tool.
Introducing over 30 new features, this version has many significant enhancement focusing on real-time performance assessment and analysis from the SQL statement level to server internals and file IO. You'll see this in additions to the SQL Editor as well as new dashboard visualization and reporting that takes advantage of MySQL Server 5.6 and 5.7 Performance Schema, and enhancements to the MySQL Explain Plans.

Additionally Workbench 6.1 this leveraging work from various teammates in MySQL Engineering in introducing a schema called "SYS" that provides simplified views on Performance Schema, Information Schema, and other areas.
Special thanks to the server optimizer team, server runtime team, and Mark Leith. For Oracle DBAs MySQL SYS is similar to the V$ catalog views and MSSQL folks its like DMVs (Dynamic Management Views).

MySQL Workbench 6.1 includes:

• Improved drag and drop support in the Home screen and SQL Editor
• Visual Explain 2. The Visual Explain feature was revamped is now easier to read and interpret. You can also get the traditional tabular explain output from within the same interface.
• Performance Dashboard. A graphical representation of some key statistics from the server status, gives you a bird's eye view of the status of key server subsystems.
• For advanced users, Performance Schema Instrumentation. A GUI for making configuring the Performance Schema in detail, for advanced users.
• Performance Schema based reporting. Gives insight into the operation of the server through many high-level reports.
• New query result view. Get more information about queries you execute, such as information about the fields in your result set and key performance statistics from your query (timing, index usage, number of rows scanned, joins etc).
• Form Editor for result sets. In addition to the result grid, you can now edit records row by row in a form style editor.
• Table Inspector. Similar to the Schema Inspector, view detailed information from tables. A streamlined interface for creating indexes is also included.
• Support for the Windows accessibility API and a new High contrast color theme in Windows.
• And more.

More than 60 enhancement requests and bugs reported by users have also been addressed, providing performance, usability and stability improvements across the board.

For the full list of bugs fixed in this revision, visit
http://dev.mysql.com/doc/relnotes/workbench/en/changes-6-1.html

For discussion, join the MySQL Workbench Forums:
http://forums.mysql.com/index.php?151

Download MySQL Workbench 6.1 beta now, for Windows, Mac OS X 10.6+, Oracle Linux 6, Fedora 19, Fedora 20, Ubuntu 12.04 and Ubuntu 13.10 or sources, from:

http://dev.mysql.com/downloads/tools/workbench/

In Windows, you can also use the integrated MySQL Installer to update MySQL Workbench and other MySQL products.

Here's an interesting problem that comes up in companies all the time.  As your company grows, how do you keep the feeling it had when it was smaller and everyone knew everyone? 

A few years ago, Oracle opened a Mexico Development Center (MDC) in Guadalajara.  At the beginning, it was only 20 people, so it was easy to get to know everyone and there was a very tight community feel to the group.  But now it's in the hundreds and people on 6 floors.  So the GM there started thinking about how they could come up with a way to try to help everyone get to know everyone else.  And of course because it's a development center with a lot of talented developers, they came up with a dev solution.

First they thought about the goals they had.  When there were 20 people, it was easy to know all 20 and something about them.  But as time went on, you might only know the people on your immediate team and some of the people on your floor.  As things expanded onto multiple floors, you might only know a few people outside the floor you work on and maybe not even much about all the different teams currently working in MDC.  Could they create an app that would allow new people to meet the whole MDC team, from individuals to all the teams and projects that are happening within the larger organization?  Welcome to the FaceGame!

The FaceGame is a fun way to introduce new people and learn about the people that they work with.  It has some fairly straightforward mechanics (we'll show you a person, you figure out who they are--and then you get to see some information about them). 

Initially, the game only asks you about your immediate team.  But as you get better, you level up and start getting asked about people on your floor.  Once you master the people on your floor, it starts asking you about people on other floors.  And recently, to spark up the team competition, they even added things like an inter-floor competition.

The app has been a great way to meet new people and learn about different teams, taking a large organization and making it more manageable.  Strictly speaking, this isn't gamification, it's a game.  But the same idea could be used in a training application, to gamify the training process.  Let's say you work retail and need to know details about your inventory--welcome to the Bedding Department Game!  Or you are training new mechanics to know the various parts of the vehicles they work on--welcome to the Automotive Parts Department Game!  And in the end, it's fun.

The interactive trainings will cover Oracle's Social Relationship Management (SRM) suite containing the Social Marketing Cloud (SM) and Social Engagement & Monitoring Cloud (SEM).

Who should attend?

Any sales, pre-sales, practice leads, consultants, marketers, and social media and community managers are welcome!

This is a great opportunity to jump start your training and path towards specialization. Come with an eager mind and questions ready for our panel of experts!

Upcoming Trainings:

April 8 & 9 - Dallas, TXRegistration Link

April 24 & 25 - San Francisco (Oracle HQ)(Registration Link Coming Soon)

May 12& 13 - Paris, FranceRegistration Link

May 14& 15 - London, UKRegistration Link

The basic NetBeans 7.4 module that allows JavaFX development for iOS is ready and out for your testing. This module is targeted on MacOS environment for now, but with the iPack tool integration it will work also on other platforms - limited only by availability of RoboVM which is used inside this project. It contains two template applications, one traditional HelloWorld and one more complex with a nice animations called GoldenFish.

This module is a result of tight cooperation between our and the NetBeans teams. You can get more details about this module here.

Please bear in mind that this is just basic support. There is still a lot ahead of us!

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

BlogTwitterLinkedInMixForumWiki

• SOA In Real Life - Mobile Solutions
• Cloud to On-Premise Connectivity Patterns
  
• Connecting Clinical and Administrative Processes: Oracle SOA Suite for Healthcare Integration
  
• Business Process Management PS6 Retail Scenario (30 minute demo) - YouTube
  
• Business Process Management for Higher Education –YouTube
  

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

BlogTwitterLinkedInFacebookWiki