Servlet 3.1 Specification (JSR 340) is almost ready for the release. Several new security features have been added in this version of Servlet specification.
In this blog, I will explain one of the security features, namely deny-uncovered-http-methods.
Let us take a look at a simple security-constraint in web.xml as follows:
<web-app xmlns="http://www.w3.org/2001/XMLSchema" ...
on Apr 19, 2013
Servlet 3.1 was in Public Review in Janurary 2013. And it is in Proposed Final Draft now. Most of the new features are related to security.
In this following, I will highlight features since Servlet 3.1 Public Review:
add new API javax.servlet.http.Part#getSubmittedFileName
add new API javax.servlet.ServletContext#getVirtualServerNameThis API allows a JASPIC module to be registered in a Servlet...
on Mar 18, 2013
Update: One should not use response in AsyncListener#onComplete. Only print debug in this example.
Servlet 3.1 (JSR 340) is almost ready for the release. One of the new features is the support for non-blocking IO. ReadListener and WriteListener are introduced to allow non-blocking processing in Servlet.
Non-blocking IO can only be used in async (defined in Servlet 3.0) or the upgrade mode. We can...
on Apr 16, 2013
Tuning Java code presents many challenges and addresses several goals.
One of these goals is to make the application "run faster".
Recently, our end-users were getting multiple-second response times from our web application's home page.
This was unacceptable.
We were asked to see what we can do to make the web application "run faster".
We began by looking at the usual suspects... database access...
on Apr 14, 2013
One of the first things we did as we began to learn about Java was to create our own library of Java books.
Every member of the development team was given the chance (and funding) to build their own collection of books.
In time, these book collections became a sort of "comfort blanket" for the developers.
In addition to being a valuable source of reference material,
these collections act as a...
on Mar 29, 2013
One of the biggest challenges facing us during the creation of our first Java application
was learning to develop with the Java programming language.
We were concerned about how well our team of developers would learn and adapt to Java.
Since Java was an object-oriented programming language, we had object-oriented concepts to learn as well.
Our first Java training class was titled, "Developing...
on Mar 24, 2013
Our team of Java developers consists of people with various backgrounds and skill levels.
Everyone has a role and is assigned tasks based on that role.
Team members are expected to know basic programming concepts, core Java and core J2EE.
In addition; database access, web-browser, client/server concepts are required as well.
It didn't take long for our team to realize there was a lot more to know...
on Mar 10, 2013
I am back with more stories about our adventures in the world of Java.
From the distant past to recent events. I hope to entertain, enlighten, and encourage.
So hold on to your hats.
For software developers in IT, there are times when you find yourself present at the birth of a major application.
Normally these are dream assignments. But consider the following additional factors.
on Mar 4, 2013
In my last blog post, I explained how to add versioning capability to templates. Being able to create, view and restore different versions of templates is great, but sometimes it's not so easy to see what has actually changed. And we might not be as lucky as having comments about the change from the author, or they might be cryptic to the point of being useless.
So let's try and add the diff and...
on Jan 22, 2013
Have you wanted to do something with asynchronous I/O? I did. After doing some work with Node.js, I wanted to find a way to get some of the goodness of its programming model for Java.
The Acteur project is the result - a framework for building scalable, asynchronous web applications using Netty + Guice - was the result. The programming model is a little unusual - you treat constructors as...
on Apr 7, 2013
The applications have grown together with the man dream to get more and more information, then more application have been emerging and the man had became hostage of the application.
For example we can recognized the evolution between man and machine:
In the first time: Many men to just one machine ( like mainframe's age) then one man to one machine ( in to Personal computer era) and...
on Mar 17, 2013
Many of the Oracle Java development tutorials that access a database do so against the Oracle HR sample schema. See, for example, Developing Rich Web Applications With Oracle ADF. There are several approaches you can take to getting the sample schema installed in the Oracle Cloud, such as Using SQL Developer or JDeveloper as demonstrated in Shay's blog. In my case, we're going to run the SQL...
on Jan 17, 2013
This quick blog entry is just to advertise the availability of the Proposed Final Draft of JSF 2.2 (JSR-344). You may download the draft of the spec at <http://jcp.org/aboutJava/communityprocess/pfd/jsr344/index.html>. You may try out the implementation by dropping this maven GAV into the modules directory of GlassFish 18.104.22.168: <a href="http://search.maven.org/#search|ga|1|g%3A%...
on Mar 15, 2013
Whenever the JSF runtime needs to perform a conversion it uses a Converter to do so. As explained in previous blog entries you have the ability to implement your own Converter. But does that mean you need to implement it for simple conversions? No, you do not, the default JSF converters come to the rescue!
<b>Java Datatype</b> ...
on Dec 26, 2012
The following blog articles are part of the JSF State Saving series
Introduction to JSF State Saving
The JSF State Saving APIs
The JSF StateHolder API
The JSF PartialStateHolder API
The StateHelper API
on Dec 19, 2012
on Feb 7, 2013
What is SPARQL?
by David Wood, Marsha Zaidman, Luke Ruth, and Michael Hausenblas, authors of Linked Data
SPARQL is the query language for RDF and Linked Data. SPARQL is to RDF data as the Structured Query Language (SQL) is to a relational database. SPARQL's name is nicely pronounceable and sounds interesting and fresh. SPARQL is interesting and fresh. This article, based on chapter 5 from...
on Dec 20, 2012
Six Ways You're Using Responsive Design Wrong
by Matthew Carver, author of The Responsive Web
Staying on the cutting edge of of web design can be tough, and oftentimes you only learn from making mistakes. Making mistakes is sometimes the best way to know that you are breaking new ground. In this article, Matthew Carver, the author of The Responsive Web, gives a few tips that his experience in...
on Dec 19, 2012
Sometimes, life drops a house on your code. Sometimes, it's flying monkeys. Most of the time though, the damn stuff just stops working and it's nothing so obvious as being crushed by a Kansas farmhouse or being carried away by winged primates.
For this last common case, there are a good number of great tools to help you out. JMeter may help you to reproduce the conditions under load, while...
on Feb 1, 2013
Web Development Tools
As a test, I re-created the HRSystem application as described in the tutorial Developing Rich Web Applications With Oracle ADF. It's more than your basic Hello World application. For starters, the HR system application accesses a database. It also takes advantage of some sophisticated ADF features, such as graphs, page flows, auto-suggest, menu options to export to Excel and display in...
on Jan 23, 2013