Best of this Week Summary 20 October - 26 October 2008

• Good tips on how to write clean code.
  


• A high level comparison of JAX-RS (Java API for RESTful Web Services) four implementations: CXF (Apache), Jersey (Sun), RESTEasy (JBoss), and Restlet (open source). Here's how they integrate with Spring.
  


• Four approaches to get to a canonical message model (CMM) in an ESB. Check also the previous two articles in this series.
  

Best of this Week Summary 07 October - 19 October 2008

• Having nice user-friendly bookmarkable URLs when you're using the Wicket web framework is not so trivial. Especially if you want those nice URLs when validation errors occur. As an example, on this Wicket based site enter "hello" in the end-date field. Now check the URL in your address bar just before you click Filter (http://online.ddpoker.com/leaderboard) and right after the submit when you see the validation error (http://online.ddpoker.com/?wicket:interface=:0:1:::). Here's the solution for those cases too!
  
  
• Have you been clickjacked lately?
  


• More clarification from Rod Johnson on the new maintenance policy for Spring.
  


• As a side note, Microsoft is designing a new programming language "M", part of its new Oslo development and service-oriented strategy. Most likely it will be .Net based. Will it ever see the day of light? Much more concrete is this new open source Touchless SDK, which enables developers to create multi-touch based applications using a webcam for input.
  

Best of this Week Summary 06 October - 12 October 2008

• One of the many nice editions of The A-Z of Programming Languages series, this time on C#. Yes, yes, that word is not supposed to be on this blog, but this article is still interesting if you're into programming languages. For example the challenges when designing a language. Check also the other editions, for example about: AWK, Forth, Modula-3, Python and Javascript.
  


• An Amazon S3 introduction/beginners guide for setting up hosting of images.
  


• Four cases of CSRF attacks desribed, including one were it was possible to transfer money from a bank account! Check also the mentioned paper on how to prevent them: Cross-Site Request Forgeries: Exploitation and Prevention. The paper explains how to prevent CSRF in your web-application/frameworks: don't let a GET modify anything and pass a random number in the cookie and each form POST. It also describes XSS and the same-origine policy.
  

Best of this Week Summary 29 September - 05 October 2008

• Check the elaborate 95 slides comparison of Javascript libraries at the bottom of this post. It's a presentation by John Resig, Mr JQuery. The presentation is very objective. Compared are: Prototype, jQuery, Yahoo UI, Dojo and Mootools. Another short comparison of 14 RIA/Ajax/Javascript frameworks shows jQuery as the winner, as seen by the User eXperience reviewer. Great news for jQuery this week anyway: both Nokia and Microsoft are adopting it as part of their official application development platform.
  


• Can't get enough of these RIA frameworks comparisons? Here's another one, which is a short comparison/intro of three Rich Internet Application frameworks: Adobe AIR, Google Gears and Silverlight. See also my (bit older) post here, which also includes JavaFX.
  


• Summary of an article by Martin Fowler on how Agile can be used in building SOA implementations. The answer: yes you can quickly get value out of it. The biggest proof is the internet: loosely coupled and many unexpected changes.
  


• Quick-start JSF book free for download. Only 65 pages. Beginners level, step-by-step. With some mixed "infomercials" about the soon to be open source Eclipse IDE extension Exadel Studio Pro, but not in an annoying way.
  


• Key API design points from Joshua Bloch, Chief Java Architect at Google
  


• An explanation why a canonical message model (CMM) is a "good thing" in SOA and ESB.
  


• How to manage and lead geeks in a team. For technical and non-technical teamleaders.