Best of this Week Summary 17 May - 23 May 2010

• Codelab ("tutorial") from Google that "shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application. The codelab is built around Jarlsberg, a small, cheesy web application that allows its users to publish snippets of text and store assorted files. "Unfortunately," Jarlsberg has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The goal of this codelab is to guide you through discovering some of these bugs and learning ways to fix them both in Jarlsberg and in general."
  


• A new IBM Redbook on WebSphere Messaging and High Availability has just been released.
  


• A cool Android with Hudson continuous integration. Led on mobile phone changes color depending on the build status. Remember the Lava Lamps version?
  


• Java dynamic proxies explained. They are for example used in Hibernate for lazy loading entities and in Spring for AOP. Also explains what CGLib proxies are for.
  

Best of this Week Summary 22 February - 28 February 2010

• A real life example on using Spring Integration to migrate content from multiple websites into Hippo CMS, handle errors, measure performance and deal with the fact that content could contain references to other content that is not imported yet.
  


• Summary of this article, which suggests rules for designing standard authentication schemes for REST API’s.
  


• Did you know JavaFX is already used on a big site like the Vancouver Winter Olympics 2010?
  


• Ten useful Java programming tips, maybe there are a few you don't know yet...
  

Best of this Week Summary 25 May - 31 May 2009

• Facebook is now also supporting registration/login via a GMail account and OpenID, see the image below. I especially like that they've implemented it with a lightbox ("popup") so the user doesn't get as much confused anymore, as was the case in the old/standard implementation where the user is completely redirected to Google or the OpenID provider's website. Note that it is actually more "Facebook Connect" like this way! See here another example where OpenID is combined with OAuth to enable a popup login.
  
  
  
• Understanding how the JVM uses native memory on Windows and Linux. The extensive article explains what native memory is, how the Java runtime uses it, what running out of it looks like (so you're not running out of heap space!), and how to debug a native OutOfMemoryError on Windows and Linux. A companion article covers the same topics for AIX systems.
  


• Quite big news was of course Google's announcement of Google Wave at the Google I/O conference. It has been built with GWT. A good description can be found here. It's open source with plugin-like APIs with many integration possibilities. See the 80 minutes video for the full details. It hopes to become the replacement for email... Servers can be run by anybody. Wonder how Google is thinking of making money with it. Ads, just like in GMail? Maybe they are going to charge you for using their Wave server instances (SAAS version)? An interview with Wave's creators can be found here. And six reasons why Wave could be game-changing.
  


• Eight generic best practices for scalable high performance systems.
  


• Are you any of these two tools with almnost the exact same name? SonarJ is a plug-in for Eclipse that helps you validate your code against a software architecture, using static analysis (free for projects up to 500 classes). And now for the confusion: check also Sonar: enables to collect, analyze and report metrics on source code. It leverages the existing ecosystem of quality open source tools (ex. Checkstyle, PMD, Maven, Cobertura …), to offer a fully integrated solution to development environments and continuous integration tools.
  

Best of this Week Summary 17 February - 01 March 2009

• A relatively new type of mashups are so called clipping mashups. Instead of building a mashup against some official API, a clipping mashup just parses the final content in the presentation, thus including CSS, Javascript etc. Links can be rewritten, new elements injected. The presentation doesn't have to follow for example portal JSR-168 standards.
  An example use case would be that you could use it to (temporarily) fix a bug in a system (not necessarily owned by you) until the official next release comes out.
  


• Eight architectural styles described. Handy overview including which one could be when appropriate.
  


• Summary of migration project from JDBC to Hibernate. Valid comment at the bottom is that iBatis might be a better solution when you have to work from an existing schema.
  


• Additional tips and articles for the Wicket in Action book. For example this article on how to do a partial Ajax repaint of newly created repeater items (e.g adding 1 row dynamically to a table or list with a "+" button). This in contrast to rendering all rows in a table when repainting the WebMarkupContainer as in the example described here.
  


• Nice step-by-step introduction to asynchronous processing in Java 5 using Futures, ExecutorServices, CompletionService, Callback interfaces and ThreadPools. Here's part 2 where it's being used in combination with Javascript to improve the user experience.
  

Best of this Week Summary 09 February - 15 February 2009

• This week a new web-based online code editor from Mozilla Labs. Javascript, HTML and CSS support are in this first beta release. All made in Javascript and requires Canvas support. One of the goals is to create new useful functionality for the code editor. Check the video for a full introduction.
  


• You can now get your IBM licensed software on Amazon's EC2 AMIs. Development AMIs with IBM software on them are also available at no additional fee. In the future it will also be possible to purchase these services by the hour. Initially available are: IBM DB2, IBM Informix, WebSphere sMash, IBM Lotus Web Content Management, and IBM WebSphere Portal Server. No I'm not sponsored by IBM, but I do think it's a smart move.
  


• RWW is noticing there is a trend towards a different type of databases than relational databases. There's increased interest in key/value pair storage, e.g Distributed Hash Tables. Pros and cons are described. Example cloud initiatives of these key/value storages are: Google's AppEngine Datastore (built on BigTable), SimpleDB by Amazon and Microsoft's SQL Data Services.
  Non-cloud initiatives are CouchDB, Project Voldemort, Mongo and Drizzle (this last one is more or less a mix of the two paradigms).
  


• An application architecture pattern for RIA applications. At the end of the pattern the implementation is based on MS frameworks/tools but pattern is technology-agnostic.
  


• Summary of a SOA case study at Cisco.
  


• A nice set of coding tips for writing efficient Android code by Google, essential for Android since it runs on embedded systems. Still the tips are so generic you can apply quite a few of them in regular Java applications too.
  


• And as the last item for this week: an overview of the expected changes in Java EE 6.