Skip to main content

Home/ SoftwareEngineering/ Group items tagged JavaScript

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Comparing JSF Beans, CDI Beans and EJBs | Andy Gibson - 0 views

www.andygibson.net/...g-jsf-beans-cdi-beans-and-ejbs

javaee6 ejb3.1 cdi JsfBackingBean

shared by kuni katsuya on 30 Jul 12 - No Cached
  • differences between CDI beans and EJBs is that EJBs are : Transactional Remote or local Able to passivate stateful beans freeing up resources Able to make use of timers Can be asynchronous
  • Stateless EJBs can be thought of as thread safe single-use beans that don’t maintain any state between two web requests
  • Stateful EJBs do hold state and can be created and sit around for as long as they are needed until they are disposed of
  • ...15 more annotations...
  • Stateless beans must have a dependent scope while a stateful session bean can have any scope. By default they are transactional, but you can use the transaction attribute annotation.
  • CDI beans can be injected into EJBs and EJBs can be injected into CDI beans
  • When to use which bean How do you know when to use which bean? Simple.
  • In general, you should use CDI beans unless you need the advanced functionality available in the EJBs such as transactional functions. You can write your own interceptor to make CDI beans transactional, but for now, its simpler to use an EJB until CDI gets transactional CDI beans which is just around the corner
  • Comparing JSF Beans, CDI Beans and EJBs
  • JSF Managed Beans
  • In short, don’t use them if you are developing for Java EE 6 and using CDI. They provide a simple mechanism for dependency injection and defining backing beans for web pages, but they are far less powerful than CDI beans.
  • JSF beans cannot be mixed with other kinds of beans without some kind of manual coding.
  • CDI Beans
  • includes a complete, comprehensive managed bean facility
  • interceptors, conversation scope, Events, type safe injection, decorators, stereotypes and producer methods
  • JSF-like features, you can define the scope of the CDI bean using one of the scopes defined in the javax.enterprise.context package (namely, request, conversation, session and application scopes). If you want to use the CDI bean from a JSF page, you can give it a name using the javax.inject.Named annotation
  • Comparing JSF Beans, CDI Beans and EJBs
  • Comparing JSF Beans, CDI Beans and EJBs
  • JSF Managed Beans
kuni katsuya

What Firefox's new privacy settings mean for you - 0 views

www.abine.com/...okie-settings-compare-to-dntme

shared by kuni katsuya on 11 Apr 13 - No Cached
  • trackers still see your IP address & other info
    • kuni katsuya
      kuni katsuya on 11 Apr 13
       
      everything else still exposed via http and tcpip layers/protocols
  • Firefox w/new default:
  • DoNotTrackMe:
  • ...10 more annotations...
  • Blocks specific requests that your browser is being asked to make
  • trackers see/get nothing, not even your IP address
  • Can block images
  • Can block JavaScript used for tracking
  • Uses a block list that blocks some trackers
  • but allows widgets on a per-company or per-website basis to keep a non-broken web experience
  • No effect on images
  • No effect on JavaScript
  • Blocks all 3rd party content
  • March 29th, 2013
kuni katsuya

Getting started with the Facebook SDK and ActionScript 3 | Adobe Developer Connection - 0 views

www.adobe.com/...facebooksdk-actionscript3.html

Flex ActionScript3 FacebookSDK FacebookAPI

shared by kuni katsuya on 15 Feb 13 - No Cached
  • Getting started with the Facebook SDK and ActionScript 3
  • invoke the Facebook API to login as well as to get details about the user, friends, photos, and other information
  • perform such tasks via the Facebook Graph API
  • ...3 more annotations...
  • JavaScript SDK with ActionScript 3
  • FB.init – initialize Facebook API FB.login - login to Facebook FB.api - perform a Graph API call on Facebook
  • Facebook JavaScript API calls:
kuni katsuya

jasmine-maven-plugin - 0 views

searls.github.com/jasmine-maven-plugin

javascript headless testing jasmine maven plugin

shared by kuni katsuya on 07 Jun 12 - No Cached
  • jasmine-maven-plugin is a Maven plugin for the JavaScript testing framework, Jasmine.
kuni katsuya

trevmex/EnvJasmine · GitHub - 0 views

github.com/EnvJasmine

javascript headless testing jasmine testframeworks

shared by kuni katsuya on 07 Jun 12 - No Cached
  • EnvJasmine: Jasmine test runner for EnvJS. EnvJasmine allows you to run headless JavaScript tests.
kuni katsuya

Session Management Cheat Sheet - OWASP - 0 views

www.owasp.org/...Session_Management_Cheat_Sheet

OWASP BestPractices CheatSheet SessionManagement

shared by kuni katsuya on 21 Sep 12 - No Cached
  • Session Management Cheat Sheet
  • should not be extremely descriptive nor offer unnecessary details
  • change the default session ID name of the web development framework to a generic name
  • ...50 more annotations...
  • length must be at least 128 bits (16 bytes)
  • Session ID Length
  • Session ID Name Fingerprinting
  • Session ID Properties
  • Session ID Entropy
  • must be unpredictable (random enough) to prevent guessing attacks
  • good PRNG (Pseudo Random Number Generator) must be used
  • must provide at least 64 bits of entropy
  • Session ID Content (or Value)
  • content (or value) must be meaningless
  • identifier on the client side
  • meaning and business or application logic associated to the session ID must be stored on the server side
  • session objects or in a session management database or repository
  • create cryptographically strong session IDs through the usage of cryptographic hash functions such as SHA1 (160 bits).
  • Session Management Implementation
  • defines the exchange mechanism that will be used between the user and the web application to share and continuously exchange the session ID
  • token expiration date and time
  • This is one of the reasons why cookies (RFCs 2109 & 2965 & 6265 [1]) are one of the most extensively used session ID exchange mechanisms, offering advanced capabilities not available in other methods
  • Transport Layer Security
  • use an encrypted HTTPS (SSL/TLS) connection for the entire web session
  • not only for the authentication
  • process where the user credentials are exchanged.
  • “Secure” cookie attribute
  • must be used to ensure the session ID is only exchanged through an encrypted channel
  • never switch a given session from HTTP to HTTPS, or viceversa
  • should not mix encrypted and unencrypted contents (HTML pages, images, CSS, Javascript files, etc) on the same host (or even domain - see the “domain” cookie attribute)
  • should not offer public unencrypted contents and private encrypted contents from the same host
  • www.example.com over HTTP (unencrypted) for the public contents
  • secure.example.com over HTTPS (encrypted) for the private and sensitive contents (where sessions exist)
  • only has port TCP/80 open
  • only has port TCP/443 open
  • “HTTP Strict Transport Security (HSTS)” (previously called STS) to enforce HTTPS connections.
  • Secure Attribute
  • instructs web browsers to only send the cookie through an encrypted HTTPS (SSL/TLS) connection
  • HttpOnly Attribute
  • instructs web browsers not to allow scripts (e.g. JavaScript or VBscript) an ability to access the cookies via the DOM document.cookie object
  • Domain and Path Attributes
  • instructs web browsers to only send the cookie to the specified domain and all subdomains
  • “Domain” cookie attribute
  • “Path” cookie attribute
  • instructs web browsers to only send the cookie to the specified directory or subdirectories (or paths or resources) within the web application
  • vulnerabilities in www.example.com might allow an attacker to get access to the session IDs from secure.example.com
  • Expire and Max-Age Attributes
  • “Max-Age”
  • “Expires” attributes
  • it will be considered a
  • persistent cookie
  • and will be stored on disk by the web browser based until the expiration time
  • use non-persistent cookies for session management purposes, so that the session ID does not remain on the web client cache for long periods of time, from where an attacker can obtain it.
  • Session ID Life Cycle
kuni katsuya

Login for Server-side Apps - Facebook Developers - 0 views

developers.facebook.com/...server-side-login

Facebook login authentication AccessToken FacebookAPI

shared by kuni katsuya on 27 Mar 13 - No Cached
  • compare it to the same state variable stored client-side in the session
    • kuni katsuya
      kuni katsuya on 27 Mar 13
       
      cross-site request forgery defense mechanism
  • If the user decided to decline to authorize your app
  • YOUR_REDIRECT_URI
  • ...38 more annotations...
  • error_reason=user_denied
  • Handling Revoked Permissions to see how best to proceed
  • Step 6. Exchange the code for an Access Token
  • exchange it for a User access token that can then be used to make API requests
  • /oauth/access_token
  • server-side request to the following OAuth endpoint:
  • client_secret
  • code=CODE_GENERATED_BY_FACEBOOK
  • body of the response
  • access_token
  • USER_ACCESS_TOKEN
  • persist this User access token in your database or in a session variable
  • must have the same base domain as that specified in the App Domain property of your app's settings
  • URL of the form https://apps.facebook.com/YOUR_APP_NAMESPACE
  • scope=user_birthday,read_stream
  • Step 4. Add Permissions to Login Dialog request
  • comma-separated list of any of the Permissions available
  • Step 5. Handle the response from the Login Dialog
  • Step 5. Handle the response from the Login Dialog
  • Step 5. Handle the response from the Login Dialog
  • Step 5. Handle the response from the Login Dialog
  • YOUR_REDIRECT_URI
  • Step 3. Redirect the user to the Login Dialog
  • Login for Server-side Apps
  • Login for Server-side Apps
  • Login for Server-side Apps
  • Login for Server-side Apps
  • Login for Server-side Apps
  • Login for Server-side Apps
  • way to authenticate users in situations where the use of client-side Javascript is not appropriate.
  • Login for Server-side Apps
  • received an access token for them and can make API calls on their behalf
  • Step 5. Handle the response from the Login Dialog
  • include CSRF protection using the state parameter
  • if the user has authorized the app, they will be redirected to:
  • YOUR_REDIRECT_URI
  • code=CODE_GENERATED_BY_FACEBOOK
  • redirect_uri as the same URL that redirect the user to the Login Dialog
kuni katsuya

Introduction | Adobe Developer Connection - 0 views

developer.omniture.com/...c-introduction

Adobe Omniture SiteCatalyst documentation

shared by kuni katsuya on 23 Jan 13 - No Cached
kuni katsuya

List of unit testing frameworks - Wikipedia, the free encyclopedia - 0 views

en.wikipedia.org/...ist_of_unit_testing_frameworks

shared by kuni katsuya on 26 Feb 13 - Cached
kuni katsuya

Enterprise Architect - UML Design Tools and UML CASE tools for software development - 0 views

www.sparxsystems.com/...index.html

enterprise architect uml design tools

shared by kuni katsuya on 16 May 12 - Cached
  • Code Engineering Database Engineering Debug & Visualize Applications MDG Technologies (Create & Use)* Model Driven Architecture (MDA) Project Discussion Forum Replicate .EAP Projects Reverse Engineer Binaries (Java, .NET) Shared Models WSDL Engineering XML Schema (XSD) Engineering
  • Audit Model Changes Baseline Diff/Merge DBMS Repository** Floating Edition Available Lazy Load Scripting with JScript, VBScript and Javascript Security (Role-based) WAN Optimizer
  • BPEL Generation from BPMN diagrams Business Rules Composer Executable Code Generation from Behavioral Models Math Support built into Script Engines
  • ...5 more annotations...
  • Allocated Work Execution Analyzer Menu Test Points Win 32 User Interface Designs Business Process Simulation ***
  • Gap Analysis Model Mail Project Calendar Task Allocations TOGAF Gap Analysis
  • BPEL 2.0 Generation BPMN Simulation SysML 1.2
  • Eclipse Integration
  • Eclipse Link
  • kuni katsuya on 16 May 12
     
    Code Engineering Database Engineering Debug & Visualize Applications MDG Technologies (Create & Use)*
kuni katsuya

ActionScript, NetBeans and FlexBean (PROTIP included) « Greymatter.pl - 0 views

blog.greymatter.pl/...t-netbeans-and-flexbean-protip

actionscript flex netbeans plugin

shared by kuni katsuya on 08 Jun 12 - No Cached
  • it’s much less bloated and much snappier than Eclipse
  • ActionScript, NetBeans and FlexBean
  • basic MXML templating and project make support (through Ant)
  • ...3 more annotations...
  • open an .as file as a JS script
  • you can get basic code highlighting and formatting
  • right/command click an .as file in the project pane and select ‘Open As..’, then select text/javascript MIME type
1 - 20 of 21 Next ›
Showing 20 items per page