Group items tagged

ImageMagick does not offer any of these things

benefit from it.

Only use @link on the first reference to a specific class or method

This avoids excessive hyperlinks cluttering up the Javadoc

"null treated as xxx"

"null returns xxx"

measures the number of linearly independent paths through a program's source code

count of the number of

through the source code

free and more feature rich alternative to BlazeDS, but also outranks LCDS’ out-of-the-box features when it comes to data management, streaming media and integrating with mobile devices and Cloud computing

developer tools like code generation, invocation test drive and interoperability with multiple IDEs and frameworks

supporting integration with mobile clients (Android, Windows Phone 7, RIM Playbook and soon iOS) and the Java service layer, which includes support for Java POJOs, EJBs, Spring Beans, Grails controllers, Hibernate Objects and XML Web Services

if you’ve heard Rod Johnson speak he is always adamant that Spring has replaced Java EE. Its good to see that his rhetoric is utter BS!

Sorry, even Spring MVC sucks as much balls as JSF does.

Java EE wins over Spring

CDI closed API hole

Application server started to get their act together with regards to boot time.  It started with Glassfish and ended with JBoss 7.  Both of which can boot in a matter of seconds.

Arquillian allows you to run your unit tests in a real environment with real transactions, etc.  Personally I always despised mocks because they didn’t test in the environment you were going to run in.  I thought they were pointless and to this day, I refuse to use this testing pattern.

I’m glad Rod and company were able to cash out with the VMWare acquisition before Java EE was able to regain its dominance

SpringSource pushed Java EE to innovate and for that I’m very grateful.  For Java EE, it was either evolve or die.  They evolved, now its time for Spring to die.

EJB MDG Technology for Enterprise Java Beans allows the user to model EJB entities and EJB sessions, complete with UML profiles for modeling EJB, EJB patterns and Code Management. (requires Enterprise Architect 4.1 or later)

ICONIX AGILE DDT ICONIX Agile Developer - Design-Driven Testing (DDT) streamlines the ICONIX modeling process, providing: Convenient modeling of robustness diagrams Automatic generation of sequence diagram structures from robustness diagrams Transformation of robustness control elements to test diagrams Transformation of sequence diagram elements to test diagrams Transformation of requirement diagrams to test diagrams Transformation between test cases and test classes. (JUnit & NUnit) Built-in model validation rules for ICONIX robustness diagrams (requires Enterprise Architect 7.5 or later)

Testing MDG Technology for Testing helps users to rapidly model a wide range of testing procedures including component testing, SUT, Test Cases and more. (requires Enterprise Architect 4.1 or later)

Instructions for loading an MDG Technology EXE file: Download and run the .exe file to install the MDG technology. Open Enterprise Architect. Select from the Main Menu Add-Ins | XYZ Technology | Load.

Built-in MDG Technologies: Most of the MDG Technologies provided by Sparx Systems are built into Enterprise Architect directly. Depending on your edition of Enterprise Architect, some or all of the following MDG Technologies will be available:

Gang of Four Patterns

Mind Mapping

Web Modeling

Data Flow (DFD)

Entity-Relationship (ERD)

Business Rule Model

BPMN™

deploy the example by right clicking on the jboss-as-login project, and choosing Run As -> Run On Server

src/main/webapp directory

beans.xml and face-config.xml tell JBoss AS to enable CDI and JSF for the application

don't need a web.xml

src/main/resources

persistence.xml, which sets up JPA, and import.sql which Hibernate, the JPA provider in JBoss AS, will use to load the initial users into the application when the application starts

@Inject

CDI managed beans. The @EJB annotation is removed and @Inject is used instead

Annotating the boundary (Cart) with the @Named annotation makes the Cart immediately visible for expression language (EL) expressions in JSP and JSF

@Named annotation takes the simple name of the annotated class, puts the first character in lowercase, and exposes it directly to the JSF pages (or JSP). The Cart bean can be accessed directly, without any backed or managed beans, by the JSF pages: <h:commandButton value="Check out!" action="#{cart.checkout}" />

If there is a need for abstraction, the class can be turned into an interface (or abstract class)

local implementation (with CDI events

@Inject Event<String> event;

event.fire("Order proceeded!");

remote implementation:

javax.enterprise.event.Event belongs to the CDI-implementation

class Event can be considered to be a lightweight alternative to the java.beans.PropertyChangeSupport class

@Inject Event<String> event;

event.fire("Order proceeded!");

event can be received by any managed bean and also by EJB beans

provide a method with a single @Observes annotated parameter

@Observes String event

there is no real event, just the payload:

The during attribute in the @Observes annotation allows you to select in which transactional phase the event gets delivered. The default setting is IN_PROGRESS, which causes an immediate event delivery regardless of the transaction outcome. The AFTER_SUCCESS configuration causes the delivery to occur only after successful transaction completion

Although CDI events work only inside a single process (in the default case, CDI is extensible), they are perfectly suitable for decoupling packages from modules

The method checkout() starts a transaction that gets "reused" by the OrderSystem and CustomerNotification session beans

ordering.placeOrder(); notifier.sendNotification();

EJB beans cannot be directly exposed to JSF or JSP without a little help from CDI

Permissions are provided in two ways: A Collection of Strings, where each String can usually be converted into Permission objects by a Realm's PermissionResolver A Collection of Permission objects

most Realms store both sets of data for a Subject

a Realm implementation to utilize an implementation of the Account interface instead, which is a convenience interface that combines both AuthenticationInfo and AuthorizationInfo

Caching: Spring Security optionally integrates with Spring's Ehcache factory. This flexibility means your database (or other authentication repository) is not repeatedly queried for authentication information when using Spring Security with stateless applications.

Run-as replacement: The system fully supports temporarily replacing the authenticated principal for the duration of the web request or bean invocation. This enables you to build public-facing object tiers with different security configurations than your backend objects.

Tag library support: Your JSP files can use our taglib to ensure that protected content like links and messages are only displayed to users holding the appropriate granted authorities. The taglib also fully integrates with Spring Security's ACL services, and obtaining extra information about the logged-in principal.

User Provisioning APIs: Support for groups, hierarchical roles and a user management API, which all combine to reduce development time and significantly improve system administration.

Enterprise-wide single sign on using CAS 3: Spring Security integrates with JA-SIG's open source Central Authentication Service (CAS)

injected managed beans (controls) results in the simplest possible architecture

Subject

'Subject' can mean a human being, but also a 3rd party process, daemon account, or anything similar. It simply means 'the thing that is currently interacting with the software'

Subject currentUser = SecurityUtils.getSubject();

SecurityManager

SecurityManager manages security operations for all users

Realms

Realm acts as the ‘bridge’ or ‘connector’ between Shiro and your application’s security data. That is, when it comes time to actually interact with security-related data like user accounts to perform authentication (login) and authorization (access control), Shiro looks up many of these things from one or more Realms configured for an application.

Realm is essentially a security-specific DAO

Shiro provides out-of-the-box Realms to connect to a number of security data sources (aka directories) such as LDAP, relational databases (JDBC), text configuration sources like INI and properties files, and more

Authorization

A permission is a raw statement of functionality, for example ‘open a door’, ‘create a blog entry’, ‘delete the ‘jsmith’ user’, etc. By having permissions reflect your application’s raw functionality, you only need to change permission checks when you change your application’s functionality. In turn, you can assign permissions to roles or to users as necessary at runtime.

“Run As” support for assuming the identity of another Subject

High-Level Overview

essentially a security specific 'view' of the the currently executing user

instances are all bound to (and require) a

When you interact with a Subject, those interactions translate to subject-specific interactions with the SecurityManager

'umbrella’ object that coordinates its internal security components that together form an object graph

‘connector’ between Shiro and your

Shiro looks up many of these things from one or more Realms configured for an application

component responsible determining users' access control in the application

if a user is allowed to do something or not

knows how to create and manage user

lifecycles

Shiro has the ability to natively manage user Sessions in any environment, even if there is no Web/Servlet or EJB container available

Shiro will use

if available, (e.g. Servlet Container)

if there isn't one, such as in a standalone application or non-web environment, it will use its

exists to allow any datasource to be used to

performs Session persistence (CRUD) operations on behalf of the SessionManager

allows any data store to be plugged in to the Session Management infrastructure

creates and manages Cache instance lifecycles used by other Shiro components

improve performance while using these data source

‘connector’ between Shiro and your application’s security data

‘connector’ between Shiro and your application’s security data

‘connector’ between Shiro and your application’s security data

‘connector’ between Shiro and your application’s security data

elements of the user interface are displayed to the user based on the user's privilege level

assign permissions to individual objects within the application’s business domain

Permissions

Permissions assigned to user for a given resource in the tree are inherited by other resources

Permissions are inherited

persist user, group and role information in database. JPA implementation is his dream

Security Module Drafts

Identity

interface Identity

login()

logout()

getUser()

Events LoggedInEvent LoginFailedEvent AlreadyLoggedInEvent PreLoggedOutEvent PostLoggedOutEvent PreAuthenticateEvent PostAuthenticateEvent

Object level permission

Grant or revoke permissions

Group management

User/Identity management

identity.hasRole

identity.hasPermission

User, Group and Role

hooks for common IDM or Security operations

Audit and logging for permission and IDM related changes

Event API.

Impersonalization

Impersonalization

control which elements of the user interface are displayed to the user based on their assigned permissions

ask for permission

more advanced security resolution mechanisms

Rules based engine

external services - XACML