Skip to main content

Home/ SoftwareEngineering/ Group items tagged implementation

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Appendix C. Spring Security Dependencies - 0 views

static.springsource.org/...appendix-dependencies.html

java security SpringSecurity dependencies

shared by kuni katsuya on 09 Aug 12 - No Cached
  • Spring Security Dependencies
  • This appendix provides a reference of the modules in Spring Security and the additional dependencies that they require in order to function in a running application
  • C.1 spring-security-coreThe core module must be included in any project using Spring Security.
  • ...8 more annotations...
  • DependencyVersionDescriptionaopalliance1.0Required for method security implementation.
  • spring-aop Method security is based on Spring AOP
  • spring-beans Required for Spring configuration
  • spring-expression Required for expression-based method security (optional)
  • spring-jdbc Required if using a database to store user data (optional).
  • spring-tx Required if using a database to store user data (optional).
  • C.6 spring-security-aclThe ACL module.
  • spring-jdbc Required if you are using the default JDBC-based AclService (optional if you implement your own).spring-tx Required if you are using the default JDBC-based AclService (optional if you implement your own).
kuni katsuya

Chapter 4. Remoting and Serialization - 0 views

www.graniteds.org/...graniteds.remoting.html

graniteds java flex as3 typemapping marshalling

shared by kuni katsuya on 15 Jun 12 - No Cached
  • 4.3. Mapping Java and AS3 objects
  • data conversions are done during serialization/deserialization
  • Externalizers and AS3 Code Generation
  • ...21 more annotations...
  • Due to the limited capabilities of the ActionScript 3 reflection API than cannot access private fields, it is necessary to create an externalizable AS3 class (implementing flash.utils.IExternalizable and its corresponding externalizable Java class
  • writeExternal
  • In both classes you have to implement two methods
  • the Gas3 generator can automatically generate the writeExternal and readExternal methods.
  • With GraniteDS automated externalization and without any modification made to our bean, we may serialize all properties of the Person class, private or not
  • In order to externalize the Person.java entity bean, we must tell GraniteDS which classes we want to externalize with a
  • externalize all classes named com.myapp.entity.Person by using the org.granite.hibernate.HibernateExternalizer
  • you could use this declaration, but note that type in the example above is replaced by
  • instance-of:
  •             <include annotated-with="javax.persistence.Entity"/>             <include annotated-with="javax.persistence.MappedSuperclass"/>             <include annotated-with="javax.persistence.Embeddable"/>
  • : type
  • annotated-with
  • Instead of configuring externalizers with the above method, you may use the
  • feature:
  • precedence rules for these three configuration options:
  • <granite-config scan="true"/>
  • autoscan
  • GraniteDS will scan at startup all classes
  • found in the classloader of the GraniteConfig class, and discover all externalizers (classes that implements the GDS Externalizer interface)
  • DefaultExternalizer
  • this externalizer may be used with any POJO bean.
  • kuni katsuya on 15 Jun 12
     
    4.3. Mapping Java and AS3 objects
kuni katsuya

[#ANN-140] Discriminator column not supported with JOINED strategy - Hibernate JIRA - 0 views

hibernate.onjira.com/...ANN-140

java JPA inheritance mapping Hibernate

shared by kuni katsuya on 20 Nov 12 - No Cached
  • Hibernate does not need a discriminator
  • because Hibernate is better than these other inferior implementations
  • It is allowed for
  • ...2 more annotations...
  • inferior implementations
  • of the JOINED mapping strategy which require a discriminator
kuni katsuya

Dependency injection discourages object-oriented programming? @ Blog of Adam Warski - 0 views

www.warski.org/...es-object-oriented-programming

java javaee6 CDI CdiDependencyInjection OO Object-Oriented procedural DI DependencyInjection

shared by kuni katsuya on 12 Dec 12 - No Cached
  • Dependency injection discourages object-oriented programming?
  • if you’re using DI, and you have an X entity, do you have an XService or XManager with lots of method where X is the first argument?
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      evidence of the anti-pattern of procedural design in a java ee6 cdi application
  • previous way is more procedural
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      ie. ProductService.ship(Product,Customer)
  • ...12 more annotations...
  • service/manager is a set of procedures you can run, where the execution takes a product and a customer as arguments
  • better
  • OO approach
  • not saying that achieving the above is not possible with a DI framework
  • only that DI
  • encourages the ProductService approach
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      well, dependency injection, but moreover, the soa approach to service design tends to force otherwise intelligent software engineers into doing procedural design the services just end up being bags of method calls that implement any type of behavior, with the domain objects or entity beans being reduced to mere data structures with little responsibility or behavior beyond persistence. (which, in this anti-pattern, is typically mostly provided by the repository or dao class! ie. domain object crud)
  • it’s just easier
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      ... if you just blindly follow the anti-pattern, of course  ;)
  • many benefits
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      with the procedural approach, you also cannot implement polymorphic behavior, for instance
  • builder
  • fluent interface
  • it’s not for small projects
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      fuckwhat? small or big matters not. if di is applied poorly, regardless of project size, it's an anti-pattern! disregard these comments!
  • problems with DI frameworks:
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      not sure i agree with these points, but will refuse in a later sticky note
kuni katsuya

Anemic domain model - Wikipedia, the free encyclopedia - 0 views

en.wikipedia.org/...Anemic_Domain_Model

patterns AnemicDomainModel

shared by kuni katsuya on 12 Dec 12 - Cached
  • objects containing only data
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      ie. dumb data structures with little or no behavior
  • objects containing only code
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      ie. classes that are just containers for methods that implement the behavior part of the domain objects (aka the procedures)
  • Martin Fowler, who considers the practice an anti-pattern
  • ...14 more annotations...
  • Benefit
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      none
  • Liabilities
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      lots
  • Logic cannot be implemented in a truly object-oriented way
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      for example, polymorphic behavior
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      dammit, can't change highlight color if there's also a sticky note attached!!! arrgggghhhh!!! diigo plugin bug!!
  • Violation of the encapsulation
  • domain model's objects cannot guarantee their correctness
  • validation and mutation logic is placed somewhere outside
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      instead of, say, attaching validation 'behavior' directly on, but still decoupled from domain classes themselves (eg. validation rule annotations on jpa entity beans)
    • kuni katsuya
      kuni katsuya on 12 Dec 12
       
      dammit, can't change highlight color if there's also a sticky note attached!!! arrgggghhhh!!! diigo plugin bug!!
  • Necessitates a service layer when sharing domain logic across differing consumers of an object model.
  • Makes a model less expressive and harder to understand.
  • Facilitates code duplication among transactional scripts and similar use cases, reduces code reuse.
  • Liabilities
  • Liabilities
  • Liabilities
  • Liabilities
  • Liabilities
kuni katsuya

Unquiet Code | Using Generics To Build Fluent API's In Java - 0 views

www.unquietcode.com/...s-to-build-fluent-apis-in-java

Java generics FluentAPI DesignPatterns ApiDesign

shared by kuni katsuya on 27 Mar 13 - No Cached
  • Using Generics To Build Fluent API's In Java
  • extends BaseClass
  • super(ChildClass.class)
  • ...19 more annotations...
  • accomplish the same idea using generics
  • creates a bad sort of dependency where we need to update the base class every time we make a new derived class. Not good!
  • superclass requests information about the child, and the child provides it
  • (CHILD)
  • <CHILD extends BakedGood<CHILD>>
  • CHILD
  • (CHILD)
  • CHILD
  • abstract
  • extends BakedGood<Cake>
  • The type parameter is saying “the Child class must extend Base<Child>”, forcing the Child class to provide its own type to the type system
  • Now that we can return the derived class in our chained method calls we are free to alternately call methods from the base class and the derived class
  • All of the normal polymorphic abilities are retained (you can see that we’ve implemented the abstract bake() method required by BakedGood)
  • .bake()
  • .bake()
  • practical applications of fluent API’s can be found
  • this one
  • best article I was able to find on the topic was
  • here and here
kuni katsuya

Chapter 3. Configuration - 0 views

docs.jboss.org/...ch03.html

JPA Hibernate NamingStrategy

shared by kuni katsuya on 03 Apr 13 - No Cached
kuni katsuya

Bloodhound - App Measurement QA Tool | Adobe Developer Connection - 0 views

developer.omniture.com/...ound-app-measurement-qa-tool-1

SiteCatalyst QA measurement tool Bloodhound

shared by kuni katsuya on 04 Feb 13 - No Cached
  • Bloodhound - App Measurement QA Tool
  • displays and parses real-time hit data on app measurement implementations, ensuring proper implementation for app developers and marketing team
  • focuses on mobile app measurement for iOS, Android, and WinRT for Windows 8 platforms
  • ...3 more annotations...
  • but has use-cases for other platforms and even desktop or mobile web
  • Bloodhound documentation here
  • Note: The QA Tool does not support https:// (SSL) tracking. You must disable SSL in the AppMeasurement library when testing using the QA Tool.
kuni katsuya

FB CMS (DMS) User Stories - Projects - Confluence - 0 views

confluence.vfmltech.com/...FB+CMS+%28DMS%29+User+Stories

shared by kuni katsuya on 25 Feb 13 - No Cached
  • Sequence Diagrams (Upload):
    • kuni katsuya
      kuni katsuya on 25 Feb 13
       
      sequence diagrams for initial, cdms implementation, *not* cube implementation (see only as reference)
kuni katsuya

Stephen Colebourne's blog: Javadoc coding standards - 0 views

blog.joda.org/...javadoc-coding-standards.html

java javadoc BestPractices documentation design communication

shared by kuni katsuya on 13 Dec 12 - No Cached
  • Javadoc coding standards
  • explain some of the rationale for some of my choices
  • this is more about the formatting of Javadoc, than the content of Javadoc
  • ...63 more annotations...
  • Each of the guidelines below consists of a short description of the rule and an explanation
  • Write Javadoc to be read as source code
  • Making Javadoc readable as source code
  • Public and protected
  • All public and protected methods should be fully defined with Javadoc
  • Package and private methods do not have to be, but may
  • benefit from it.
    • kuni katsuya
      kuni katsuya on 13 Dec 12
       
      think of it as internal design documentation when you revisit this code 8 months from now: - based on nothing but your well-chosen ;) package/class/method/variable names, will you recall all of your current design intentions and rationale? likely not - when you hand-off this code to another software engineer, how easy will it be to mostly rtfm? will you have to waste time preparing design/implementation notes specifically for the hand-off? if this is the case because the code is unreadable and not self-guiding and there's not already at least high level design notes in a wiki, you're doing it wrong!
  • If a method is overridden in a subclass, Javadoc should only be present if it says something distinct to the original definition of the method
    • kuni katsuya
      kuni katsuya on 13 Dec 12
       
      ie. don't just copy-paste the javadoc from the superclass. that's mindless and pointless monkey work
  • Use the standard style for the Javadoc comment
  • Do not use '**/' at the end of the Javadoc
  • Use simple HTML tags, not valid XHTML
  • XHTML adds many extra tags that make the Javadoc harder to read as source code
  • Use a single <p> tag between paragraphs
  • Place a single <p> tag on the blank line between paragraphs:
    • kuni katsuya
      kuni katsuya on 13 Dec 12
       
      this at least makes the paragraph breaks wysiwygísh and somewhat easier to read
  • Use a single <li> tag for items in a list
  • place a single <li> tag at the start of the line and no closing tag
  • Define a punchy first sentence
  • it has the responsibility of summing up the method or class to readers scanning the class or package
  • the first sentence should be
  • clear and punchy, and generally short
  • use the third person form at the start
  • Avoid the second person form, such as "Get the foo"
  • Use "this" to refer to an instance of the class
  • When referring to an instance of the class being documented, use "this" to reference it.
  • Aim for short single line sentences
  • Wherever possible, make Javadoc sentences fit on a single line
  • favouring between 80 and 120 characters
  • Use @link and @code wisely
  • @link feature creates a visible hyperlink in generated Javadoc to the target
  • @code feature provides a section of fixed-width font, ideal for references to methods and class names
  • Only use @link on the first reference to a specific class or method
  • Use @code for subsequent references.
  • This avoids excessive hyperlinks cluttering up the Javadoc
  • Never use @link in the first sentence
  • Always use @code in the first sentence if necessary
  • Adding a hyperlink in that first sentence makes the higher level documentation more confusing
  • Do not use @code for null, true or false
  • Adding @code for every occurrence is a burden to both the reader and writer of the Javadoc and adds no real value.
  • Use @param, @return and @throws
  • @param entries should be specified in the same order as the parameters
  • @return should be after the @param entries
  • followed by @throws.
  • Use @param for generics
  • correct approach is an @param tag with the parameter name of <T> where T is the type parameter name.
  • Use one blank line before @param
  • This aids readability in source code.
  • Treat @param and @return as a phrase
  • They should start with a lower case letter, typically using the word "the". They should not end with a dot. This aids readability in source code and when generated.
  • treated as phrases rather than complete sentences
  • Treat @throws as an if clause
  • phrase describing the condition
  • Define null-handling for all parameters and return types
    • kuni katsuya
      kuni katsuya on 13 Dec 12
       
      ideally, if the method in question has any specified/required pre and/or post conditions, they should be noted in the javadoc, not *just* null handling also, there are cleaner ways to design around this type of old school null handling hackage
  • methods should define their null-tolerance in the @param or @return
  • standard forms expressing this
  • "not null"
  • "may be null"
  • "null treated as xxx"
    • kuni katsuya
      kuni katsuya on 13 Dec 12
       
      DO NOT DO THIS this is just bad design
  • "null returns xxx"
    • kuni katsuya
      kuni katsuya on 13 Dec 12
       
      this might also stink of poor design ymmv
  • In general the behaviour of the passed in null should be defined
  • Specifications require implementation notes
  • Avoid @author
  • source control system is in a much better position to record authors
  • This wastes everyone's time and decreases the overall value of the documentation. When you have nothing useful to say, say nothing!
    • kuni katsuya
      kuni katsuya on 13 Dec 12
       
      likewise with javadoc on things like default constructors /**  * Creates an instance of SomeClass  */ public SomeClass() {} is equally useless and unnecessarily clutters up the source code
kuni katsuya

[#GDS-933] GAS3 does not handle Java generics with abstract class implementations - Gra... - 0 views

www.graniteds.org/...GDS-933

java javaee javaee6 graniteds GraniteDS3 JavaGenerics Gas3 CodeGeneration

shared by kuni katsuya on 13 Dec 12 - No Cached
  • GAS3 does not handle Java generics with abstract class implementations
  • Fix Version/s: 3.0.0.M1
kuni katsuya

Data Source Configuration in AS 7 | JBoss AS 7 | JBoss Community - 0 views

community.jboss.org/...DataSourceConfigurationinAS7

jbossas7 datasource configuration jdbc

shared by kuni katsuya on 11 Jul 12 - No Cached
  • Data Source Configuration in AS 7
  • Using @DataSourceDefinition to configure a DataSource
  • This annotation requires that a data source implementation class (generally from a JDBC driver JAR) be present on the class path (either by including it in your application, or deploying it as a top-level JAR and referring to it via MANIFEST.MF's Class-Path attribute) and be named explicitly.
  • ...21 more annotations...
  • this annotation bypasses the management layer and as such it is recommended only for development and testing purposes
  • Defining a Managed DataSource
  • Installing a JDBC driver as a deployment
  • Installing the JDBC Driver
  • deployment or as a core module
  • managed by the application server (and thus take advantage of the management and connection pooling facilities it provides), you must perform two tasks.  First, you must make the JDBC driver available to the application server; then you can configure the data source itself.  Once you have performed these tasks you can use the data source via standard JNDI injection.
  • recommended way to install a JDBC driver into the application server is to simply deploy it as a regular JAR deployment.  The reason for this is that when you run your application server in domain mode, deployments are automatically propagated to all servers to which the deployment applies; thus distribution of the driver JAR is one less thing for administrators to worry about.
  • Note on MySQL driver and JDBC Type 4 compliance: while the MySQL driver (at least up to 5.1.18) is designed to be a Type 4 driver, its jdbcCompliant() method always return false. The reason is that the driver does not pass SQL 92 full compliance tests, says MySQL. Thus, you will need to install the MySQL JDBC driver as a module (see below).
  • Installing a JDBC driver as a module
  • <module xmlns="urn:jboss:module:1.0" name="com.mysql">  <resources>    <resource-root path="mysql-connector-java-5.1.15.jar"/>  </resources>  <dependencies>    <module name="javax.api"/>  </dependencies></module>
  • jboss-7.0.0.<release>/modules/com/mysql/main
  • define your module with a module.xml file, and the actual jar file that contains your database driver
  • content of the module.xml file
  • Under the root directory of the application server, is a directory called modules
  • module name, which in this example is com.mysql
  • where the implementation is, which is the resource-root tag with the path element
  • define any dependencies you might have.  In this case, as the case with all JDBC data sources, we would be dependent on the Java JDBC API's, which in this case in defined in another module called javax.api, which you can find under modules/javax/api/main as you would expect.
  • Defining the DataSource itself
  •    <datasource jndi-name="java:jboss/datasources/MySqlDS" pool-name="MySqlDS">      <connection-url>jdbc:mysql://localhost:3306/EJB3</connection-url>         <driver>com.mysql</driver>
  •     <drivers>      <driver name="com.mysql" module="com.mysql">        <xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</xa-datasource-class>      </driver>    </drivers>
  • jboss-7.0.0.<release>/domain/configuration/domain.xml or jboss-7.0.0.<release>/standalone/configuration/standalone.xml
kuni katsuya

Permission (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...Permission.html

ApacheShiro permission

shared by kuni katsuya on 29 Aug 12 - No Cached
  • A Permission represents the ability to perform an action or access a resource. A Permission is the most granular, or atomic, unit in a system's security policy and is the cornerstone upon which fine-grained security models are built.
  • a Permission instance only represents functionality or access - it does not grant it
  • permissions are immutable and reflect an application's raw functionality
  • ...4 more annotations...
  • because Permissions represent raw functionality and only change when the application's source code changes, they are immutable at runtime - they represent 'what' the system can do
  • by transitive association, the user 'has' the permissions in their roles
  • all Permission checks are relegated to Realm implementations, and only those implementations really determine how a user 'has' a permission or not
  • Realm could use the semantics described here, or it could utilize some other mechanism entirely
kuni katsuya

Properties - 0 views

svnbook.red-bean.com/...svn.advanced.props.html

subversion properties auto-props

shared by kuni katsuya on 29 Aug 12 - No Cached
  • Automatic Property Setting
  • Subversion administrators commonly ask if it is possible to configure, on the server side, a set of property definitions which all connecting clients will automatically consider when operating on working copies checked out from that server. Unfortunately, Subversion doesn't offer this feature. Administrators can use hook scripts to validate that the properties added to and modified on files and directories match the administrator's preferred policies, rejecting commits which are non-compliant in this fashion. (See the section called “Implementing Repository Hooks” for more about hook scripts.) But there's no way to automatically dictate those preferences to Subversion clients beforehand.
kuni katsuya

Authorization | Apache Shiro - 0 views

shiro.apache.org/authorization.html

ApacheShiro authorization RBAC Role Permission Subject

shared by kuni katsuya on 31 Aug 12 - No Cached
  • PermissionResolver
  • use the PermissionResolver to convert the string into a Permission instance, and perform the check that way
  • All Shiro Realm implementations default to an internal
  • ...26 more annotations...
  • WildcardPermissionResolver
  • which assumes Shiro's
  • WildcardPermission
  • String format.
  • Authorization Sequence
  • what happens inside Shiro whenever an authorization call is made.
  • invokes any of the Subject hasRole*, checkRole*, isPermitted*, or checkPermission*
  • securityManager implements the org.apache.shiro.authz.Authorizer interface
  • delegates to the application's SecurityManager by calling the securityManager's nearly identical respective hasRole*, checkRole*, isPermitted*, or checkPermission* method variants
  • relays/delegates to its internal org.apache.shiro.authz.Authorizer instance by calling the authorizer's respective hasRole*, checkRole*, isPermitted*, or checkPermission* method
  • Realm's own respective hasRole*, checkRole*, isPermitted*, or checkPermission* method is called
  • Authorization Sequence
  • Authorization Sequence
  • Authorization Sequence
  • Implicit Roles:
    • kuni katsuya
      kuni katsuya on 23 Sep 12
       
      BAD! do not use. prefer explicit (see below)
  • implies a set of behaviors (i.e. permissions) based on a role name only
  • Excplict Roles
  • named collection of actual permission statements
  • your realm is what will tell Shiro whether or not roles or permissions exist
  • Each Realm interaction functions as follows:
  • key difference with a RolePermissionResolver however is that the input String is a role name, and not a permission string.
  • Configuring a global RolePermissionResolver
  • RolePermissionResolver has the ability to represent Permission instances needed by a Realm to perform permission checks.
  • translate a role name into a concrete set of Permission instances
  • globalRolePermissionResolver = com.foo.bar.authz.MyPermissionResolver ... securityManager.authorizer.rolePermissionResolver = $globalRolePermissionResolver
  • shiro.ini
‹ Previous 21 - 40 of 102 Next › Last »
Showing 20 items per page