Skip to main content

Home/ SoftwareEngineering/ Group items tagged implementation

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Getting Started · UnquietCode/Flapi Wiki - 0 views

github.com/...Getting-Started

Java generics FluentAPI DesignPatterns ApiDesign builder Flapi intro

shared by kuni katsuya on 27 Mar 13 - No Cached
  • UnquietCode / Flapi
  • Getting Started
  • include a block chain
  • ...29 more annotations...
  • builds what is called a descriptor
  • blocks
  • methods
  • Blocks can be reused by using their name later in a addBlockReference(...) method
  • block contains methods
  • block can in turn nest other blocks
  • last()
  • Invocation Tracking
  • allowed invocations:
  • any()
  • exactly(int x)
  • atLeast(int x)
  • atMost(int x)
  • uses to build the Java code model and generate the classes and interfaces of a builder
  • between(int x, int y)
  • last(Class c)
  • Creating a Descriptor
  • Flapi.builder()
  • setPackage(String)
  • setStartingMethodName(String)
  • setDescriptorName(String)
  • setReturnType(Class)
  • enableCondensedClassNames()
  • addMethod(...)
  • startBlock(...)
  • addBlockChain(...)
  • addBlockReference(...)
  • Implementing the Helpers
  • Flapi creates only the interfaces for the helpers
kuni katsuya

UML 2 Class Diagram Guidelines - 0 views

www.agilemodeling.com/...classDiagram.htm

uml class diagram best practices

shared by kuni katsuya on 19 Dec 12 - Cached
  • UML 2 Class Diagram Guidelines
  • 1.        General Guidelines
  • 2.        Class Style Guidelines
  • ...49 more annotations...
  • Use Common Terminology for Names
  • Prefer Complete Singular Nouns for Class Names
  • Name Operations with a Strong Verb
  • Name Attributes With a Domain-Based Noun
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      don't just use the attribute's type with first character lower cased!!! argghhh!  (eg. instead of Node node, Node parent)
  • Do Not Model Scaffolding Code
  • Include an Ellipsis ( … ) At The End of Incomplete Lists
  • Develop Consistent Method Signatures
  • Avoid Stereotypes Implied By Language Naming Conventions
  • 3.        Interfaces
  • Name Interfaces According To Language Naming Conventions
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      I+ is NOT an acceptable naming convention!  this is a very dumb, thoughtless, pointless convention originated by microsoft
    • kuni katsuya
      kuni katsuya on 19 Dec 12
  • Do Not Model the Operations and Attributes of an Interface in Your Classes
  • Consider an Interface to Be a Contract
  • 4.        Relationship Guidelines
  • Model Relationships Horizontally
  • Depict Similar Relationships Involving A Common Class As A Tree
  • Always Indicate the Multiplicity
  • reduce clutter in the diagram
  • Avoid a Multiplicity of “*”
  • Replace Relationships By Indicating Attribute Types
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      if dependency relationships were drawn between every class and the types of it's attributes, the class diagram becomes cluttered very quickly this dependency is obvious if the type is indicated for each attribute
  • Do Not Model Every Single Dependency
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      generalization of #7 what you show/don't show depends on the main concepts  you're trying to convey in any specific diagram
  • Write Concise Association Names In Active Voice
  • Indicate Directionality To Clarify An Association Name
  • Name Unidirectional Associations In The Same Direction
  • Indicate Role Names When Multiple Associations Between Two Classes Exist
  • Indicate Role Names on Recursive Associations
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      eg. parent, child
  • Make Associations Bi-Directional Only When Collaboration Occurs In Both Directions
  • Question Multiplicities Involving Minimums And Maximums
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      this just leads to stupid programming practices like hard-coding array sizes, making code more brittle
  • 6.        Inheritance Guidelines
  • “is a”
  • “is like” relationships
  • Apply the Sentence Rule For Inheritance
  • Place Subclasses Below Superclasses
  • A Subclass Should Inherit Everything
    • kuni katsuya
      kuni katsuya on 19 Dec 12
       
      if a subclass sets an attribute to null, implements a method returning null or throwing a NotImplementedException, it really isn't a subclass, or the superclass needs to be decomposed
  • 7.        Aggregation and Composition Guidelines
  • object is made up of other objects
  • aggregation
  • “is part of” relationships
  • whole-part relationship between two objects
  • Composition
  • stronger form of aggregation where the whole and parts have
  • coincident lifetimes, and it is very common for the whole to manage the lifecycle of its parts
  • Apply the Sentence Rule for Aggregation
  • Depict the Whole to the Left of the Part
  • Don’t Worry About Getting the Diamonds Right
  • associations, aggregation, composition, dependencies, inheritance, and realizations
  • line on a UML class diagram
  • defines a cohesive set of behaviors
  • Indicate Visibility Only On Design Models
  • Design Class Diagrams Should Reflect Language Naming Conventions
kuni katsuya

Release Notes - GraniteDS - Version 3.0.0.M1 - HTML format - Granite Data Services - 0 views

www.graniteds.org/...ReleaseNote.jspa

java javaee javaee6 graniteds GraniteDS3 ReleaseNotes

shared by kuni katsuya on 13 Dec 12 - No Cached
  • Release Notes - GraniteDS - Version 3.0.0.M1
  • GAS3 does not handle Java generics with abstract class implementations
  • Generated as3 has compilation warnings: missing constructor
  • ...1 more annotation...
  • Rename flex-filter to server-filter and @FlexFilter to @ServerFilter
kuni katsuya

Session Management | Apache Shiro - 1 views

shiro.apache.org/session-management.html

ApacheShiro SessionManagement SessionClustering clustering

shared by kuni katsuya on 08 Nov 12 - No Cached
  • Session Clustering
  • can cluster Subject sessions natively and never need to worry again about how to cluster sessions based on your container environment
  • if you configure a cluster-capable SessionDAO, the DAO can interact with a clustering mechanism and Shiro's SessionManager never needs to know about clustering concerns
  • ...8 more annotations...
  • Therefore enabling Session clustering in Shiro is
  • as simple as configuring Shiro to use a distributed cache
  • Ehcache+TerraCotta
  • When Shiro initializes the
  • SessionDAO implements the CacheManagerAware interface
  • call the
  • setCacheManager
  • Ehcache + Terracotta
kuni katsuya

Session Management | Apache Shiro - 0 views

shiro.apache.org/session-management.html

java security authentication authorization ApacheShiro SessionManagement session

shared by kuni katsuya on 04 Oct 12 - No Cached
  • available in any application,
  • regardless of container.
  • even if you deploy your application in a Servlet or EJB container, there are still compelling reasons to use Shiro's Session support instead of the container's
  • ...40 more annotations...
  • Easy Custom Session Storage
  • POJO/J2SE based (IoC friendly)
  • Container-Independent Clustering!
  • Heterogeneous Client Access
  • Event Listeners
  • listen to lifecycle events during a session's lifetime
  • Host Address Retention
  • retain the IP address or host name of the host from where the session was initiated
  • Inactivity/Expiration Support
  • can be prolonged via a touch() method to keep them 'alive' if desired
  • Transparent Web Use
  • can use Shiro sessions in existing web applications and you
  • don't need to change any of your existing web cod
  • Can be used for SSO
  • easily stored in any data source
  • can be
  • 'shared'
  • across applications if needed
  • 'poor man's SSO'
  • simple sign-on experience since the shared session can retain authentication state
  • interface-based and implemented with POJOs
  • allows you to easily configure all session components with any JavaBeans-compatible configuration format, like JSON, YAML
  • easily extend
  • customize session management functionality
  • session data can be easily stored in any number of data sources
  • easily clustered using any of the readily-available networked caching products
  • no matter what container you deploy to, your sessions will be clustered the same way
  • No need for container-specific configuration!
  • Shiro sessions can be 'shared' across various client technologies
  • listen for these events and react to them for custom application behavior
  • SecurityUtils.getSubject()
  • currentUser.getSession()
  • If the Subject already has a Session, the boolean argument is ignored and the Session is returned immediately
  • If the Subject does not yet have a Session and the create boolean argument is true,
  • a new session will be created
  • and returned.
  • If the Subject does not yet have a Session and the create boolean argument is false, a new session will not be created and null is returned.
  • Suject.getSession(boolean create)
  • method functions the same way as the
  • HttpServletRequest.getSession(boolean create) method:
    • kuni katsuya
      kuni katsuya on 04 Oct 12
kuni katsuya

Why you should never use getSingleResult() in JPA | Sysout.be - 0 views

sysout.be/...ver-use-getsingleresult-in-jpa

database JPA EntityManager.getSingleResult() EntityManager.getResultList()

shared by kuni katsuya on 07 Oct 12 - No Cached
  • The only use for getSingleResult() is when we are
  • executing a scalar (count, sum, avg) query
  • query wich will
  • ...8 more annotations...
  • alway
  • return a row
  • 3 ways to do this
  • EntityManger.find()
  • returns a typed instance of the entity when it is found, null when it is not found
  • But what if the row isn’t in the database (anymore)?
  • We get an unchecked exception: NoResultException
  • We never know for sure what we can expect from our database, so throwing an unchecked exception seems the wrong choice for this use-case
    • kuni katsuya
      kuni katsuya on 07 Oct 12
       
      thinking defensively, in a pathological scenario, the data and/or schema of the database could be corrupt eg. using a named query that should return a single entity based on a unique constraint of a table: - what if the unique constraint was implemented incorrectly in the ddl? (too relaxed or too strict) - what if the data became inconsistent as a result of some external process? => should always code defensively, especially at integration points to anything external to the jvm 
kuni katsuya

Project Overview - 0 views

www.graniteds.org/...pr01.html

graniteds overview

shared by kuni katsuya on 15 May 12 - No Cached
  • Project Overview
  • comprehensive development and integration platform for building Flex / Java EE RIA applications
  • open source
  • ...1 more annotation...
  • implementation of the Flex remoting protocol and of the AMF3 data format, with out-of-the-box adapters for all usual Java frameworks
kuni katsuya

Chapter 11. Client-Side Validation API (JSR 303) - 0 views

www.graniteds.org/...graniteds.validation.html

graniteds client-side validation bean validation

shared by kuni katsuya on 15 May 12 - No Cached
  • Client-Side Validation API (JSR 303)
  • GraniteDS introduces an ActionsScript3 implementation of the Bean Validation specification and provides code generation tools integration so that your Java constraint annotations are reproduced in your AS3 beans
kuni katsuya

Chapter 15. Data Management - 0 views

www.graniteds.org/...graniteds.datamanagement.html

graniteds data management

shared by kuni katsuya on 15 May 12 - No Cached
  • Data Management
  • Tide maintains a client-side cache of entity instances and ensures that every instance is unique in the Flex client context
  • Tide provides an integration between the Flex/LCDS concept of managed entities and the server persistence context (JPA or Hibernate).
  • ...10 more annotations...
  • All entities marked as [Managed] are considered as corresponding to Hibernate/JPA managed entities on the server
  • It is highly recommended to use JPA optimistic locking in a multi-tier environment (@Version annotation
  • In conclusion, the recommended approach to avoid any kind of subtle problems is to have a real uid property which will be persisted in the database
  • but is not a primary key for efficiency concerns
  • Here all loaded collections of the Person object will be uninitialized so uperson contains only the minimum of data to correctly merge your changes in the server persistence context
  • Tide uses the client data tracking (the same used for dirty checking, see below) to determine which parts of the graph need to be sent.
  • Dirty Checking and Conflict Handling
  • Data Validation
  • Tide integrates with Hibernate Validator 3.x and the Bean Validation API (JSR 303) implementations, and propagate the server validation errors to the client UI components
  • Data Paging
kuni katsuya

Chapter 5. AS3 Code Generator - 0 views

www.graniteds.org/...graniteds.gas3.html

graniteds as3 actionscript3 code generator

shared by kuni katsuya on 15 May 12 - No Cached
  • AS3 Code Generator
  • GraniteDS comes with an ActionScript3 code generator that writes AS3 beans for all Java beans
  • ActionScript 3 generator is able to write AS3 typed client proxies for exposed remote services
  • ...6 more annotations...
  • Gas3 may also replicate validation annotations in order to use the Flex side validation framework
  • implemented as an Eclipse plugin
  • Ant task.
  • Maven Plugin (Flexmojos)
  • flexmojos-maven-plugin
  • org.sonatype.flexmojos
kuni katsuya

Lazy Loading with Flex, BlazeDS and Hibernate | RIA Zone - 0 views

ria.dzone.com/...loading-flex-blazeds-hibernate

flex blazeds hibernate lazy-loading

shared by kuni katsuya on 15 May 12 - No Cached
  • Lazy Loading with Flex, BlazeDS and Hibernate
  • By using dpHibernate and lazy loading, none of this extra work is required
  • proxies are sent initially for collections and complex objects, and fetched on-demand when requested by the client
  • ...2 more annotations...
  • Note that dpHibernate doesn't depend on Spring
  • entity classes must implement the org.dphibernate.core.IHibernateProxy interface, both on the Java and Actionscript classes
kuni katsuya

Chapter 2. Usage Scenarios - 0 views

www.graniteds.org/...graniteds.usagescenarios.html

graniteds usage scenarios javaee6 jboss glassfish jpa2 cdi tide

shared by kuni katsuya on 15 May 12 - No Cached
  • Client Options
  • client there are two main choices
  • standard Flex RemoteObject API
  • ...16 more annotations...
  • GraniteDS does not support the standard Consumer and Producer Flex messaging API
  • its own client implementations of these classes org.granite.gravity.Consumer and org.granite.gravity.Producer that provide very similar functionality
  • Tide remoting API with the GraniteDS/Tide server framework integration
  • most advanced features and greatly simplifies asynchronous handling and client data management
  • preferred for new projects
  • Server Options
  • two options
  • GraniteDS service factory
  • RemoteObject API,
  • GraniteDS support for externalization of lazily loaded JPA entities/collections, and support for scalable messaging though Gravity
  • GraniteDS/Tide service factory
  • Tide API
  • full feature set of Tide data management and further integration with data push through Gravity
  • complete support for Spring and Seam security or integration with CDI events
  • Tide/CDI/JPA2/Java EE 6 on JBoss 6/7 or GlassFish 3
  • If you are on a Java EE 6 compliant application server, it is definitely the best option
kuni katsuya

Red5 Media Server - 0 views

www.red5.org

opensource media flash streaming server java red5 blazeds

shared by kuni katsuya on 18 May 12 - Cached
  • Red5 Media Server 1.0 delivers a powerful video streaming and multi-user solution to the ©Adobe ©Flash Player
  • Red5 includes support for the latest multi-user API’s including NetConnection, NetStream and SharedObject’s while providing a powerful RTMP / Servlet implementation
  • support for the RTMP protocol, the application server has an embedded Tomcat Servlet container for JEE Web Applications
  • ...1 more annotation...
  • Spring Framework and Scope based event driven services
kuni katsuya

Java EE wins over Spring « Bill the Plumber - 0 views

bill.burkecentral.com/...java-ee-wins-over-spring

javaee spring comparison

shared by kuni katsuya on 23 May 12 - No Cached
  • Spring is controlled by ONE COMPANY. It is not an independent open source organization like Apache. At least with Java EE there are multiple OPEN SOURCE implementations. How long before VMWare decides its $500 million investment needs to be recouped and they start charging for Spring in a big way? Don’t think it can happen? Think again…VMWare is in the same poor position BEA/WLS was against JBoss with Red Hat’s VM/Cloud tech eating away at VMWare’s margins. There is a much higher chance of them scrambling for revenue sources than Red hat ever being acquired by Oracle.
  • Core JavaServer Faces JSF 2.0 Cookbook JavaServer Faces 2.0, The Complete Reference EJB 3.1 Cookbook Enterprise JavaBeans 3.1 Beginning Java EE 6 with GlassFish 3 Java EE 6 with GlassFish 3 Application Server Java EE 6 Development With NetBeans 7 Real World Java EE Patterns Rethinking Best Practices Real World Java EE Night Hacks Dissecting the Business Tier
  • books about the different APIs of Java EE 6:
  • ...8 more annotations...
  • if you’ve heard Rod Johnson speak he is always adamant that Spring has replaced Java EE. Its good to see that his rhetoric is utter BS!
  • Sorry, even Spring MVC sucks as much balls as JSF does.
  • Java EE wins over Spring
  • CDI closed API hole
  • Application server started to get their act together with regards to boot time.  It started with Glassfish and ended with JBoss 7.  Both of which can boot in a matter of seconds.
  • Arquillian allows you to run your unit tests in a real environment with real transactions, etc.  Personally I always despised mocks because they didn’t test in the environment you were going to run in.  I thought they were pointless and to this day, I refuse to use this testing pattern.
  • I’m glad Rod and company were able to cash out with the VMWare acquisition before Java EE was able to regain its dominance
  • SpringSource pushed Java EE to innovate and for that I’m very grateful.  For Java EE, it was either evolve or die.  They evolved, now its time for Spring to die.
kuni katsuya

Java EE Compatibility - 0 views

www.oracle.com/...compatibility-jsp-136984.html

javaee6 compatibility appservers

shared by kuni katsuya on 25 May 12 - No Cached
kuni katsuya

Entity-attribute-value model - Wikipedia, the free encyclopedia - 0 views

en.wikipedia.org/...Entity-attribute-value_model

eav sparse open schema

shared by kuni katsuya on 01 Jul 12 - Cached
  • Entity–attribute–value model
  • Entity–attribute–value model (EAV) is a data model to describe entities where the number of attributes (properties, parameters) that can be used to describe them is potentially vast, but the number that will actually apply to a given entity is relatively modest
  • also known as object–attribute–value model, vertical database model and open schema
  • ...21 more annotations...
  • In an EAV data model, each attribute-value pair is a fact describing an entity, and a row in an EAV table stores a single fact
  • EAV tables are often described as "long and skinny": "long" refers to the number of rows, "skinny" to the few columns
  • Data is recorded as three columns: The entity: the item being described. The attribute or parameter: a foreign key into a table of attribute definitions. At the very least, the attribute definitions table would contain the following columns: an attribute ID, attribute name, description, data type, and columns assisting input validation
  • The value of the attribute
  • Row modeling, where facts about something (in this case, a sales transaction) are recorded as multiple rows rather than multiple columns
  • differences between row modeling and EAV (which may be considered a generalization of row-modeling) are:
  • A row-modeled table is homogeneous in the facts that it describes
  • The data type of the value column/s in a row-modeled table is pre-determined by the nature of the facts it records. By contrast, in an EAV table, the conceptual data type of a value in a particular row depend on the attribute in that row
  • In the EAV table itself, this is just an attribute ID, a foreign key into an Attribute Definitions table
  • The Attribute
  • The Value
  • Coercing all values into strings
  • larger systems use separate EAV tables for each data type (including binary large objects, "BLOBS"), with the metadata for a given attribute identifying the EAV table in which its data will be stored
  • Where an EAV system is implemented through RDF, the RDF Schema language may conveniently be used to express such metadata
  • access to metadata must be restricted, and an audit trail of accesses and changes put into place to deal with situations where multiple individuals have metadata access
  • quality of the annotation and documentation within the metadata (i.e., the narrative/explanatory text in the descriptive columns of the metadata sub-schema) must be much higher, in order to facilitate understanding by various members of the development team.
  • Attribute metadata
  • Validation metadata include data type, range of permissible values or membership in a set of values, regular expression match, default value, and whether the value is permitted to be null
    • kuni katsuya
      kuni katsuya on 01 Jul 12
       
      jsr-299 bean validation anyone?  :)
  • Presentation metadata: how the attribute is to be displayed to the user
  • Grouping metadata: Attributes are typically presented as part of a higher-order group, e.g., a specialty-specific form. Grouping metadata includes information such as the order in which attributes are presented
  • Advanced validation metadata Dependency metadata:
kuni katsuya

Access control - Wikipedia, the free encyclopedia - 0 views

en.wikipedia.org/...Access_control

security models authentication authorization

shared by kuni katsuya on 31 Aug 12 - No Cached
  • Computer security
  • authentication, authorization and audit
  • In any access control model, the entities that can perform actions in the system are called subjects, and the entities representing resources to which access may need to be controlled are called objects
  • ...39 more annotations...
  • Principle of least privilege
  • object-capability model, any software entity can potentially act as both a subject and object
  • Access control models used by current systems tend to fall into one of two classes:
  • those based on capabilities
  • those based on access control lists (ACLs)
  • Both capability-based and ACL-based models have mechanisms to allow access rights to be granted to all members of a group of subjects (often the group is itself modeled as a subject)
  • identification and authentication determine who can log on to a system, and the association of users with the software subjects that they are able to control as a result of logging in; authorization determines what a subject can do; accountability identifies what a subject (or all subjects associated with a user) did.
  • Authorization determines what a subject can do on the system
  • Authorization
  • Access control models
  • categorized as either discretionary or non-discretionary
  • three most widely recognized models are
  • Discretionary Access Control (DAC)
  • Mandatory Access Control (MAC)
  • Role Based Access Control (RBAC)
  • Attribute-based access control
  • Discretionary access control
  • Discretionary access control (DAC) is a policy determined by the owner of an object. The owner decides who is allowed to access the object and what privileges they have.
  • Every object in the system has an owner
  • access policy for an object is determined by its owner
  • DAC systems, each object's initial owner is the subject that caused it to be created
  • Mandatory access control
  • Mandatory access control refers to allowing access to a resource
  • if and only if rules exist
  • that allow a given user to access the resource
  • Management is often simplified (over what can be required) if the information can be protected using
  • hierarchical access control
  • or by implementing sensitivity labels.
  • Sensitivity labels
  • A subject's sensitivity label specifies its
  • level of trust
  • level of trust required for access
  • subject must have a sensitivity level equal to or higher than the requested object
  • Role-based access control
  • Role-based access control (RBAC) is an
  • access policy
  • determined by the system
  • not the owner
  • Access control
kuni katsuya

Grails - user - Can Spring Security OR Shiro Enable Fine Grained Hierarchical Permissions? - 0 views

grails.1312388.n4.nabble.com/cal-Permissions-td3239652.html

ApacheShiro security permission inheritance

shared by kuni katsuya on 29 Aug 12 - No Cached
  • one option would be to embed the hierarchy of locations in the permission strings
  • since you can have any number of elements separated by colons
  • Another option would be to create your own Permission instances and implement the isPermitted() method such that it delegates to Location.isIn(Location) for permission checks
  • ...2 more annotations...
  • associate permissions with a particular domain instance AND all children of that instance.
  • associate a single rule/ACL Entry that says Sally has full hierarchical permission over France
kuni katsuya

Threats - salesforce.com - 0 views

trust.salesforce.com/...best_practices

security policy BestPractices salesforce.com

shared by kuni katsuya on 01 Sep 12 - No Cached
  • Security Best Practices Webinar for All Salesforce.com Customers
  • Designate a security contact within your organization so that salesforce.com can more effectively communicate with you
  • Consider using other two-factor authentication techniques
  • ...14 more annotations...
  • activate IP range restrictions
  • Implement IP Restrictions in Salesforce.com
  • Two-Factor Authentication
  • second-level authorization, including requiring secure IT tokens
  • does not protect against “man-in-the-middle” attacks, where messages are intercepted
  • applications that may be integrated with salesforce.com are not protected by two-factor authentication
  • Strengthen Password Policies
    • kuni katsuya
      kuni katsuya on 01 Sep 12
       
      salesforce.com password policies: - password expiry period - password history (reuse) enforcement - minimum password length - password complexity requirement - forgotten password hint question requirement
  • Require Secure Sessions
  • mandating that all sessions are encrypted and secure
  • Decrease Session Timeout Thresholds
  • Identify a Primary Security Contact
  • identify a person in your company who is responsible for application security
  • should have a thorough understanding of your security policies
  • single point of contact for salesforce.com
« First ‹ Previous 61 - 80 of 102 Next › Last »
Showing 20 items per page