The only use for getSingleResult() is when we are
Group items matching
in title, tags, annotations or url
12More
shared by kuni katsuya on 07 Oct 12
- No Cached
Why you should never use getSingleResult() in JPA | Sysout.be - 0 views
sysout.be/...ver-use-getsingleresult-in-jpa
database JPA EntityManager.getSingleResult() EntityManager.getResultList()
shared by kuni katsuya on 07 Oct 12
- No Cached
-
-
executing a scalar (count, sum, avg) query
-
query wich will
- ...8 more annotations...
-
alway
-
return a row
-
3 ways to do this
-
EntityManger.find()
-
returns a typed instance of the entity when it is found, null when it is not found
-
But what if the row isn’t in the database (anymore)?
-
We get an unchecked exception: NoResultException
-
We never know for sure what we can expect from our database, so throwing an unchecked exception seems the wrong choice for this use-case
-
thinking defensively, in a pathological scenario, the data and/or schema of the database could be corrupt eg. using a named query that should return a single entity based on a unique constraint of a table: - what if the unique constraint was implemented incorrectly in the ddl? (too relaxed or too strict) - what if the data became inconsistent as a result of some external process? => should always code defensively, especially at integration points to anything external to the jvm
-
9More
Adobe - real time data streaming | Adobe LiveCycle Data Services ES3: Solutions - 0 views
-
BlazeDS
-
Java NIO high-performance messaging (thousands of clients per CPU) No Yes Real Time Messaging Protocol (RTMP) No Yes Data throttling No Yes Reliable communications
-
Managed remoting
- ...6 more annotations...
-
Transaction (batch processing)
-
Data paging
-
Lazy loading (on demand)
-
Conflict resolution and synchronization
-
SQL adapter
-
Hibernate adapter No Yes "Fiber-aware" assembler No Yes Offline synchronization framework
6More
InfoQ: The Developer-Tester Divide - 0 views
-
The Developer-Tester Divide
-
working software as the goal
-
business value first
- ...3 more annotations...
-
talking about what the requirements were, using the same language
-
The time gap disappeared since both the developer and tester worked inside the iteration
-
testers had some influence over the development, by catching errors early in the process and deciding what to do about them
5More
Introduction to Enterprise Architect, UML Modeling Tool [EA User Guide] - 0 views
-
Introduction to Enterprise Architect
-
Enterprise Architect User Guide provides tutorials, guidance and reference material to help you use Enterprise Architect in: Modeling With Enterprise Architect Model Management Project Management Model Auditing Model Baselining and Differencing Model User Security Model Version Control Code Engineering Visualization and Analysis of Code Execution RTF and HTML Document Creation (Reports)
-
Introduction to Enterprise Architect
- ...2 more annotations...
-
Enterprise Architect User Guide provides tutorials, guidance and reference material to help you use Enterprise Architect in: Modeling With Enterprise Architect Model Management Project Management Model Auditing Model Baselining and Differencing Model User Security Model Version Control Code Engineering Visualization and Analysis of Code Execution RTF and HTML Document Creation (Reports)
-
If you are new to modeling and UML as well as Enterprise Architect, or otherwise want a rapid review of the process of modeling with Enterprise Architect, go to the Quickstart Tutorial.
22More
Enterprise Architect - Product Demonstrations - 0 views
-
Part 2 Subversion Setting up a Subversion repository for use with Enterprise Architect models.
-
Part 4 Configure & Connect Configuring Enterprise Architect and connecting to your Version Control system.
-
Part 5 Controlled Packages Working with version controlled UML packages in Enterprise Architect.
- ...19 more annotations...
-
Eclipse A tour of MDG Integration for Eclipse.
-
Baseline Diagram Comparison Conduct a visual diagram comparison between your current diagram and a previous baseline .
-
Personal Information Window See how the Personal Information Window in Enterprise Architect can help you organize your daily tasks and workflow.
-
Working Sets As you perform work on your model, you open various windows, diagrams and views. Working Sets allow you to return to these same views in a later work session.
-
Business Rules A car rental system is used to illustrate how to generate executable business rules using Enterprise Architect.
-
Menu Customization Quickly and easily suppress individual menu items or entire categories of commands to create custom menu layouts.
-
Floating and Dockable Windows Save the position and layout of Floating and Dockable Windows using a Working Set in the Personal Information Window.
-
Build and Debug a Java Application Set up Enterprise Architect to build and debug a Java Application, using a VEA sample project.
-
Sequence Diagrams Learn how to create a simple Sequence diagram. The video also illustrates how to bring your Sequence diagram to life using model simulation.
-
HTML Report Generation This brief introduction illustrates how to automatically generate a HTML Report using Enterprise Architect.
-
Basic Use Case Demonstration A guide to constructing a Use Case model in under 30 seconds, including use cases, notes and issues.
-
Traceability within Enterprise Architect This video examines Traceability and discusses how to use Enterprise Architect to conduct an Impact Analysis.
-
Requirements Reporting A brief overview of requirements reporting in Enterprise Architect. Topics include document generation in web and RTF formats, report customization and virtual documents, including Model and Master documents.
-
Requirements Traceability An examination of requirements traceability in Enterprise Architect. Topics include traceability views, tracing to external artifacts, conducting an impact analysis, viewing the Relationship Matrix and using Enterprise Architect's Auditing capabilities.
-
Requirements Modeling A brief overview of requirements modeling in Enterprise Architect. Topics include requirements capture and definition, custom properties, tabular editing, auto-naming and screen prototypes.
-
Installing EA An introductory walk through and discussion of Enterprise Architect in the Software Development Lifecycle.
-
Enterprise Architect 7.5 Overview An overview of Enterprise Architect features released with version 7.5.
-
Introduction to Enterprise Architect An introductory walk through and discussion of Enterprise Architect in the Software Development Lifecycle.
-
Brief Overview The 10 minute guide to Enterprise Architect, from Requirements Management and Business Process Modeling to MDA and Code Engineering.
15More
Enterprise Architect - Resources - Model Driven Generation (MDG) Technologies - 0 views
-
Model Driven Generation (MDG) Technologies
-
MDG Technologies allow users to extend Enterprise Architect's modeling capabilities to specific domains and notations. MDG Technologies seamlessly plug into Enterprise Architect to provide additional toolboxes, UML profiles, patterns, templates and other modeling resources.
-
Free MDG Technology downloads for Enterprise Architect:
- ...12 more annotations...
-
EJB MDG Technology for Enterprise Java Beans allows the user to model EJB entities and EJB sessions, complete with UML profiles for modeling EJB, EJB patterns and Code Management. (requires Enterprise Architect 4.1 or later)
-
ICONIX AGILE DDT ICONIX Agile Developer - Design-Driven Testing (DDT) streamlines the ICONIX modeling process, providing: Convenient modeling of robustness diagrams Automatic generation of sequence diagram structures from robustness diagrams Transformation of robustness control elements to test diagrams Transformation of sequence diagram elements to test diagrams Transformation of requirement diagrams to test diagrams Transformation between test cases and test classes. (JUnit & NUnit) Built-in model validation rules for ICONIX robustness diagrams (requires Enterprise Architect 7.5 or later)
-
Testing MDG Technology for Testing helps users to rapidly model a wide range of testing procedures including component testing, SUT, Test Cases and more. (requires Enterprise Architect 4.1 or later)
-
Instructions for loading an MDG Technology EXE file: Download and run the .exe file to install the MDG technology. Open Enterprise Architect. Select from the Main Menu Add-Ins | XYZ Technology | Load.
-
Built-in MDG Technologies: Most of the MDG Technologies provided by Sparx Systems are built into Enterprise Architect directly. Depending on your edition of Enterprise Architect, some or all of the following MDG Technologies will be available:
-
Gang of Four Patterns
-
Mind Mapping
-
Web Modeling
-
Data Flow (DFD)
-
Entity-Relationship (ERD)
-
Business Rule Model
-
BPMN™
26More
Enterprise JavaBeans 3.1 with Contexts and Dependency Injection: The Perfect Synergy - 0 views
-
stateless EJB 3.1 bean as boundary (Facade)
-
injected managed beans (controls)
-
@Inject
- ...22 more annotations...
-
@Inject
-
CDI managed beans. The @EJB annotation is removed and @Inject is used instead
-
Annotating the boundary (Cart) with the @Named annotation makes the Cart immediately visible for expression language (EL) expressions in JSP and JSF
-
@Named annotation takes the simple name of the annotated class, puts the first character in lowercase, and exposes it directly to the JSF pages (or JSP). The Cart bean can be accessed directly, without any backed or managed beans, by the JSF pages: <h:commandButton value="Check out!" action="#{cart.checkout}" />
-
If there is a need for abstraction, the class can be turned into an interface (or abstract class)
-
local implementation (with CDI events
-
@Inject Event<String> event;
-
event.fire("Order proceeded!");
-
remote implementation:
-
javax.enterprise.event.Event belongs to the CDI-implementation
-
class Event can be considered to be a lightweight alternative to the java.beans.PropertyChangeSupport class
-
@Inject Event<String> event;
-
event.fire("Order proceeded!");
-
event can be received by any managed bean and also by EJB beans
-
provide a method with a single @Observes annotated parameter
-
@Observes String event
-
there is no real event, just the payload:
-
The during attribute in the @Observes annotation allows you to select in which transactional phase the event gets delivered. The default setting is IN_PROGRESS, which causes an immediate event delivery regardless of the transaction outcome. The AFTER_SUCCESS configuration causes the delivery to occur only after successful transaction completion
-
Although CDI events work only inside a single process (in the default case, CDI is extensible), they are perfectly suitable for decoupling packages from modules
-
The method checkout() starts a transaction that gets "reused" by the OrderSystem and CustomerNotification session beans
-
ordering.placeOrder(); notifier.sendNotification();
-
-
EJB beans cannot be directly exposed to JSF or JSP without a little help from CDI
Eric D. Schabell: jBPM best practices - bringing your business processes to a good end - 0 views
3More
Dependency Injection in Java EE 6 (Part 6) - 0 views
-
one of the most important value propositions for frameworks like Spring has been the ability to easily extend the framework or integrate third-party solutions
-
SPI allows you to register your own beans, custom scopes, stereotypes, interceptors and decorators with CDI even if is it not included in the automatic scanning process (such as perhaps registering Spring beans as CDI beans), programmatically looking up CDI beans and injecting them into your own objects (such as injecting CDI beans into Spring beans) and adding/overriding annotation-metadata from other sources (such as from a database or property file)
-
SPI can be segmented into three parts. Interfaces like Bean, Interceptor and Decorator model container meta-data (there are a few other meta-data interfaces such as ObserverMethod, Producer, InjectionTarget, InjectionPoint, AnnotatedType, AnnotatedMethod, etc). Each meta-data object encapsulates everything that the CDI container needs to know about the meta-data type
10More
Introduction to Robustness Diagrams - 0 views
-
Boundary
-
Control
-
Entity
- ...7 more annotations...
-
What is next after robustness diagrams? Robustness diagrams often act as bridge from use cases to other models. For example, it is quite common to create sequence diagrams which represent the detailed design logic required to support the use case
-
Add an entity for each business concept
-
Add a use case whenever one is included in the scenario
-
Add a controller for activities that involve several other elements
-
Add a controller for each business rule
-
Add a controller to manage the overall process of the scenario being modeled
-
Add a boundary element for each major user interface element such as a screen or a report.
16More
Chapter 5. AS3 Code Generator - 0 views
-
5.2. Generated ActionScript 3 Classes
-
Gas3 uses the principle of "Base" and customizable inherited classes that let you add methods to generated classes without facing the risk of losing them when a new generation process is executed
-
5.3. Java Classes and Corresponding Templates
- ...13 more annotations...
-
summary of templates used by the generator depending on the kind of Java class it encounters:
-
these templates are bundled in the granite-generator.jar archive, in the org.granite.generator.template package and accessible as resources via the class loader
-
class: protocol is used because all standard templates are available in the classpath
-
Alternatively, you may use the file: protocol to load your template from the filesystem. These templates can be specified either by using absolute paths (eg. file:/absolute/path/to/mytemplate.gsp) or paths relative to your current Eclipse project root directory (eg. path/to/mytemplate.gsp).
-
ActionScript 3 generator is able to write AS3 typed client proxies for exposed remote services
-
Compared to the usual Flex RemoteObject, this can greatly help development by bringing
-
auto-completion
-
improved type-safety
-
in Flex when using remote services.
-
replicate validation annotations in order to use the Flex side validation framework
-
Known Limitations
-
Gas3 does not support inner classes
-
must declare your classes in separated source files if you want them to be correctly handled by the generator
8More
ICW Developer Network - 0 views
-
ComparisonThis section provides a brief comparison of SAFs functionality with that of the Acegi Security Framework [11] and JBoss Seam Security [12]
-
Acegi’s Policy Decision functionality is not based on Java security standards but on a proprietary solution
-
ACL defines per domain object who has access permissions
- ...5 more annotations...
-
Both Acegi as well as SAF use AspectJ and Spring AOP for Policy Enforcement
-
JBoss Seam follows a different process when implementing Policy Decision functionality and sets access rules with the help of JBoss Rules [13] the JBoss rules engine
-
access decision to the domain objects in an application can be based on any number of complex rules
-
@Restrict annotations
-
07.2007
15More
Application Security With Apache Shiro - 0 views
-
previously known as the JSecurity project
-
The word Subject is a security term that basically means "the currently executing user"
-
Core Concepts: Subject, SecurityManager, and Realms
- ...12 more annotations...
-
Subject
-
'Subject' can mean a human being, but also a 3rd party process, daemon account, or anything similar. It simply means 'the thing that is currently interacting with the software'
-
Subject currentUser = SecurityUtils.getSubject();
-
SecurityManager
-
SecurityManager manages security operations for all users
-
Realms
-
Realm acts as the ‘bridge’ or ‘connector’ between Shiro and your application’s security data. That is, when it comes time to actually interact with security-related data like user accounts to perform authentication (login) and authorization (access control), Shiro looks up many of these things from one or more Realms configured for an application.
-
Realm is essentially a security-specific DAO
-
Shiro provides out-of-the-box Realms to connect to a number of security data sources (aka directories) such as LDAP, relational databases (JDBC), text configuration sources like INI and properties files, and more
-
Authorization
-
A permission is a raw statement of functionality, for example ‘open a door’, ‘create a blog entry’, ‘delete the ‘jsmith’ user’, etc. By having permissions reflect your application’s raw functionality, you only need to change permission checks when you change your application’s functionality. In turn, you can assign permissions to roles or to users as necessary at runtime.
-
“Run As” support for assuming the identity of another Subject
9More
Enterprise Architect - UML Design Tools and UML CASE tools for software development - 0 views
-
Code Engineering Database Engineering Debug & Visualize Applications MDG Technologies (Create & Use)* Model Driven Architecture (MDA) Project Discussion Forum Replicate .EAP Projects Reverse Engineer Binaries (Java, .NET) Shared Models WSDL Engineering XML Schema (XSD) Engineering
-
Audit Model Changes Baseline Diff/Merge DBMS Repository** Floating Edition Available Lazy Load Scripting with JScript, VBScript and Javascript Security (Role-based) WAN Optimizer
-
BPEL Generation from BPMN diagrams Business Rules Composer Executable Code Generation from Behavioral Models Math Support built into Script Engines
- ...5 more annotations...
-
Allocated Work Execution Analyzer Menu Test Points Win 32 User Interface Designs Business Process Simulation ***
-
Gap Analysis Model Mail Project Calendar Task Allocations TOGAF Gap Analysis
-
BPEL 2.0 Generation BPMN Simulation SysML 1.2
-
Eclipse Integration
-
Eclipse Link
-
Code Engineering Database Engineering Debug & Visualize Applications MDG Technologies (Create & Use)*
53More
Session Management Cheat Sheet - OWASP - 0 views
-
Session Management Cheat Sheet
-
should not be extremely descriptive nor offer unnecessary details
-
change the default session ID name of the web development framework to a generic name
- ...50 more annotations...
-
length must be at least 128 bits (16 bytes)
-
Session ID Length
-
Session ID Name Fingerprinting
-
Session ID Properties
-
Session ID Entropy
-
must be unpredictable (random enough) to prevent guessing attacks
-
good PRNG (Pseudo Random Number Generator) must be used
-
must provide at least 64 bits of entropy
-
Session ID Content (or Value)
-
content (or value) must be meaningless
-
identifier on the client side
-
meaning and business or application logic associated to the session ID must be stored on the server side
-
session objects or in a session management database or repository
-
create cryptographically strong session IDs through the usage of cryptographic hash functions such as SHA1 (160 bits).
-
Session Management Implementation
-
defines the exchange mechanism that will be used between the user and the web application to share and continuously exchange the session ID
-
token expiration date and time
-
This is one of the reasons why cookies (RFCs 2109 & 2965 & 6265 [1]) are one of the most extensively used session ID exchange mechanisms, offering advanced capabilities not available in other methods
-
Transport Layer Security
-
use an encrypted HTTPS (SSL/TLS) connection for the entire web session
-
not only for the authentication
-
process where the user credentials are exchanged.
-
“Secure” cookie attribute
-
must be used to ensure the session ID is only exchanged through an encrypted channel
-
never switch a given session from HTTP to HTTPS, or viceversa
-
should not mix encrypted and unencrypted contents (HTML pages, images, CSS, Javascript files, etc) on the same host (or even domain - see the “domain” cookie attribute)
-
should not offer public unencrypted contents and private encrypted contents from the same host
-
www.example.com over HTTP (unencrypted) for the public contents
-
secure.example.com over HTTPS (encrypted) for the private and sensitive contents (where sessions exist)
-
only has port TCP/80 open
-
only has port TCP/443 open
-
“HTTP Strict Transport Security (HSTS)” (previously called STS) to enforce HTTPS connections.
-
Secure Attribute
-
instructs web browsers to only send the cookie through an encrypted HTTPS (SSL/TLS) connection
-
HttpOnly Attribute
-
instructs web browsers not to allow scripts (e.g. JavaScript or VBscript) an ability to access the cookies via the DOM document.cookie object
-
Domain and Path Attributes
-
instructs web browsers to only send the cookie to the specified domain and all subdomains
-
“Domain” cookie attribute
-
“Path” cookie attribute
-
instructs web browsers to only send the cookie to the specified directory or subdirectories (or paths or resources) within the web application
-
vulnerabilities in www.example.com might allow an attacker to get access to the session IDs from secure.example.com
-
Expire and Max-Age Attributes
-
“Max-Age”
-
“Expires” attributes
-
it will be considered a
-
persistent cookie
-
and will be stored on disk by the web browser based until the expiration time
-
use non-persistent cookies for session management purposes, so that the session ID does not remain on the web client cache for long periods of time, from where an attacker can obtain it.
-
Session ID Life Cycle
‹ Previous
21 - 36 of 36