Welcome!


User authentication and access control are important security measures for most Java applications, especially J2EE applications. The Java Authentication and Authorization Service (JAAS), the core API of J2SE 1.4 and 1.5, represents the new security standard. It provides a pluggable...
The Java platform was designed to be robust, secure, and extensible in order to support the mobility of code and data. The Java ClassLoader in the Java Virtual Machine (JVM) is a key component in the realization of these goals.
When choosing among the different types of authentication mechanisms offered by J2EE Web containers, form-based authentication is almost always selected ahead of its alternatives: HTTP basic authentication and HTTPS client authentication.
Welcome to the August edition of the JCP column! This month I'll cover a few J2ME-related JSRs and two new JSRs in the J2SE/J2EE environment, but first out of the block is the program office's own JSR, number 215.
JavaServer Pages (JSP) technology originated more than four years ago as a powerful way to dynamically generate HTML on the server side. Over time, and with the input of the developer community, JSP technology has evolved and matured, keeping simplicity at the forefront.
Welcome to the July edition of JSR Watch! Each month this column provides information about the JCP program: newly submitted JSRs, new draft specs, Java APIs that were finalized, and other news from the JCP program. This month's column discusses a set of new J2EE technology JSRs, and a...
Custom tags in JavaServer Pages have come a long way since their inception. Now that Sun has provided some standards for these tags in the form of JSTL (and the up-and-coming JavaServer Faces), and has promised additional support for these standards in JSP 2.0, let's look at how we got...
Java serialization was initially used to support remote method invocation (RMI), allowing argument objects to be passed between two virtual machines. RMI works best when the two VMs contain compatible versions of the class being transmitted, and can reliably transmit a binary represent...
During the past 18 months, a rapidly growing number of organizations have been taking advantage of the emerging JCache standard for distributed caching to help scale application performance while at the same time reducing infrastructure costs.
Welcome to the June edition of the JCP column! Each month I provide news and information about the Java Community Process: newly submitted JSRs, new draft specs, Java APIs that were finalized, and other updates from the JCP. June means it is JavaOne time, and hence this column will dis...
Developing interesting and effective Java Web applications requires simple, robust, and manageable frameworks and the tools that complement them. If you design and develop Java applications for a living, it could be quite a challenge to stay abreast of all the software developments and...
Design patterns are a familiar resource and using them is a routine matter. Here are other ways to make them work better, especially in large-scale applications. The Java Value Types (JVTs) design pattern targets the use of 'managed entities.'
Welcome to this first installment of the JCP column! Here you can read about the Java Community Process program: newly submitted JSRs, new draft specs, Java APIs that were finalized, and other news from the JCP program. Like any self-respecting IT industry effort, the JCP program proud...
Sometimes, the easiest and most rewarding part of development is the actual coding. Managers and developers often dismiss the building, deploying, testing, and metrics-gathering aspects of the software life cycle.
The Java Community Process, or JCP, was formed by Sun in 1998 in response to the community's wish to get involved with the future development of Java. Much has been written regarding JCP, and much confusion exists regarding the whole process and just exactly how much control and influe...
J2EE applications are characterized by the continuous creation, consumption, and destruction of various types of application objects. These objects may be product objects in e-commerce applications, session objects, or user profile objects, to name a few common examples.
There are myriad approaches to architecting logon and user management in the J2EE environment. This article addresses some alternative J2EE architectures as well as the strategy used by each alternative and the code for implementing each solution. I'll focus on the end user ­ not the ...
Java servlet technology provides developers with functionality, scalability, and portability that can't be found in other server-side languages. One feature of the Java servlet specification that's commonly used, and sometimes misused, is the HttpSession interface. This simple interfac...
The Middleware Company (TMC) recently published a benchmark report that compares the Sun J2EE PetStore with a functionally equivalent version created using .NET technologies. The J2EE PetStore version was improved from the original code by TMC employees, while the .NET version was writ...
In the early '90s, many companies invested in traditional client/server architectures by building fat-client applications with rich graphics that offloaded legacy-system processing time. GUI business applications presented lower runtime costs than the CICS applications they re...
Ant is very similar to the standard Unix tool 'make' that just about every experienced C programmer is familiar with. It does its work based on a build file, typically called build.xml, that tells Ant how and what to build.
Recently, the first formal request for a new standard concerning the API between portals and portlets was submitted to the Java Community Process for review.
One minute of system downtime can cost an organization anywhere from $2,500 to $10,000 per minute. Using that metric, even 99.9 data availability can cost a company $5 million a year.
This series of articles will walk you through the details and some of the decisions that must be made when implementing container-managed persistence in Enterprise JavaBeans.
Session tracking is the process of maintaining information, or state, about Web site visitors as they move from page to page. It requires some work on the part of the Web developer since there's no built-in mechanism for it. The connection from a browser to a Web server occurs over the...
With the rapid adoption of J2EE has come the realization that more than just J2EE expertise is needed to successfully develop enterprise applications.
In 1998 Sun introduced their distributed server-side component architecture under the name of Enterprise JavaBeans (EJB). Since then, the EJB technology has seen a widespread acceptance throughout the industry. The 'write once, run anywhere' philosophy embraced by the EJB specification...
When a client recently requested secure communication among multiple platform boxes distributed across three continents, I decided to leverage the 100% Java-based security available via Java Secure Socket Extension.
During a lunch discussion with my fellow officers in the Tulsa Java User Group, we explored the issues. We also decided to see if we could get some vendors to come in and discuss the issues from both perspectives. This expanded into a formal debate, and thus the .NET vs J2EE Smackdown ...
At the end of last year, I was given a rather unpleasant assignment. This company had several Java Remote Method Invocations (RMI) services that were interacting with the legacies of the organization and I needed to open up an XML interface for them.
The Java 2 Platform, Enterprise Edition (J2EE), is the platform of choice for implementing scalable and reliable enterprise applications from reusable components. But Java developers building enterprise-class J2EE applications face a quandary.
Releasing Java applications can be a real challenge. Fortunately, Java provides a rich set of features for packaging and deploying applications that can simplify the release process significantly.
Last month's article 'J2EE As the Platform for EAI' (JDJ, Vol. 7 issue 3) discussed the suitability of the J2EE platform for EAI (Enterprise Application Integration). This article addresses more advanced integration topics, particularly transaction and security, support for Web service...
Applications need to prevent improper access to data and ensure that data integrity can be maintained. To guard against such compromises, developers must first have an awareness of resource sensitivity. Proper safeguards need to be in place within the workplace and development process ...
A major roadblock to using any of the server-side scripting architectures for developing commercial software is the fact that (traditionally) the source code must be delivered to customers when deploying applications. Java source code is compiled into an intermediate code called byteco...
Q.  What is EJB 2.0? A. EJB 2.0 is the latest release of the Enterprise JavaBean specification.  The major releases of the EJB specification have been 1.0, 1,1, and 2.0.  EJB 2.0 adds several crucial features to version 1.1, including message-driven beans, local int...
In addition, it was suggested that traditional Online Transaction Processing systems (OLTP) don’t suffer from such limitations, rendering them more suitable for the emerging e-commerce applications that may require such guarantees.
There's an old rule in software engineering: 'Building to scale requires prior intent.' Many applications delivered today fail to address scalability; they get deployed fast and sink faster as the load cripples them. The advent of J2EE 1.3 goes part way toward providing an environment...
There are two fundamental attributes developers look for in a given technology to ease their development tasks: extensive functionality and code reusability. Look at the success of the Unix operating system. A fundamental part of its success is that it can be written in a machine-i...
Over the past several years EJB technology has entered the software development mainstream. This new level of recognition and greater popularity brings an increase in design activities in the EJB space, such as best practices and design patterns.