Links for February 11th through February 12th

  • InfoQ: Mobile HTML5 – Scott Davis explains how to prepare a website for mobile devices from small tweaks –smaller screen sizes, portrait/landscape- to using HTML5’s local storage, application cache, and remote data.
  • InfoQ: How to Stop Writing Next Year’s Unsustainable Piece of Code – Guilherme Silveira mentions some of the turning points in project development that may affect the quality of the code offering advice on avoiding writing crappy code.
  • InfoQ: All things Hadoop – In this interview Ted Dunning talk about Hadoop, its current usage and its future. He explains the reasons for Hadoop's success and make recommendations on how to start using it.
  • rap mobile – Secure Mobile Apps. Native Performance. Multi-Platforms. – RAP mobile provides a powerful widget toolkit that renders native iOS and Android widgets. It provides a proven technology stack with SWT, JFace and OSGi. You can write your application entirely in Java, re-use existing code and benefit from first-class IDE tools without the need for cross-compiling.
  • Are You a Zen Coder or Distraction-Junkie? – The key to true productivity and efficiency is to focus 100% on the one thing you are doing at the moment, and then to completely switch and do something else. There shouldn’t be any blurry transitions from one thing to the next.
  • High performance libraries in Java | Vanilla #Java – There is an increasing number of libraries which are described as high performance and have benchmarks to back that claim up. Here is a selection that I am aware of.
  • InfoQ: Have Your Cake and Eat It Too: Meta-Programming Techniques for Java – Howard Lewis Ship discusses how to add extend class functionality at runtime via meta-programming for Java using Tapestry Plastic.
  • InfoQ: SQL Server Unit Testing with tSQLt – tSQLt is a free, open-source framework for unit testing in SQL Server. By writing tSQLt test cases, developers can create fake tables and views based on production data, then compare expected versus actual results in testing. Tests are written in T-SQL, so they can be created directly in SQL Server Management Studio.
  • InfoQ: Identity Management with Spring Security – David Syer discusses identity management, SSO, security standards –SAML, OpenID, OAuth, SCIM, JWT-, how Spring Security can fit in, and demoing IdM as a service.
  • Flexing NoSQL: MongoDB in review | InfoWorld – MongoDB shines with broad programming language support, SQL-like queries, and out-of-the-box scaling
  • GUI Architectures essay from Martin Fowler – In this essay I want to explore a number of interesting architectures and describe my interpretation of their most interesting features. My hope is that this will provide a context for understanding the patterns that I describe.

Daily del.icio.us for January 30th through February 1st

Daily del.icio.us for June 12th through June 17th

Daily del.icio.us for Feb 28, 2007 through Mar 01, 2007

Daily del.icio.us for Sep 30, 2006

BEA jumps on security bandwagon


I first saw this on CNET in an article entitled – BEA jumps on security bandwagon. In a nutshell, the BEA WebLogic Enterprise Security product is an application security infrastructure solution that uses a service-oriented approach to enable security services for your applications.

The product is based on most of the stuff that came over as part of the CrossLogix acquisition. The interesting thing for me on this whole story was how security is playing an integral part of the application development process and how companies like BEA are jumping in this market. IBM has also been buying companies to complete its security/identity story in the Tivoli suite of products with TIM & TAM.

Another interesting part of the press release was that JAAS was not mentioned once. JAAS or the Java Authentication and Authorization Service is a package integrated into Java 1.4 that enables services to authenticate and enforce access controls upon users. It implements a standard Pluggable Authentication Module (PAM) framework, and supports user-based authorization.

JAAS was a good first step for authentication and authorization for Java applications, but there are several limitations of the framework and I’m not sure what the future holds. It seems odd to write all this JAAS code for applications that are running inside a web/ejb container when the container has all of these services.

I haven’t been lurking in the comp.lang.java.security newsgroup and so I don’t know what the future holds for JAAS. I guess I’ll have to go through the 15,000+ posting that are waiting in my newsreader.