Monday, January 08, 2007

Password Management Concerns with IE and Firefox, part one

Password Management Concerns with IE and Firefox, part one: "Password Management Concerns with IE and Firefox, part one
Mikhael Felker 2006-12-08

1. Introduction

This two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and Firefox. The article specifically addresses IE 6 and 7 and Firefox 1.5 and 2.0."

Vulnerability Scanning Web 2.0 Client-Side Components

Vulnerability Scanning Web 2.0 Client-Side Components: "Vulnerability Scanning Web 2.0 Client-Side Components
Shreeraj Shah 2006-11-27

Introduction

Web 2.0 applications are a combination of several technologies such as Asynchronous JavaScript and XML (AJAX), Flash, JavaScript Object Notation (JSON), Simple Object Access Protocol (SOAP), Representational State Transfer (REST). All these technologies, along with cross-domain information access, contribute to the complexity of the application. We are seeing a shift towards empowerment of an end-user's browser by loading libraries."

Java SE 6's New Scripting and Compiling Goodies

Java SE 6's New Scripting and Compiling Goodies: "Java SE 6's New Scripting and Compiling Goodies
Among the most intriguing features of the first Java SE 6 release candidate are the capabilities the new scripting and compiling APIs deliver.

by Eric Bruno
November 28, 2006

Since I wrote a DevX article on the first beta release of Java Standard Edition (SE) version 6 in February of this year, two new early-access versions have been released. This article discusses the first Java SE 6 release candidate, a feature-complete, almost fully tested implementation of the newest version of desktop Java. While the article in February focused on many GUI features (and declared Java SE 6 a desktop winner), this one focuses on some other new features and improvements, namely scripting and the compiler API."

An Open Source AJAX Comparison Matrix

An Open Source AJAX Comparison Matrix: "An Open Source AJAX Comparison Matrix
Get an at-a-glance comparison of the most popular open source AJAX frameworks and toolkits. The evaluation categories include installation, development, and support.

by Edmon Begoli
December 5, 2006

Open source AJAX frameworks and toolkits have matured to the point where they can handle just about any rich Internet application development task. To provide a reference guide for how well they handle particular tasks, I developed a side-by-side comparison matrix of the most popular ones. I selected the open source frameworks that the Ajaxian.com 2006 Survey recently identified as the most popular. Ajaxian.com is a leading online resource for the AJAX community, operated by early adopters of the technology."

Gain a Reputation for Building Trustworthy Applications

Gain a Reputation for Building Trustworthy Applications: "Gain a Reputation for Building Trustworthy Applications
Today's applications must address security appropriately or risk putting users and data at risk. Security tools, such as Watchfire's AppScan, allow you to effectively identify and correct your application's vulnerabilities before they can become a problem.

by Ty Anderson
December 22, 2006

Social Media has moved into the mainstream thanks to applications like YouTube, MySpace, Flickr, Blogger, and many, many more I can't even recall right now. Not only do these sites have great looking logos and catchy names, they also have what each of us building Web applications desire—an expanding user base along with great product 'buzz' (not to mention a healthy revenue stream). People everywhere are using these applications to share hilarious videos, to reveal way too much about their personal lives, and to express an opinion or two. Holding all of this together is the trust each user places into their Web application of choice. Trust is a great and beautiful concept but as the adage says: 'It takes 20 years to build a reputation and five minutes to ruin it.'"

IBM Steps Up Development of Cool Tools for Ajax

IBM Steps Up Development of Cool Tools for Ajax: "IBM Steps Up Development of Cool Tools for Ajax
IBM is working in conjunction with other industry leaders and organizations, including Dojo, to advance Ajax technology and promote Ajax use and adoption throughout the enterprise. Learn why this work is crucial to your success and your company's ability to stay competitive.

by Rikki Kirzner

Asynchronous JavaScript and XML (Ajax) has emerged as one of the key technologies to help organizations meet their objectives for maintaining competitive and performance advantages in light of constantly changing market conditions. The reason is simple—Ajax enables them to quickly create rich, dynamic Web applications capable of providing better user experiences with faster overall performance."

Call a Java Method from XQuery

Call a Java Method from XQuery: "Language: Java
December 4, 2006
Call a Java Method from XQuery
This tip shows you how to develop XQuery queries that may call any other method. The method called in this tip is java.lang.Math.random"

Read the Entries from a JAR/ZIP Archives with the URL Class

Read the Entries from a JAR/ZIP Archives with the URL Class: "Language: Java
December 27, 2006
Read the Entries from a JAR/ZIP Archives with the URL Class
This tip shows you how to display the entries from a JAR/ZIP archive using the java.net.URL class. The key in this example is the URL construction."

Mustang Must-Haves: What's Cool in Java SE 6

Mustang Must-Haves: What's Cool in Java SE 6: "Mustang Must-Haves: What's Cool in Java SE 6
The just-released Java SE 6 boasts many neat new features, such as integrated scripting, enhanced JDBC features, better Web service support, and much more. Here are few personal favorites from a seasoned Java developer and architect.

by John Ferguson Smart
December 18, 2006

The long-awaited Java SE 6 is upon us. This latest version of the Java SE environment brings a number of new features and enhancements, such as integrated support for scripting languages and Web services, improved JDBC features, and an integrated Derby database (in the SDK release), as well as some nice management features and enhanced performance."

Go Inside the Java Real-Time System

Go Inside the Java Real-Time System: "Go Inside the Java Real-Time System
Real-time Java is about more than applications that need to be fast. Find out what real-time requirements actually are and get an in-depth look at what Sun Microsystem's real-time Java can do for you.

by Eric Bruno
January 3, 2007

The Sun Java Real-Time System (Java RTS) is the first conformant commercial implementation of Java Specification Request (JSR) -001, the Real-Time Specification for Java (RTSJ). Although initially released in 2002, the RTSJ was updated in July 2006 to include some new features which are covered in this article."

Hyperscale Messaging in .NET with Amazon's Simple Queuing Service (SQS)

Hyperscale Messaging in .NET with Amazon's Simple Queuing Service (SQS): "Hyperscale Messaging in .NET with Amazon's Simple Queuing Service (SQS)
Amazon SQS makes queuing messages across organizations over HTTP a snap with its Web service interface and Amazon-backed infrastructure. This article walks you through the process to get started using Amazon SQS to create and control queues and messages.

by Gautam Shah
December 14, 2006

Message Queuing (MQ) has long been a foundation for applications that require asynchronous and disconnected communications. Implementations of Message Queuing such as Microsoft's MSMQ, IBM's WebSphere MQ, TIBCO's Rendezvous, and Progress Sonic's SonicMQ are all mature, highly reliable, and highly scalable. Now, Amazon, in a new bid to sell its capabilities as services, has entered the fray with its Amazon Simple Queue Service (SQS)."

Create XMLSchema DataTypes Direct from Java

Create XMLSchema DataTypes Direct from Java: "
Language: Java
December 18, 2006
Create XMLSchema DataTypes Direct from Java
This tip shows you how to create XMLSchema datatypes direct from Java, using the javax.xml.datatype.* package. In this example you'll create a Duration object (xs:duration in XMLSchema) and a XMLGregorianCalendar object (any date/time XMLSchema type)."

Putting AJAX Frameworks to the Test

Putting AJAX Frameworks to the Test: "Putting AJAX Frameworks to the Test
Get a developer's assessment of how well the most popular non-commercial AJAX frameworks performed during the development of a dynamic application.

by Edmon Begoli
December 5, 2006

Not so long ago, developers had to work directly with the XMLHTTPRequest object or use some very rudimentary libraries to get any AJAX work done. When I wrote my first article about AJAX on DevX in June of 2005, the technology was still in its infancy. Today, at least a dozen freely available AJAX frameworks offer features that can help developers accomplish even the most complicated tasks."

Tuesday, December 12, 2006

Danny Coward's Sun Weblog

Danny Coward's Sun Weblog: "I'm going to give you all a crash course in the management and troubleshooting tools lurking in the /bin directory of your JDK."

Really should make the effort.... I'll start on the next project .. honest guv.

JBoss.com - JBoss Seam

JBoss.com - JBoss Seam: "JBoss Seam is a powerful new application framework for building next generation Web 2.0 applications by unifying and integrating technologies such as Asynchronous JavaScript and XML (AJAX), Java Server Faces (JSF), Enterprise Java Beans (EJB3), Java Portlets and Business Process Management (BPM)."

One framework I keep forgetting about while the talk of Spring, Grails, and Rife etc.. goes on... and on.

InfoQ: Case Study: Zero Calories J2EE

InfoQ: Case Study: Zero Calories J2EE: "A lightweight approach with a rich domain model used directly in web-tier can increase both quality and speed of development. This case study, recorded at Javapolis, looks at a Tapestry+Spring+Hibernate project by Nordija, how it was architected, how testability was introduced, and the level of simplicity achieved using the lightweight approach. "

This is an extremely open, honest talk by a developer about the technology he used in a project with a fantastic critique of many frameworks used. The areas that are problematic, difficult to understand and theorised solutions to some of the problems after his conversations with some of the peeps at Javapolis.

InfoQ: Google GWT Toolkit and Development Process Become Fully Open Source

InfoQ: Google GWT Toolkit and Development Process Become Fully Open Source: "Today Google fully open sourced their GWT toolkit under the Apache 2.0 license. GWT 1.3 RC is the same codebase as GWT 1.2 with the only intentional change being with the license. "

Java Platform, Standard Edition 6 Release

Java Platform, Standard Edition 6 Release: "Java SE 6 is the current major release of the Java SE platform, with full support from NetBeans IDE 5.5. Sun endeavors to foster the highest level of transparency and collaboration on the platform with the Java community through Project JDK 6, resulting in the following key features. Sun's Java Multi-Platform Support, Training, and Certification can provide you the peace of mind to develop and deploy Java solutions with confidence."

Raible Designs | [TSE] Keynote: The Bigger Picture with Adrian Colyer

Raible Designs | [TSE] Keynote: The Bigger Picture with Adrian Colyer: "We've seen a lot of things over the last few days, but what about the big picture? It's not just about the Spring Framework anymore, but there's also a lot of sub-projects: SFW, SWF, SWS, S-OSGi. Then there's Enterprise services: clustering, persistence, messaging and scheduling. Industry trends: SAO, Web 2.0/RIA, RAD stacks. "

Lots of information about all sorts of Spring related stuff.

Dean Edwards: The window.onload Problem - Solved!

Dean Edwards: The window.onload Problem - Solved!: "The window.onload event is used by programmers to kick-start their web applications. The problem is that the onload event fires after all page content has loaded (including images and other binary content). If your page includes lots of images then you may see a noticeable lag before the page becomes active. What we want is a way to determine when the DOM has fully loaded without waiting for all those pesky images to load.

Mozilla provides an (undocumented) event tailor-made for this: DOMContentLoaded.

IE supports a very handy
(but non-standard)attribute for the <script> tag: defer. The presence of this attribute will instruct IE to defer the loading of a script until after the DOM has loaded. This only works for external scripts however. Another important thing to note is that this attribute cannot be set using script.

Raible Designs | [TSE] Building Modern Web Applications with Mike Stenhouse

Raible Designs | [TSE] Building Modern Web Applications with Mike Stenhouse: "Building Modern Web Applications with Mike Stenhouse Mike Stenhouse is the creator of the CSS Framework we use in AppFuse1. Mike is going to talk about the tools he uses to develop web applications. Mike works solely on the front-end, no backend work."

Excellent discussion on Semantic HTML, Microformats, CSS and Unobtrusive javascript providing progressive enhancement. Microformats are something I'm definitely going to have to take a better look at.

Raible Designs | [TSE] Hop into Real Object Oriented (ROO) with Ben Alex

Raible Designs | [TSE] Hop into Real Object Oriented (ROO) with Ben Alex: "Real Object Oriented (ROO) is both an architectural approach and a framework with code generation. ROO uses 4 (UI, middle-tier, domain model and persistence) layers instead of 3. Most of of the code is in the domain model. In the persistence layer, most DAOs only differ in finder methods. Rather than DAOs, 'Repositories' (from DDD) are used. "

Raible Designs | [TSE] Spring-OSGI with Adrian Colyer

Raible Designs | [TSE] Spring-OSGI with Adrian Colyer: "Most people don't even know what it is. OSGi stands for Open Services Gateway initiative. From the very beginning, it was designed to be lightweight and dynamic. This is the major difference between it and other containers. It's always been designed to have things added and removed. Now it's tagline is: 'The Dynamic Module System for Java'.

It's designed to allow you to partition a system into a number of modules (a.k.a. bundles). There's strict visibility rules (similar to protected and private). There's a resolution process (dependencies are satisfied) and it understands versioning. "

Sunday, December 10, 2006

Glassbox - Project

Glassbox - Project: "The Glassbox troubleshooter is an automated troubleshooting and monitoring agent for Java applications that diagnoses common problems with one-click. Drop it onto your existing Java Application Server (Tomcat, JBoss, WebSphere, WebLogic), either in production or testing. Because Glassbox's troubleshooting knowledge is built in, anyone can isolate a failing connection or a slow-running query instantly. It adapts to your application and pinpoints your errors or performance issue in plain English, and you no longer need to wade through log files and graphs."

Monday, July 10, 2006

What's New in Java SE 6 Beta 2 (Mustang)

Article:
What's New in Java SE 6 Beta 2 (Mustang)

Version 6 of the Java Platform, Standard Edition (Java SE), code-named Mustang, is currently in its second beta release – which is right on track for moving along to its Fall general release. So here are the top 10 things you need to know about Mustang, if you're still hovering hesitantly over that Beta 2 Download Page link. Subsequent articles will provide more in-depth information.

What's New in Java SE 6 Beta 2 (Mustang)


technorati tags: , ,

Visual Paradigm for UML 5.3 is released

Visual Paradigm for UML 5.3 is releasedURL: Visual ParadigmAt 2:19 AM on Jul 10, 2006, Stella Au DeveloperZone Top 100 wrote:Visual Paradigm team is pleased to announce the release of Visual Paradigm for UML (VP-UML) 5.3, an full-featured UML CASE Tool. VP-UML is designed for a wide range of users, including Software Engineers, System Analysts, Business Analysts, System Architects alike, who are interested in building large scale software systems reliably through the use of the Object-Oriented approach.

Visual Paradigm for UML 5.3 is released ...


technorati tags:

MyEclipse 5.0 M2 Available for Download

MyEclipse 5.0 M2 Available for DownloadURL: MyEclipse DownloadsAt 9:03 AM on Jul 10, 2006, Jens Eckels wrote:The second milestone release (M2) of MyEclipse 5.0 is now available for immediate installation through the "Development Releases" section of the downloads area of the MyEclipse website. Windows, Linux, and Mac OSX support is available.

MyEclipse 5.0 M2 Available for Download ...


technorati tags: ,

ONJava.com -- What's New in Eclipse 3.2 Java Development Tools

What's New in Eclipse 3.2 Java Development Tools

by Ed Burnette
06/28/2006

Garibaldi: Have you ever tried one of these?
Miss Cramer: What is it?
Garibaldi: I'm not sure. According to the translator, it's either an aphrodisiac or a floor wax. I can't decide if it's worth the risk or not.
--Babylon 5, "Infection"

Eclipse is a popular Integrated Development Environment (IDE) for Java programming. It can also be used as an environment for other languages like C++ and Ruby, as a framework for consolidating tools of any kind, and as a Rich Client Platform for creating desktop or server applications. The Eclipse open source community is responsible for dozens of projects, ranging from business intelligence to social networking. Eclipse is the name of the non-profit foundation that manages those projects, as well. (And, while I'm pretty sure it's not a floor wax, there is also an Eclipse automobile, a soccer team, and a brand of chewing gum.)

Eclipse version 3.2 forms the cornerstone of the Eclipse Callisto release train: a simultaneous release of ten Eclipse projects on June 30, 2006. This article will focus on the Eclipse IDE, in particular its Java Development Tools (JDT).

ONJava.com -- What's New in Eclipse 3.2 Java Development Tools

Free Seminars

Free Seminar: Agile Dynamic Programming with Groovy Grails - July 13th[Groovy and Grails: Dierk Koenig and Graeme Rocher present at Skills Matter, London]Dierk Koenig, author of the forthcoming Groovy in Action book and committer to both the Groovy and the Grails project will explain and demo agile and dynamic programming with Groovy at this free seminar on Groovy and Grails at Skills Matter in London on July 13th.

News Events : News Events, Training Partnerships, Techno


technorati tags:

Thursday, June 08, 2006

Apache News Online: 26 May 2006 - Apache Lucene 2.0.0 released

26 May 2006 - Apache Lucene 2.0.0 released
The Apache Lucene Project has released the version 2.0 of Apache Lucene. Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is suitable for nearly any application that requires full-text search, especially cross-platform.

Apache News Online: 26 May 2006 - Apache Lucene 2.0.0 released


technorati tags: ,