Java Reference Types
The Java language allows the use of four different types of object references (Strong, Soft, Weak and Phantom). The usage, intricacies and benefits of these 4 types of references seem to be a mystery to even many experienced Java developers. Using Soft, Weak and Phantom references properly can be key tools to develop memory-sensitive caches of data and for object finalization without the problems normally associated with overriding the finalize() method.[Read More]
Using Embedded Derby in Tomcat
When deploying a web application in Tomcat, or another similar servlet container, you may desire that your application be able to access robust RDBMS functionality without the hassle of setting up a full-fledged database server like Oracle, PostgreSQL or MySQL. Apache Derby is powerful but light-weight ANSI compliant RDBMS written entirely in Java that has the ability to run in Embedded Mode - that is, it runs in the same VM as, and has its life cycle managed by, the application which uses it. When deploying such a solution, it can be challenging to ensure that the Derby embedded instance is correctly started when the web application is deployed, and also correctly and cleanly shutdown when the application is undeployed. This article presents one possible approach to managing the life cycle of an embedded Apache Derby database used in a web application deployed in Apache Tomcat.[Read More]
Hashing and Salting Passwords with Spring Security
As application developers, we rely on a huge number of factors for security, many of which are largely out of our control: the operating system, the server software being used, the security framework being used. While we can strive to use secure coding practices, we never know when a fundamental flaw, in the operating system for example, may give a malicious attacker access to our application database – including our users' names and passwords. Despite experts warning of the dangers, with so many accounts, it is extremely common for users to reuse usernames and passwords on a variety of different sites.
Spring Security gives us some tools, much of which can be enabled with only a few simple lines of configuration, to help ensure that the damage from such a breach is as contained as possible.
[Read More]Comparing Interned Strings In Java
Recently, I came across a conversation thread in one of the LinkedIn discussion groups on comparing strings in Java. The discussion started with what seems like a fairly simple question: What is the output of this simple snippet of code:
The Code
public class Test {
public static void main(String[] args) {
String a = "Hello";
String b = "Hello";
if (a == b) {
System.out.println("a == b");
} else {
System.out.println("a != b");
}
}
}
Note: This is a reasonable approximation of the code being discussed, it may not be verbatim.
What I found most amazing was that the discussion over the output of this simple piece of code went on for days, with dozens and dozens of posts, even after the right answer had been given and had been clearly explained. As such, it seems that what is going on in this bit of code may not be as widely understood as I thought it would be.
[Read More]Extra Login Fields with Spring Security
The Spring framework is an excellent tool for accelerating and simplifying Java enterprise application development. For many commonplace tasks, simply adding a few lines to an XML configuration file is all you need to introduce fairly complex functionality - eliminating the need for much of the boilerplate code that the application developer would otherwise have to implement.
However, when it is necessary to develop a feature with Spring that deviates from the typical use-cases, it can be a little more complicated to configure correctly.
Recently, I was developing a web portal for a client. Part of the login process required that the user specify their username and password in addition to a company code. The standard Spring Security configuration easily handles logins that require a username and a password, but how can this basic configuration be modified to handle what amounts to a multi-part username?
[Read More]A Quick Introduction
Hello!
I have played around with the idea of creating a tech blog for some time now, but I wasn't sure I really had enough to say to warrant it. What finally made me decide that I did want to start writing about some of my adventures in programming was somewhat selfish.
There are many things in software development that I have had to do several times, but not regularly enough that I end up committing them to memory. Usually, when it comes time to implement a feature like this, I end up doing a bit of Googling to refresh my memory, and usually have to end up checking out a half dozen web sites, including technical documentation, APIs and other blogs, before I remember all the details necessary.
So, in an effort to save time, I thought that it might be a good idea if I try to aggregate some of this information together in one place. Not only does it help me solidify it in my memory, but it ensures that I can easily find it again, without having to turn to Google, or digging desperately through my browser history, a few months or years down the road when I need it next.
Hopefully some of you are trying to implement some of the things I will write about here, and I hope that I will be able to save you some time by doing the legwork in advance.
I am primarily an Enterprise Software developer, specializing in Java Enterprise Edition, although I have done a fair bit of Enterprise .NET development as well. I believe strongly in open source software, and one of the things I most like about Java is the huge and diverse open source community that has sprung up around it. I am interested in all facets of application development, from desktop and web UI development, to database development and everything in between. I develop primarily using Linux, although I haven't yet completely been able to free myself of Windows, and I hope to include several articles on this blog related to enterprise software development using the Linux OS.
I sincerely would appreciate any feedback you have on any of the articles I present here. I do on occasion (and sometimes frequently) get things wrong and I would be pleased to make any corrections or updates that are necessary. Also, if you know of a better way of doing something than what I present in the various articles here, please let me know. I am always interested in learning and improving.
Thanks,
Daniel Morton
About the Author
Daniel Morton is a Software Developer with Agfa Healthcare in Waterloo, Ontario and the co-owner of Switch Case Technologies, a software development and consulting company. Daniel specializes in Enterprise Java Development and has worked and consulted in a variety of fields including Healthcare, Telematics, Media Publishing, and the Payment Card Industry.