A Java geek

Jul 3, 2011 security ssl tomcat

SSL your Tomcat 7

One thing I’m doing very often and always searching on the Internet is how to obtain a self-signed SSL certificate and install it in both my client browsers and my local Tomcat. Sure enough there are enough resources available online, but since it’s a bore to go looking for the right one (yes, some do not work), I figured let’s do it right once and document it so that it will always be there.

Jun 26, 2011 manifest webapp

Get the handle on the MANIFEST.MF in a webapp

Code review is part of my job, and you cannot know the crap I’ve seen. Like someone pointed out, it’s also sometimes the crap I’ve written 🙂 In all cases, however, it’s because some developers do not have deep knowledge of how things work: most learnt something (in university or from a senior developer) years ago and don’t challenge this information regularly though technology evolve. Others just google the problem at hand and copy-paste the first snippet in their

Jun 19, 2011 jboss maven repo1

Maven repositories in anger!

Every build systems worth his salt acknowledges Maven dependencies repository. Even those vehemently opposed to the way Maven does things, like Gradle, still uses repo1. Wait, repo1? If there was only repo1. But nowadays, every project publishes its artifacts in its own repository. For some providers, like SpringSource and JBoss, I think it may be for marketing reasons. But whatever the reasons are, it only makes the job of the enterprise repository manager harder, since he has to reference all

Jun 5, 2011 hibernate

Hibernate hard facts – Part 7

This is the 7th post in the Hibernate hard facts focus series. In this post, we’ll have a look at the difference between saveOrUpdate() and merge(). Hibernate’s way for updating entities is through the update() method. We can get an object, detach it from the session and then update it later with no problem.

May 22, 2011 security servlet

New declarative security features in Servlet 3.0

Servlet 3.0 is not only about the replacement of the web.xml deployment descriptor by annotations. In this article, we’ll see what improvement it makes in the realm of security. In Servlet 2.5 (and before that), declarative security was about the following features: authentication method (BASIC, FORM, etc)authorization to differents parts of the application (web application resources)data confidentiality and integritysession time-out Servlet 3.0 adds standardized ways regarding two conf

May 16, 2011 blackbelt vaadin

Vaadin courses on JavaBlackBelt

For those of you who haven’t heard of JavaBlackBelt, it’s an e-learning community site. Once registered, users can use the site in a variety of ways: First, one can take courses on a variety of programming-related subjects.Then, one can pass exams on these subjects. Each exam is made of questions one has to anwser in a limited time frame. Passing an exam gives you knowledge points; with enough knowledge points, you get the next belt, until the fabled black belt!One can also contribut

May 2, 2011 vaadin

New Filter API in Vaadin 6.6

Vaadin is available in version 6.6 preview since this week. Among other interesting enhancements, one surely caught my attention, the new Filter API. To understand why it’s so interesting, one must know how it’s handled in version 6.5 and before. But first, a word about filters in Vaadin: they are used in containers, which handle collections of items, in order to sort out eligible items.

Apr 25, 2011 cloud cloudfoundry

First try with CloudFoundry

The cloud is here to stay. When Google made Java available for its App Engine PaaS platform, I was there and I tried it. Last week, VMWare launched its competitor, the CloudFoundry platform, and I wanted to try it the same way. Since then, I’ve played a little with it and it’s full of good surprises compared to Google App Engine.

Apr 18, 2011 code coverage test

100% code coverage!

The basis of this article is a sequences of tweets betwen me and M. Robert Martin, on April 8th 2011: If you have 100% coverage you don’t know if your system works, but you do know that every line you wrote does what you thought it should.@unclebobmartin 100% code coverage doesn’t achieve anything, save making you safer while nothing could be further from the truth.@nicolas_frankel 100% code coverage isn’t an achievement, it’s a minimum requirement. If you write a line o

Apr 11, 2011 test

Cons of custom assertion matchers

Ten years ago, the only tests we knew of were users acceptance tests. The last decade saw a gigantic leap forward: it brought unit testing. Unit testing was made popular with JUnit. In turn, TestNG added annotations to the test classes, making them ever easier. Then, EasyMock provided the means to mock our class dependencies in a test context while Mockito streamlined the process of doing so. One could think everything has been said and done for unit testing and we should move forward to a more w