JSP as integration testing glue July 25, 2008
Posted by javafoo in j2ee, java, java http, javanotes.1 comment so far
As part of one of our new projects, a team mate and I are working on two different areas of the project. This other team mate is responsible for writing the integration glue code that uses all the components that I am writing. But he is not ready yet and I will be on vacation when he is ready. Of course I have unit tests to test my parts. But I want to test the integration part of it. I can do this the boring way: write a Junit that sets up all the test data and almost end up writing very complex tests to integrate all my components. The more fun way is to write JSPs to do all the integration tests, the JSP can act as a loose test glue script. And I am building the JSPs in such a way that I can stop and view the results at each integration point, before moving on to the next one. It’s visual and fun. And I have managed to catch quite some bugs. I wonder why I haven’t thought of looking at JSPs this way.
Authentication and Authorization March 19, 2008
Posted by javafoo in general programming, java, javanotes, security.add a comment
I sometimes mistake one for the other. Of course a simple search on Google or wikipedia will clear this. But it doesn’t seem to stick with you, unless you understand, assimilate and put it in your own words. So here goes, for me authentication means, the authenticating entity (a server, for ex.) needs to know, that you are, who you say, you are (simplest mechanism: username/password). Authorization is the second stage to authentication: Ok, now I know you are ‘joeblack’ (you have been authenticated), so what are trying to do? what roles do you have (admin, user etc.)? Given your roles, can you do what you are trying to do? There, now I will never mix them up, hopefully.
Java HttpURLConnection with redirect March 16, 2007
Posted by javafoo in java, java http.2 comments
So I am trying to automate an application A at work, that needs to talk to another system B(also j2ee based), via http. But system B does not expose its applications as services and also certain applications need a user to login. So here’s what I do, I decide to write a http client that will emulate a login on system B (it’s a jsp on system B), grab the session cookie and then call the protected servlet on System B. Sounds simple enough.
But looks like it was going to be a long evening. I call login.jsp on system B and look at the logs on system B, seems like system B liked the username and password and it was also passing back the session cookie to my http client. But the subsequent call to the servlet in system B was failing, due to invalid authentication. After spending a couple of hours trying to debug my http client, I realize that the login.jsp on System B is doing a http redirect (well the HTTP 302 code should have tipped me off), so even though I was using the correct username and password the authentication was failing. So I add setInstanceFollowRedirects(false) on the HttpURLConnection object and everything starts working. I don’t really care about the content that login.jsp delivers, so my client does not need to redirect. There is also a setFollowRedirects(boolean) static method that works on the class, so use caution when using this method as opposed to the instance method.
That is my lesson for the day and I will stick my head out of the window for a blast of that chilly mid western breeze.
Refactoring your own code… January 30, 2007
Posted by javafoo in java, javanotes, refactoring.2 comments
I can’t describe the kind of high I get when refactoring my own code and that too code that was only written a month ago. And when doing it to my own code, I can be as ruthless as I want to be, without coming off as a jerk or being too intrusive. Right now I can’t believe the kind of bloated code I wrote a month ago, I am reprimanding my self (the month old self) and patting my back (the current self), at the same time. Everything looks and feels so much better now, crisp and concise, each in it’s own little silo. So go ahead, don’t be bashful, refactor away, as many times as possible. You will realize how naiive you were just a few weeks ago. Ok I think I will stop now, sorry this is not exactly a technical kind of post. Just a feel good post, something I wanted to share.
Good java/j2ee app shared hosting December 19, 2006
Posted by javafoo in hibernate, java, java hosting, javanotes, struts basic.1 comment so far
…is non-existent. Sorry I let the title fool you. So, I have been working on this small project (struts, hibernate, mysql stack) on the side. No the project did not warrant the need of java, I could have hacked it in good ol’ perl/PHP/Python, take your pick. But the people(University of ..midwest) who wanted it done, thought java was cool and the help that I got, could only program in java (yes, this is the case mostly, you can hardly find programming language agnostic programmers these days). I digress, anyhow, the app was done, everything seemed to work on my trusty laptop. The demo went fine and the client asked to have it deployed. They left the hosting to me. Piece of cake huh! Hardly, I discovered. It’s the ‘E’ for enterprise in j2ee, it’s just not meant for shared web hosting, you are better off with dedicated servers and your own IS staff to maintain it. Most of the shared service providers will not give you your own java VM and/or tomcat/jboss/resin to play with, the security policy files are too restrictive(rightly so, it’s their server they don’t want you to muck around) and you will need to know all the libraries in your app that will need permissions (mostly by trial and error). The support staff are *nix demi-gods, most of them will reply promptly, even at unearthly hours(they need to get a life), but will draw a blank with any Java webapp help. All in all not a pleasant experience. Of course this has changed a bit now, there are some mature java webapp aware hosting providers out there, you can find them with a little googling. But it comes at a premium, not really helpful when you are on a budget. So if your project is small and you can get away with some simple scripting language-mysql magic, that can be hosted on the $19.99/month hosting service in the midwest, put your foot down, educate the client, stay away from java. Yeah, I know this piece of advice, coming from javafoo. But that’s how it is.
