IT Leadership, Architecture & Engineering. Cloud, AI, Data, Cybersecurity

Polymorphism is when your client has a reference to an interface, and it’s concreate class can be one of many implementations. A different different behavior or value in a subclass can be utilized without a switch or an if. Parent class class defaults can be inherited and overridden where necessary. A method can be declared in a parent class, but each subclass can have a specialized implementation/logic of that method e.g. calculateArea(); Encapsulation is a core principal, it refers to the bundling of data with the methods that operate on that data. Basically, logic and data go together. If you have a class, with properties and logic together – it is encapsulated. Helps separation of concerns and reduces surface areas – also supports immutability – since only the object can control the data.   Inheritance is the ability of objects in an Object-Oriented language to inherit properties and methods of other objects e.g. in Java, use extends or implements keywords. Delegation is whe...

  Java SE has a deep foundation for security – there are a variety of APIs and frameworks that plug on top of various security impls. JAAS: Java Authentication and Authorization Services GSS: Generic Security Services. Think Tokens. JCE: Java Cryptography Extension. Keys and Ciphers. JSSE: Java Secure Sockets Extensions. SSL and TLS. SASL: Simple Authentication and Security Layer. Layer between Client and Server – describes the how. RFC 2222   TLS (SSL) is a point-to-point, transient only solution which provides no context, discrimination to content. Authentication, confidentiality and integrity is provided. MLS (Message Layer Security) is an end-to-end security because it stays encrypted at rest and in motion. It is encrypted by the sender and can only be decrypted by the intended recipient. It does not depend on the transport layer. Realm is the complete database of users and group, a user is an individual, a group is a collection of individuals, each group or ind...

Here is the list of Gang of Four patterns related with an actual implementation in Java EE. Read on – it will make sense (hopefully). Strategy: EJB interface. Defines a family of algorithms, encapsulates each one and makes them interchangeable. Strategy lets the algorithm vary independently from clients who use it. Decorator: Dependency Injection. Attach additional responsibilities to an object dynamically. Provide a flexible alternative to sub-classing for extending functionality. Factory: EJBs . Define an interface for creating an object, but let the subclasses decide which class to instantiate. Chain: Filters. Decoupled requester and handler. Chain the handlers, one of them must handle it. Singleton: JNDI Ensure a class only has one instance, and provide a global point of access Flyweight: JDBC Connection Pooling. JDN Adapter : Use the same interface, but adapt to other classes. Façade: Single point of entry for a sub-system. Template: Defer implementation to su...

In the Java Persistence API, you don’t need to provide an XML descriptor to specify the primary key, while you do need to provide a back pointer reference in a bidirectional relationship, unlike the Entity Bean specification version 2.1. Java Server Faces can act as a front controller (i.e. no GUI) and unlike Custom Tag Libraries and much like a Servlet. JSF does save view state, but cannot be previewed outside the container. JCA = Java Cryptography Architecture as well as Java Connector Architecture. Having overloaded acronyms in the same domain is confusing. Java Cryptography Extension is packaged with JCA – guess which JCA? JAAS is the Java Authentication and Authorization Service. While the former supports RSA, DSA, AES etc, the latter abstracts authentication APIs as well as permissions API. JSSE is Java Secure Socket Extension – it is primarily used for TLS, SSL, Kerberos, SASL. Weirdly enough JNLP applications that are running without their jars signed can interact with Syste...

Java Server Faces seems to have a lot to offer in Java EE 5, one would really question the existing Web Frameworks – traditional Struts or Web Works – seem antiquated immediately. Backing Beans – deferred evaluation, bound listeners, validators and convertors provide powerful flexibility. JSF has a powerful lifecycle, with events, renderers, components orchestrated prior to the response going out. Renderer Kit provides output in any format, if none is provided you get HTML rendering by default. JSF must be compliant with at least Servlet Specifications 1.3 or later. JSP 1.2 or later, and packaged in a standard war file.

All of the new Web Services API requires XML processing. Thankfully there have been changes to how Java EE will handle that as well with a fresh batch of updates. JAXB 2.0: Improves vastly over JAXB 1.0 W3C XML Schema features (fixes missing bindings) Adds javax.xml.bind.annotation and supports Java-to-XML binding. Reduction in generated schema-derived classes. Validation via JAXP 1.3 validation APIs Smaller runtime binaries. Schema compiler, Schema generator and Binding runtime framework. JAXB 1.0 allowed validation: at unmarshall time, and on-demand validation on the content tree. JAXB 2.0 allows validation at marshall time and unmarshall time. Streaming API for XML (StAX) StAX is the all new efficient API for XML, it has a lot of great features: Stream-oriented Event-Driven Pull-design Read/WriteYou can create fast, light-weight, bi-directional parsers that is easy on the heap. JAXP (Java API for XML Processing) family includes StAX, TrAX, SAX, and DOM. StAX is good...

JAX-WS: Java API for XML Web Services. Does message oriented as well as RPC oriented services. Hides complexities of SOAP. No need to generate or parse SOAP messages (or understand the structure or format). The JAX-WS endpoints must be annotated with @WebService or @WebServiceProvider. The business method must be annotated @WebMethod – a Service Endpoint Implementation (SEI) will be generated for this. JAXB compatible parameters are required. Um, if you think Web Services or Clouds are NOT important, I hope the following stat will convince you.   The Client needs @WebServiceRef – the reference to the service (or wsdlLocation). Get the port from the service and then invoke the exposed method on the service. Yes you need the interface to the service. JAX-WS 2.0 Support WS-I Basic Profile Version 1.1, SOAP 1.1 and WSDL 1.1. There is support for doc/lit, rpc/lit, static ports, dynamic proxies, and DII. All in all JAX-WS seems like a winner! Well, can you still use SAAJ? Yes – ...