The Online Open Platform for users to create test and quiz

While with Oracle for several years there had been many instances when the database performance had not been optimal. This had nothing to with the configuration of the sever but more with tuning of database. Here are some tips which I had been using

Make sure that database statistics is upto-date. As this is one of the factor which can influence explain plan. We can gather statistics by executing following command:

EXEC DBMS_STATS.gather_schema_stats(‘TDWDBA’);

Where TDWDBA is the schema name.

Design by Contract essentially mean that a class has to fulfill certain responsibilities and are inside a boundary. This is done by use of interface. If you have a class which implements an interface (as is done in Java) , it has been designed by contract. The contract here is the methods which this class has to implement.

Going further down , if a class method getMyDetails(long ssnId)
we can put a assert statement like
assert ssnId != null;

Maven surefire plugin is used to run unit tests during test phase of build lifecycle . The reports are generated in .txt or .xml file. These files are generated at ${basedir}/target/surefire-reports

Surefire runs unit tests during build phase, not integration tests which are executed during package phase. But you can include integration tests also to be run

Below is the configuration for surefire plugin in your pom.xml

<profile>
<id>itest</id>
<build>
<plugins>
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<version>${maven.surefire.report.version}</version>
<configuration>
<includes>
<include>**/*IntTest.java</include>
<include>**/*IntTests.java</include>
</includes>
</configuration>
</plugin>

</plugins>
</build>
</profile>

When working with hibernate, one of the most used methods would be session.get or session.load.
Let us see what the difference between these tow

Take a look at this code :

Session hSession = this.getCurrentSession();

hSession.beginTransaction();
User u = (User)hSession.get(User.class, 8);
u.setLoginName(“skillguru”);
u.setPassword(“forgetmenot”);
hibernateSession.getTransaction().commit();

session.get() makes a hit to the database to get the data if the obejct does not
exist in the application.
Session.load gets the proxy for the instance, hence saving a database trip.But if there was no such object in the database then the method session.load() throws an exception whereas session.get() returns null.
Both the methods will return the instance or a proxy for the instance, if the instance or
proxy is already associated with the session.Only difference is that the session.load()
will throw an exception if the persistent entity does not exist in the database

In this post we will share some notes about Security. Cryptography in J2ee architect Certification .

Security

Select from a list security restrictions that Java 2 environments normally impose on applets running in a browser. The Java 2 security model is policy-based and has superseded the sandbox/trusted approach of Java 1.1. In Java 1.1 remote code (applets, for example) that was not trusted was constrained to the sandbox. If the remote code was signed and trusted then it could access local resources.

Cryptography, Digital signatures and Certificates can be used to increase the security of a system. Java offers a number of interfaces for related services. Firewalls are also important for protecting the gateway between trusted and untrusted networks.

Code Source:A combination of a set of signers (certificates) and a code base URL.By default, Java 2 uses a policy file to associate permissions with code sources

Security Policy File: permission is the right to access a protected resource or guarded object. For Java 2 permissions are specified in the security policy file. Only one policy is in effect at a time. A policy file consists of a number of grant entries. Each grant entry describes the permissions (one or multiple) granted to a code source.

Policy class: You can use java.security.Policy to create your own security policy.

java.security package : The following are some of the classes in the java.security package:

CodeSource – This class extends the concept of a codebase to encapsulate not only the location (URL) but also the certificate(s) that were used to verify signed code originating from that location.

KeyStore – This class represents an in-memory collection of keys and certificates. It manages keys and trusted certificates.

MessageDigest – The MessageDigest class provides applications the functionality of a message digest algorithm, such as MD5 or SHA.

Permission – Abstract class for representing access to a system resource.

Policy – This is an abstract class for representing the system security policy for a Java application environment (specifying which permissions are available for code from various sources).

ProtectionDomain – The ProtectionDomain class encapulates the characteristics of a domain, which encloses a set of classes whose instances are granted the same set of permissions.

Security – Centralizes all security properties and common security methods.

Given an architectural system specification, identify appropriate locations for implementation of specified security features, and select suitable technologies for implementation of those features.

Exposure to threats can be mitigated by using:

Authentication, Authorization (ACLs), Protecting Messages, Auditing

Web tier authentication (This is the usual location for this)

• Basic HTTP – the web server authenticates a principal with user name & password from Web client
• Form-based – lets developers customize the authentication user
• HTTPS mutual authentication – the client and server use X.509 certificates to establish identity over a SSL channel. Read more…

There are multiple ways to read properties file in Spring

Let us say you have database user name , password etc configured in jdbc.properties and would like to inject the values at run time.

Here is what will go in applicationContext.xml

<bean id=”dataSource” destroy-method=”close”>
<property name=”driverClass” value=”${jdbc.driverClass}”/>
<property name=”jdbcUrl” value=”${jdbc.url}”/>
<property name=”user” value=”${jdbc.user}”/>
<property name=”password” value=”${jdbc.password}”/>
<property name=”minPoolSize” value=”${jdbc.minPoolSize}”/>
<property name=”maxPoolSize” value=”${jdbc.maxPoolSize}”/>
</bean>

and this will be your properties file

jdbc.driverClass=oracle.jdbc.driver.OracleDriver
jdbc.url=jdbc:oracle:thin:@abc.com:1521:ORAC
jdbc.user=hello
jdbc.password=hello
jdbc.minPoolSize=1
jdbc.maxPoolSize=10

At run time, the properties file value will be injected  into the applicationContext.xml

I am summarizing the most useful Eclipse shortcut keys which are really helpful in day to day work

Ctrl + Space : Content Assist

syso + Ctrl + space = writes out System.out.Println for you (I love this one)

Ctrl + Shift + T : Open resource box to look for a Java file

Ctrl + Shift + R: Open resource box to look for a non Java file

Ctrl + F8 : Switch between perspective

Ctrl + F11 : Run the last launched

F11 : Run the last launched in debug mode

Ctrl + Page Up / Ctrl + Page Down : Move between open classes

Alt +Shift +J : Add block comments to a clas sor method

Ctrl + Shift + / : Comment the selected code Read more…

We we migrated from JSF1.0 to  JSF 2.0 ,  we had to convert the files to .After this change, it was found that the  google ads were not  displayed in chrome browser although the same code worked on Firefox and IE.

for eg if you have this code and save it as ,xhtml file , the ads will not be displayed

<html xmlns=”http://www.w3.org/1999/xhtml”>

<body>

<script language=”javascript”>

google_ad_client = “pub-494222175576702985″;

google_ad_slot = “00987428928″;

google_ad_width = 728;

google_ad_height = 90;

</script>

<script language=”javascript”

src=”http://pagead2.googlesyndication.com/pagead/show_ads.js”>

</script>

</body>

</html>

</html>

<html xmlns=”http://www.w3.org/1999/xhtml”><body><script language=”javascript”>

google_ad_client = “pub-494222175576702985″; google_ad_slot = “00987428928″;

google_ad_width = 728; google_ad_height = 90;

</script> <script language=”javascript” src=”http://pagead2.googlesyndication.com/pagead/show_ads.js”>

</script>

</body>

The reason being that google js file uses document.write, which is not allowed in a application/xhtml+xml page. As per W3C Read more…