DOCSLIB.ORG

Developing Java™ Web Applications

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Developing Java™ Web Applications ECLIPSE WEB TOOLS PLATFORM the eclipse series SERIES EDITORS Erich Gamma ■ Lee Nackman ■ John Wiegand Eclipse is a universal tool platform, an open extensible integrated development envi- ronment (IDE) for anything and nothing in particular. Eclipse represents one of the most exciting initiatives hatched from the world of application development in a long time, and it has the considerable support of the leading companies and organ- izations in the technology sector. Eclipse is gaining widespread acceptance in both the commercial and academic arenas. The Eclipse Series from Addison-Wesley is the definitive series of books dedicated to the Eclipse platform. Books in the series promise to bring you the key technical information you need to analyze Eclipse, high-quality insight into this powerful technology, and the practical advice you need to build tools to support this evolu- tionary Open Source platform. Leading experts Erich Gamma, Lee Nackman, and John Wiegand are the series editors. Titles in the Eclipse Series John Arthorne and Chris Laffra Official Eclipse 3.0 FAQs 0-321-26838-5 Frank Budinsky, David Steinberg, Ed Merks, Ray Ellersick, and Timothy J. Grose Eclipse Modeling Framework 0-131-42542-0 David Carlson Eclipse Distilled 0-321-28815-7 Eric Clayberg and Dan Rubel Eclipse: Building Commercial-Quality Plug-Ins, Second Edition 0-321-42672-X Adrian Colyer,Andy Clement, George Harley, and Matthew Webster Eclipse AspectJ:Aspect-Oriented Programming with AspectJ and the Eclipse AspectJ Development Tools 0-321-24587-3 Erich Gamma and Kent Beck Contributing to Eclipse: Principles, Patterns, and Plug-Ins 0-321-20575-8 Jeff McAffer and Jean-Michel Lemieux Eclipse Rich Client Platform: Designing, Coding, and Packaging Java™ Applications 0-321-33461-2 Steve Northover and Mike Wilson SWT:The Standard Widget Toolkit,Volume 1 0-321-25663-8 Diana Peh,Alethea Hannemann, Paul Reeves, and Nola Hague BIRT:A Field Guide to Reporting 0-321-44259-8 Jason Weathersby, Don French,Tom Bondur, Jane Tatchell, and Iana Chatalbasheva Integrating and Extending BIRT 0-321-44385-3 For more information on books in this series visit www.awprofessional.com/series/eclipse ECLIPSE WEB TOOLS PLATFORM DEVELOPING JAVA™ WEB APPLICATIONS Naci Dai Lawrence Mandel Arthur Ryman Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Government Sales (800) 382-3419 [email protected] For sales outside the United States please contact: International Sales [email protected] Visit us on the Web: www.awprofessional.com Library of Congress Cataloging-in-Publication Data Dai, Naci. Eclipse Web tools platform : developing Java Web applications / Naci Dai, Lawrence Mandel, Arthur Ryman. p. cm. Includes bibliographical references and index. ISBN 978-0-321-39685-3 (pbk. : alk. paper) 1. Web site development 2. Java (Computer program language) 3. Internet programming. I. Mandel, Lawrence. II. Ryman, Arthur. III. Title. TK5105.888.D32 2007 006.7'6—dc22 2007010167 Copyright © 2007 Pearson Education, Inc. All rights reserved. Printed in the United States of America. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. For information regarding permissions, write to: Pearson Education, Inc. Rights and Contracts Department 75 Arlington Street, Suite 300 Boston, MA 02116 Fax: (617) 848-7047 ISBN 13: 978-0-321-39685-3 ISBN 10: 0-321-39685-5 Text printed in the United States on recycled paper at Courier in Stoughton, Massachusetts. First printing, May 2007 To my wife and best friend, Karen, who encourages and helps me in all my endeavors, and to my daughters, Maya and Ela, for letting me use their weekends and playtime for writing this book. I love you all. —N.D. To my wife, Elana, who inspires, encourages, and challenges me to try new things, like writing this book, and to my dad, Fred (), who bought me my first computer and who I know would have thought this stuff was so cool. —L.M. To my late father, Sydney Ryman, who taught me to love books and who died peacefully at the age of 85 while I was writing this one. Dad, thank you for all those weekend trips to the public library. —A.R. This page intentionally left blank Contents Foreword xvii Preface xix Acknowledgments xxiii About the Authors xxv Part I ❍ Getting Started 1 Chapter 1 Introduction 3 Java Web Application Development and Eclipse 3 What This Book Contains 4 How This Book Is Organized 5 Source Code Examples 8 Introducing League Planet 9 Summary 10 Chapter 2 About the Eclipse Web Tools Platform Project 13 WTP Is Born 13 WTP Economics 15 Reducing Development Expense 16 Generating Revenue 19 The Structure of WTP 22 The Scope of WTP 23 WTP Subprojects 24 The Architecture of WTP 27 The WST Subproject 29 The JST Subproject 34 vii viii Contents Contributing to WTP 37 Become a User 37 Monitor the Newsgroup 37 Report a Problem 38 Suggest an Improvement 38 Fix a Bug 39 Write an Article or Tutorial 39 Become a Committer 40 Grow the Community 40 Summary 40 Chapter 3 Quick Tour 41 Overview 41 Iteration 1: J2EE Web Applications 44 Add a Server Runtime Environment 46 Create a Dynamic Web Project 51 Create and Edit a JSP 56 Run the JSP on the Server 57 Summary of Iteration 1 60 Iteration 2: Servlets and Scriptlets 60 Add a Java Scriptlet to a JSP 60 Debug a JSP 61 Create a Servlet 64 Debug a Servlet 69 Summary of Iteration 2 70 Iteration 3: Database Access 71 Connect to a Database 72 Execute SQL Statements 75 Add Database Access to a Web Application 78 Summary of Iteration 3 82 Iteration 4: Web Services 82 Deploy a Web service 83 Use a Test Client 86 Monitor SOAP Messages 87 Summary of Iteration 4 88 Summary 88 Chapter 4 Setting Up Your Workspace 91 Installing and Updating WTP 91 The Installable Components of WTP 91 WTP Build Types 92 Contents ix Installation via Update Manager 95 Installation via Zip Files 98 Installing Third-Party Content 100 JDK Setup 103 Verifying the Installation 103 Updating WTP 104 Configuring WTP 105 Data Preferences 107 Internet Preferences 107 Server Preferences 107 Validation Preferences 107 Web and XML Preferences 108 Web Services Preferences 108 XDoclet Preferences 109 Sharing Settings 110 Summary 110 Part II ❍ Java Web Application Development 111 Chapter 5 Web Application Architecture and Design 113 The Web Landscape 113 Web Applications 115 Java Web Applications 116 Layered Web Application Design 120 Model View Controller (MVC) for the Web 123 Java Application Frameworks 128 Service-Oriented Architecture (SOA) 130 Providing Services: The Service Layer 130 Case Study: League Planet 133 Summary 135 Chapter 6 Organizing Your Development Project 137 Web Project Types and J2EE Applications 138 Web Projects 139 J2EE Modules 140 Creating Applications 140 Creating EJB Applications 148 Creating Enterprise Applications 154 Advanced Web Projects 160 Modeling the Developer View 162 x Contents Example Projects 165 Basic Enterprise Application 165 Dividing a Web Module into Multiple Projects 171 Using Maven for Web Application Development 180 Summary 196 Chapter 7 The Presentation Tier 199 Introduction 199 Interaction Design 200 Graphic Design 203 The Structure of the Presentation Tier 204 Iteration 1: Static Web Projects, HTML, and the Structured Source Editors 208 Static Web Projects 208 HTML 211 Structured Source Editors 218 Templates 221 Snippets 224 Summary of Iteration 1 230 Iteration 2: CSS 230 Summary of Iteration 2 234 Iteration 3: JavaScript 234 E-Mail Address Obfuscation 234 Data Entry Form Validation 236 Summary of Iteration 3 247 Iteration 4: XML and XSLT 248 XML 248 XSLT 252 Summary of Iteration 4 257 Iteration 5: DTD 257 Summary of Iteration 5 261 Iteration 6: Servers, Dynamic Web Projects, and Servlets 261 Servers 261 Dynamic Web Projects 267 Servlets 270 Summary of Iteration 6 279 Iteration 7: JSP 279 Summary of Iteration 7 289 Iteration 8: Monitoring HTTP Sessions 289 HTTP Sessions 289 Contents xi The TCP/IP Monitor 290 Viewing HTTP Sessions with the TCP/IP Monitor 291 Modifying and Resending a Message 293 Summary of Iteration 8 295 Summary 295 Chapter 8 The Business Logic Tier 297 A Common Business Tier Design 300 Iteration 1: The Domain Model 301 J2EE Utility Projects 301 The Object Model 304 The Service Layer 310 The Data Access Layer 315 Testing 320 Summary of Iteration 1 324 Iteration
Load more

Recommended publications
  • Adult Coloring Journal : Health & Wellness (Pet Illustrations, Pastel Floral)
    ADULT COLORING JOURNAL : HEALTH & WELLNESS (PET ILLUSTRATIONS, PASTEL FLORAL) Author: Courtney Wegner Number of Pages: 162 pages Published Date: 20 May 2016 Publisher: Adult Coloring Journal Press Publication Country: United States Language: English ISBN: 9781357676728 DOWNLOAD: ADULT COLORING JOURNAL : HEALTH & WELLNESS (PET ILLUSTRATIONS, PASTEL FLORAL) Adult Coloring Journal : Health & Wellness (Pet Illustrations, Pastel Floral) PDF Book For instructors, this is a great book if they don t have their own class notes one can teach straight from the book. The Art and Science of Photovoltaics series was developed to fill this education gap. " Human being is inseparable from animality. One of the core underpinnings of Eclipse is SWT, the Standard Widget Toolkit. This book was published as a special issue of Development in Practice. Visit a dinosaur dig site or a famous dinosaur track site-- and even make your own cast of fossilized tracks. This ground breaking work should be of special interest to life science professionals working in the areas of knowledge management, data mining, and visualization. ABOUT THE SERIES: The Very Short Introductions series from Oxford University Press contains hundreds of titles in almost every subject area. Built around a comprehensive directory of professional qualifying bodies each professional area is described in depth and its qualifications identified and explained. Another force behind successful habit change is belief in the ability to change the habit. Each play introduces students to a specific world culture by looking at holidays celebrated in that culture. You'll discover fresh and re-energized lessons, completely updated research, and vibrant vignettes from new colleagues and old friends who have as much passion for their subjects as you do.
    [Show full text]
  • Guidelines for Tools Development and Operating Environments
    Managing social, behavioral and economic data and metadata Guidelines for Tools Development and Operating Environments Author/Maintainer Pascal Heus, Open Data Foundation Contributors Jack Gager(Metadata Technology), Jannick Jensen (Danish Data Archive), Herve Lhours (UKDA) Version 2010-08-03 Table of Contents Overview....................................................................................................................................................2 Product Development.................................................................................................................................3 Environment.......................................................................................................................................... 3 Collaborative environment.................................................................................................................... 4 Licensing............................................................................................................................................... 5 Products Guide...........................................................................................................................................8 Overview............................................................................................................................................... 8 Web server software.............................................................................................................................. 8 Rich client Platforms...........................................................................................................................10
    [Show full text]
  • JCP at Javapolis 2007
    Javapolis News ❙ 14 December 2007 ❙ Nr 5 ❙ Published by Minoc Business Press 54 www.nonillion.com Parleys Want to become a NONILLIONAIRE ? mail us at : [email protected] Building Rich Internet Applications with Flex and JavaFX “There’s a well thought out com- an online environment using Adobe AIR. “Even when you ponent model for Flex”, he said. are offl ine, you still can update data. When the connec- “And there’s a thriving market tion comes back on, the system synchronizes automati- for components out there, both cally.” Open Source and commercial. So there are literally hundreds JavaPolis founder Stephan Janssen was next to explain of components available to how he decided to have Parleys.com rewritten using Flex. use in Flex.” And no, Flex isn’t Parleys.com offers a massive amount of Java talks – from there for fun and games only. JavaPolis, JavaOne and other Java events from all over “There are already a great the world – combining video images with the actual pres- number of business applica- entation slides of the speakers. Janssen programmed the tions running today, all built application for fun at fi rst, but with over 10 TB of streamed with Flex.” Eckel backed up video in just under a year, it’s clear Parleys.com sort of his statement with an ex- started to lead its own life. “The decision to write a new ample of an interface for an version was made six months ago”, he said. “It was still intranet sales application. too early to use JavaFX. And Silverlight? No thanks.” “Some people think Flex Flex allowed him to leverage the Java code of the earlier isn’t the right choice to version of Parleys.com and to resolve the Web 2.0 and make for business applica- AJAX issues he had en- countered while programming tions, because the render- the fi rst version.
    [Show full text]
  • Smart Execution of Distributed Application by Balancing Resources in Mobile Devices
    ALMA MATER STUDIORUM - UNIVERSITÀ DI BOLOGNA SCUOLA DI INGEGNERIA E ARCHITETTURA DISI INGEGNERIA INFORMATICA TESI DI LAUREA in Reti di Calcolatori M Smart execution of distributed application by balancing resources in mobile devices and cloud-based avatars CANDIDATO: RELATORE: Giacomo Gezzi Chiar.mo Prof. Ing. Antonio Corradi CORRELATORE: Chiar.mo Prof. Cristian Borcea Anno Accademico 2014/2015 Sessione III 2 Abstract L’obiettivo del progetto di tesi svolto e` quello di realizzare un servizio di livello middleware dedicato ai dispositivi mobili che sia in grado di fornire il supporto per l’offloading di codice verso una infrastruttura cloud. In particolare il progetto si concentra sulla migrazione di codice verso macchine virtuali dedicate al singolo utente. Il sistema operativo delle VMs e` lo stesso utilizzato dal device mobile. Come i precedenti lavori sul computation offloading, il progetto di tesi deve garantire migliori per- formance in termini di tempo di esecuzione e utilizzo della batteria del dispositivo. In particolare l’obiettivo piu` ampio e` quello di adattare il principio di computation offloading a un contesto di sistemi distribuiti mobili, miglio- rando non solo le performance del singolo device, ma l’esecuzione stessa dell’applicazione distribuita. Questo viene fatto tramite una gestione di- namica delle decisioni di offloading basata, non solo, sullo stato del de- vice, ma anche sulla volonta` e/o sullo stato degli altri utenti appartenenti allo stesso gruppo. Per esempio, un primo utente potrebbe influenzare le decisioni degli altri membri del gruppo specificando una determinata richiesta, come alta qualita` delle informazioni, risposta rapida o basata su altre informazioni di alto livello.
    [Show full text]
  • IP Log for Eclipse.Platform Release 4.0, July 2010 Licenses
    IP Log for eclipse.platform Release 4.0, July 2010 Licenses • Eclipse Public License v1.0 Third-Party Code CQ Third-Party Code License Use ICU4J (core and extended ICU4J License (X License, 1065 function) and ICU4J MIT Style) Replacement plug-in Version: 3.6 ICU4J License (X License, 1116 ICU4J Version: 3.4.5.20061213 MIT Style) 1153 JSch 0.1.31 Version: 0.1.31 New BSD license Apache Lucene Version: 1.9.1 243 (Core+Contrib Analyzers Apache License, 2.0 Analysis Src) 257 APT Version: 1 New BSD license Mozilla Public License 1.1 (MPL), MIT Style with No 262 Cairo Version: 1.0.2 Endorsement Clause, Historical Permissive Notice & Disclaimer ICU4J License (X License, 280 ICU4J Version: 3.4 MIT Style) ICU4J License (X License, 281 ICU4J Version: 3.4.3 MIT Style) 293 jsch Version: 0.1.28 New BSD license 308 PNG unload Version: 1 MIT license 1232 Apache Ant Version: 1.7.0 Apache License, 2.0 ICU4J and ICU4J Replacement ICU4J License (X License, 1367 Version: 3.6.1 MIT Style) Olsen time zone data Version: 1368 Public Domain 2007e Work derived from IJG JPEG 1596 IJG License Version: Release 6b,337 unmodified 1826 JSch 0.1.35 New BSD license source & binary ICU4J and ICU4J replacement MIT License with "no unmodified 1919 Version: 3.8.1 edorsement" clause source & binary unmodified 2014 jsch Version: 0.1.37 New BSD license source & binary XHTML DTDs Version: unmodified 2044 W3C Document License Versions 1.0 and 1.1 (PB CQ331) source org.apache.ant Version: 1.6.5 2404 (ATO CQ1013) (using Orbit Apache License, 2.0 CQ2209) org.apache.lucene Version: 1.4.3 2405 (Core Source Only) (ATO Apache License, 2.0 CQ1014) (using Orbit CQ2210) Junit Version: 3.8.2 (ATO 2406 Common Public License 1.0 CQ299) (using Orbit CQ2206) Historical support for Java SSH modified 2410 Applet + Blowfish Version - v.
    [Show full text]
  • Customizing Eclipse RCP Applications Techniques to Use with SWT and Jface
    Customizing Eclipse RCP applications Techniques to use with SWT and JFace Skill Level: Intermediate Scott Delap ([email protected]) Desktop/Enterprise Java Consultant Annas Andy Maleh ([email protected]) Consultant 27 Feb 2007 Most developers think that an Eclipse Rich Client Platform (RCP) application must look similar in nature to the Eclipse integrated development environment (IDE). This isn't the case, however. This tutorial will explain a number of simple techniques you can use with the Standard Widget Toolkit (SWT) and JFace to create applications that have much more personality than the Eclipse IDE. Section 1. Before you start About this tutorial This tutorial will explain a number of UI elements that can be changed in Eclipse RCP, JFace, and SWT. Along the way, you will learn about basic changes you can make, such as fonts and colors. You will also learn advanced techniques, including how to create custom wizards and section headers. Using these in conjunction should provide you the ability to go from a typical-looking Eclipse RCP application to a distinctive but visually appealing one. Prerequisites Customizing Eclipse RCP applications © Copyright IBM Corporation 1994, 2008. All rights reserved. Page 1 of 40 developerWorks® ibm.com/developerWorks You should have a basic familiarity with SWT, JFace, and Eclipse RCP. System requirements To run the examples, you need a computer capable of adequately running Eclipse V3.2 and 50 MB of free disk space. Section 2. Heavyweight and lightweight widgets Before diving into techniques that can be used to modify SWT, JFace, and Eclipse RCP in general, it's important to cover the fundamental characteristics of SWT and how they apply to the appearance of the widget set.
    [Show full text]
  • IBMが注力するオープンソース・プロジェクト ― Eclipseとdojo Toolkit ―
    解 説 2 IBMが注力するオープンソース・プロジェクト ― EclipseとDojo Toolkit ― 昨今のソフトウェア 開 発における重 要な要 素である Article 2 オープンソース・ソフトウェア。中でも、IBM が注力す Open Source Projects that IBM Invests in るオープンソース・プロジェクトとして、Eclipse と Dojo - Eclipse and Dojo Toolkit - Toolkit があります。Eclipse は、JavaTM ベースの統合 Open source software is an important factor in software 開発環境としての地位を確立し、さらにリッチ・クライア development today. Among many open source projects, IBM ントのプラットフォームとして 、 また、 サ ー バー・ サイドの is investing in the Eclipse and the Dojo Toolkit. The Eclipse is プラグイン技術として利用範囲を広げています。 一方、 dominant in the Java IDE area and continues to evolve as well as a rich client platform and a server-side plug-in Dojo Toolkit は、Web ブラウザー上で動作するリッチ・ technology, while the Dojo Toolkit is an emerging open インターネット・アプリケーションの開発に欠かせない、 source project that provides JavaScript libraries for developing rich internet applications. This article introduces 高機能 JavaScriptTM ライブラリーとして、製品での利 the latest activities and features on both open source 用が進んでいる注目株のオープンソース・プロジェクトで projects. す。本稿では、この二つのオープンソース・プロジェクト の動向をご紹介します。 ❶ ますます重要になるオープンソース ア開発へとそのターゲット・エリアを広 げ ています 。さらには、 開発環境としてだけではなく、 例 えばリッチ・クライアントの Linux®をはじめとしたオープンソースの潮流は、ソフト 基盤としての活用や、サーバー環境での活用もすでに始 ウェア開発の現場で注目され始めた黎明期から、質・種 まって いるの で す ( 図1)。 類ともに飛躍的な進歩を遂げています。オープンソースの 利用は、システム開発期間の短縮やコミュニティーによる Java開発環境から 統合開発環境、 Eclipse3.4 品質向上といったコスト削 減 のメリットに 加 えて 、 特 定 の ベ デスクトップ・プラットフォームへ Eclipse3.3 ンダーの技術に対する依存を避け、将来にわたる柔軟な Eclipse3.2 Web開発 システム構築のための重要な選択肢となっています。 Eclipse3.1 本稿では、そのようなオ ープンソース・プロジェクトの 中 組み込みデバイス開発 Eclipse3.0 から、IBM が注力する「Eclipse」と「Dojo Toolkit」 リッチ・クライアント Eclipse2.0
    [Show full text]
  • Pro Netbeans IDE 6 Rich Client Platform Edition.Pdf
    CYAN YELLOW MAGENTA BLACK PANTONE 123 C EMPOWERING PRODUCTIVITY FOR THE JAVA™ DEVELOPER THE EXPERT’S VOICE® IN Java™ TECHNOLOGY Companion eBook Available Author of IncIncludesludes newnew Pro NetBeans™ IDE 5.5 ™ NetBeans™ Enterprise Edition Pro NetBeans IDE 6 Pro (J)Ruby/Rails(J)Ruby/Rails IDEIDE Rich Client Platform Edition NetBeans Dear Reader, Today, numerous open source and commercial Java™ Integrated Development Environments (IDEs) are available. It seems that almost every month one of them comes out in a new version, claiming to be the best IDE. Making the decision to Pro migrate to a new IDE can be a big deal for some developers. This is especially true in professional software organizations that have an investment in IDE plugins, code-quality and build tools, and established development processes that can all ™ be affected by changing IDEs. If you or your organization have not yet switched to use NetBeans™ IDE platform, then the recent release of NetBeans IDE 6.0 will make you want to do so. NetBeans IDE 6 NetBeans 6 provides an amazing development environment. The NetBeans 6 Source Editor is arguably one of the most important features of an IDE, since that ™ is where developers spend a great deal of time. Through the newly rewritten core IDE 6 architecture, the NetBeans 6 Source Editor provides extremely intelligent and Rich Client Platform Edition powerful features such as code completion, syntax highlighting, and refactoring. NetBeans 6 has not only an updated code editor, but also many new features, such as Ruby/Rails support, Maven support, JUnit 4 support, and Local History, among others.
    [Show full text]
  • Return of Organization Exempt from Income
    OMB No. 1545-0047 Return of Organization Exempt From Income Tax Form 990 Under section 501(c), 527, or 4947(a)(1) of the Internal Revenue Code (except black lung benefit trust or private foundation) Open to Public Department of the Treasury Internal Revenue Service The organization may have to use a copy of this return to satisfy state reporting requirements. Inspection A For the 2011 calendar year, or tax year beginning 5/1/2011 , and ending 4/30/2012 B Check if applicable: C Name of organization The Apache Software Foundation D Employer identification number Address change Doing Business As 47-0825376 Name change Number and street (or P.O. box if mail is not delivered to street address) Room/suite E Telephone number Initial return 1901 Munsey Drive (909) 374-9776 Terminated City or town, state or country, and ZIP + 4 Amended return Forest Hill MD 21050-2747 G Gross receipts $ 554,439 Application pending F Name and address of principal officer: H(a) Is this a group return for affiliates? Yes X No Jim Jagielski 1901 Munsey Drive, Forest Hill, MD 21050-2747 H(b) Are all affiliates included? Yes No I Tax-exempt status: X 501(c)(3) 501(c) ( ) (insert no.) 4947(a)(1) or 527 If "No," attach a list. (see instructions) J Website: http://www.apache.org/ H(c) Group exemption number K Form of organization: X Corporation Trust Association Other L Year of formation: 1999 M State of legal domicile: MD Part I Summary 1 Briefly describe the organization's mission or most significant activities: to provide open source software to the public that we sponsor free of charge 2 Check this box if the organization discontinued its operations or disposed of more than 25% of its net assets.
    [Show full text]
  • Evil Pickles: Dos Attacks Based on Object-Graph Engineering∗
    Evil Pickles: DoS Attacks Based on Object-Graph Engineering∗ Jens Dietrich1, Kamil Jezek2, Shawn Rasheed3, Amjed Tahir4, and Alex Potanin5 1 School of Engineering and Advanced Technology, Massey University Palmerston North, New Zealand [email protected] 2 NTIS – New Technologies for the Information Society Faculty of Applied Sciences, University of West Bohemia Pilsen, Czech Republic [email protected] 3 School of Engineering and Advanced Technology, Massey University Palmerston North, New Zealand [email protected] 4 School of Engineering and Advanced Technology, Massey University Palmerston North, New Zealand [email protected] 5 School of Engineering and Computer Science Victoria University of Wellington, Wellington, New Zealand [email protected] Abstract In recent years, multiple vulnerabilities exploiting the serialisation APIs of various programming languages, including Java, have been discovered. These vulnerabilities can be used to devise in- jection attacks, exploiting the presence of dynamic programming language features like reflection or dynamic proxies. In this paper, we investigate a new type of serialisation-related vulnerabilit- ies for Java that exploit the topology of object graphs constructed from classes of the standard library in a way that deserialisation leads to resource exhaustion, facilitating denial of service attacks. We analyse three such vulnerabilities that can be exploited to exhaust stack memory, heap memory and CPU time. We discuss the language and library design features that enable these vulnerabilities, and investigate whether these vulnerabilities can be ported to C#, Java- Script and Ruby. We present two case studies that demonstrate how the vulnerabilities can be used in attacks on two widely used servers, Jenkins deployed on Tomcat and JBoss.
    [Show full text]
  • Javaedge Setup and Installation
    APPENDIX A ■ ■ ■ JavaEdge Setup and Installation Throughout the book, we have used the example application, JavaEdge, to provide a practical demonstration of all the features discussed. In this appendix, we will walk you through setting up the tools and applications required to build and run JavaEdge, as well as take you through the steps needed to get the JavaEdge application running on your platform. Environment Setup Before you can get started with the JavaEdge application, you need to configure your platform to be able to build and run JavaEdge. Specifically, you need to configure Apache Ant in order to build the JavaEdge application and package it up for deployment. In addition, the JavaEdge application is designed to run on a J2EE application server and to use MySQL as the back-end database. You also need to have a current JDK installed; the JavaEdge application relies on JVM version 1.5 or higher, so make sure your JDK is compatible. We haven’t included instruc- tions for this here, since we are certain that you will already have a JDK installed if you are reading this book. However, if you do need to download one, you can find it at http://java. sun.com/j2se/1.5.0/download.jsp. Installing MySQL The JavaEdge application uses MySQL as the data store for all user, story, and comment data. If you don’t already have the MySQL database server, then you need to obtain the version applicable to your platform. You can obtain the latest production binary release of MySQL for your platform at http://www.mysql.com.
    [Show full text]
  • Design Pattern Implementation in Java and Aspectj
    Design Pattern Implementation in Java and AspectJ Jan Hannemann Gregor Kiczales University of British Columbia University of British Columbia 201-2366 Main Mall 201-2366 Main Mall Vancouver B.C. V6T 1Z4 Vancouver B.C. V6T 1Z4 jan [at] cs.ubc.ca gregor [at] cs.ubc.ca ABSTRACT successor in the chain. The event handling mechanism crosscuts the Handlers. AspectJ implementations of the GoF design patterns show modularity improvements in 17 of 23 cases. These improvements When the GoF patterns were first identified, the sample are manifested in terms of better code locality, reusability, implementations were geared to the current state of the art in composability, and (un)pluggability. object-oriented languages. Other work [19, 22] has shown that implementation language affects pattern implementation, so it seems The degree of improvement in implementation modularity varies, natural to explore the effect of aspect-oriented programming with the greatest improvement coming when the pattern solution techniques [11] on the implementation of the GoF patterns. structure involves crosscutting of some form, including one object As an initial experiment we chose to develop and compare Java playing multiple roles, many objects playing one role, or an object [27] and AspectJ [25] implementations of the 23 GoF patterns. playing roles in multiple pattern instances. AspectJ is a seamless aspect-oriented extension to Java, which means that programming in AspectJ is effectively programming in Categories and Subject Descriptors Java plus aspects. D.2.11 [Software Engineering]: Software Architectures – By focusing on the GoF patterns, we are keeping the purpose, patterns, information hiding, and languages; D.3.3 intent, and applicability of 23 well-known patterns, and only allowing [Programming Languages]: Language Constructs and Features – the solution structure and solution implementation to change.
    [Show full text]