A RESTful url using Stripes.

RESTful url may contain the content type with in the url string. For example: http://host/action/xml/bookmark. Here “xml” is content type, this content type can be changed to “text, json” or etc…

So following urls are valid too. http://host/action/text/bookmark, http://host/action/json/bookmark etc…

these days I am playing with “Stripes” web framework a lot. Those who didn’t get in touch with “Stripes” have a look on the following URL – http://stripes.mc4j.org, hope you will enjoy it.

stripes has fantastic flexibility, it enables a lot of customization. Now my tutorial will demonstrate how you can enable this url pattern, where your single “ActionBean” will be invoked on the following url patterns:

http://host/action/xml/bookmark, http://host/action/text/bookmark, http://host/action/json/bookmark etc…

My target audience:
Who has already been introduced with Stripes or those who are interested on stripes framework.

Routing plan:
Request Dispatch
[visitor] —  > http://host/action/xml/bookmark — > [web server] — > [Stripe servlet] — > [Custom Action resolver] — > [remove user defined content type “xml” and retrieve action bean]

Response Dispatch
[clean url (after removing content type)] — > http://host/action/bookmark — > [BookmarkActionBean] — > [Resolution] — >

Pre requisite:
Stripes servlet is configured and web context is up and running.

ActionBean code:
*  create an ActionBean, for example “BookmarkActionBean”

@UrlBinding(“/action/bookmark”)

public class BookmarkAction implements ActionBean {

    private final Log LOG = LogFactory.getLog(getClass());

    private ActionBeanContext mActionBeanContext;

    private String mContentType = “text/xml”;

    public void setContext(ActionBeanContext actionBeanContext) {

        mActionBeanContext = actionBeanContext;

        // retrieve user requested content type constant for example “text,json, xml”

        // convert consts to mime type “text, text/xml, application/JSON”

        mContentType = URLHelper.getMimeType(URLHelper.getContentType(getContext().getRequest().getPathInfo()));

    }

    public ActionBeanContext getContext() {

        return mActionBeanContext;

    }

    @DefaultHandler

    public Resolution save() {

        if (LOG.isDebugEnabled())

            LOG.debug( “storing bookmark object on the data store, ” +

                       “response content type is requested – ” + mContentType );

        return new StreamingResolution( mContentType, new StringReader(“”) );

    }

}

Description:
Here i have set our action on “/action/bookmark” url, but our user requested url pattern is “/action//actionBean”

Look on the “setContext” method, I have added an extra line

mContentType = URLHelper.getMimeType(URLHelper.getContentType(getContext().getRequest().getPathInfo()));

now have a look on the URLHelper class.

public static String getContentType( String pRequestedUrl ) {

        String contentType = CACHED_URL_CONTENT_TYPE.get(pRequestedUrl);

        if (contentType == null) {

            contentType = DEFAULT_CONTENT_TYPE;

            Perl5Util util = new Perl5Util();

            if (util.match( REGEX_ACTION_CONTENT_TYPE, pRequestedUrl ))

                contentType = util.group(1)+”";

            CACHED_URL_CONTENT_TYPE.put( pRequestedUrl, contentType );

        }

        return contentType;

    }

This method is responsible to retrieve user requested content type constants.
for example “text, xml, json”

public static String getMimeType( String pContentType ) {

        // convert content type to MIME Type

        if (pContentType.equalsIgnoreCase(CONTENT_TYPE_CONST_XML))

            pContentType = CONTENT_TYPE_XML;

        else if (pContentType.equalsIgnoreCase(CONTENT_TYPE_CONST_JSON))

            pContentType = CONTENT_TYPE_JSON;

        return pContentType;

    }

This method is also converting constant to MIME content type.
For example “xml –> text/xml”

Now return to my base action bean. I have added the following method, which is defined as default handler.

@DefaultHandler
public Resolution save() {

        ….

        return new StreamingResolution( mContentType, new StringReader(“”) );

    }

Here “mContentType” is repopulate when “setContext” is invoked.

ActionResolver code:
This is my action resolver.

public class NBookmarkSystemActionResolver extends NameBasedActionResolver {

     // ………   

    @Override

    public ActionBean getActionBean(ActionBeanContext pActionBeanContext, String pRequestedUrl) throws StripesServletException {

        String cleanUrl = URLHelper.getCleanUrl(pRequestedUrl);

        if (LOG.isDebugEnabled())

            LOG.debug( “user requested url – ” + pRequestedUrl + ” clean url – ” + cleanUrl);

        return super.getActionBean(actionBeanContext, cleanUrl);

    }

}

Now let’s have a look on “getCleanUrl” method.

public static String getCleanUrl( String pRequestedUrl ) {

        return pRequestedUrl.replaceAll(“/”+getContentType(pRequestedUrl),”");

    }

Custom ActionResolver configuration:

        Stripes Filter

        StripesFilter

        net.sourceforge.stripes.controller.StripesFilter

       

            ActionResolver.UrlFilters

            /WEB-INF/classes/

       

       

            ActionResolver.PackageFilters

            com.we4tech.nBookmarkSystem.service.webService/*

       

       

            ActionResolver.Class

            com.we4tech.nBookmarkSystem.configuration.NBookmarkSystemActionResolver

       

   

That’s all for today,

Hope you will enjoy stripes. Best of luck…

Nice Stripes web framework

hi,
at least i could manage some time to write about Stripes (http://stripes.mc4j.org/)

stripes is a web framework, it has very few dependencies, configuration over convention is highly adopted on Stripes.

you don’t need to bother about any separate XML file or properties file, it is as simple as web.xml servlet configuration. just put your all configuration over

more over it has default convention centric url discovery… for example “HelloAction”.. this action can be accessed over “http:///Hello.htm” or whatever u map on url mapping.

very flexible system. it has very simple work flow management, (who already familiar with JSF navigation or Spring web flow will be interested on its work flow)

by default it has multi action on each class, and you can override the url or any settings over @annotation. which is the most powerful feature over stripes.

web form validation is one of the nice and simple approaches over stripes. i am really loving it..
you can apply validation rule over @annotation. here is few example.. hope it will give you clean understanding.

@ValidateNestedProperties({
@ValidateNestedProperties({
@Validate( field = “accountName”, required = true, on = {“register”}),
@Validate( field = “password”, required = true, minlength = 6, on = {“register”})})
private User user;

@Validate( expression = “user.password == this”, on = “register”, required = true)
private String confirmPassword;

it has support over spring container, so spring developer won’t get you out…

best wishes…

http://hasan.we4tech.com

Content Management System (CMS)

today, i got a request to explain about Content management system and how it suppose to be developed. here i am putting my cms architectural thoughts over an Graphical presentation. i hope it will be easier to understand. (more will come on next blog)
How a Content Management System architecture should look like:

Overall architecture

1. Presentation layer:
presentation layer is consists with HTML, WML, XML, PDF or Multimedia object representation. if you say about Java. i would love to use “JSP, Velocity or Ruby” type scripting language. which has less access on core API or database access layer.
2. API:
API is main area to focus for the time being, on my next article, i will come up with more stuffs on integration or joint point. API is a complete bridge among presentation, web services and plugin integration. API has to maintain a series of stuffs.like: framework, repository and version of contents, LDAP and Database stuffs.

3. Framework:
Framework is the way to hook or tie up all stuff together. this part is consisting with Class/Interface and application container. most often DI and IoC container could be used over here, where managed objects are created and destroyed inside the container. this is for concrete Implementation on language dependent framework.

I would love to say about Spring Framework for managing all class and interface and aspects related stuffs.

this part of framework is highly scalable, tuned and tightly coupled with distributed object caching, DSO and persistence layer. this part has to support clustering and other performance and loading balancing related stuffs.

4. Repository/Version (VFS):
Repository is meant to be a process of storing content and their changes in a several versions. Repository is maintained over a Database or filesystem.

some content like Multimedia object which is better to be stored in local file system. repository and version system will ensure those object to be stored with their every change logs.

5. LDAP/Database:
For authentication and authorization purpose LDAP server can be used. it is good for isolating user related stuff. single ldap server can be used for multiple enterprise purpose. it is better practice to keep user out of the application specific storage.

6. Database:
any relational database can be used to store and retrieve contents. local file system will be used to store media type objects. (for example: image, video, audio etc…)
7-8. Web services:
To simplify all stuffs and tie them all under a same hood. web service is meant to be a good choice. it will provide various services over HTTP protocol. RESTful services with various content type. for example: JSON, XML or Plain textual. it is good choice to become more on web 2.0 and more on upcoming WEB 3.0 with lot of sharing with 3rd party buddies.

9-10. Joint point or Plugin:
this part is coming with a simple wrapper of API, which is intended to provide an abstract platform for Plugin and 3rd party developer. those who want to meet or add on their requirement on top of Content Management System, this part has to be developed.

best regards,
-hasan
“Fly without wings”

Common Security flaws

Through out my software development experience I found following common security pitfalls:

1. Relying on web browser supports, for example disabled, readonly or hidden html fields.
Some sites, (for example: spaces.live.com) keep user name inside a read only text field. Using FireBug or other DOM editor, anyone can alter those text fields.

2. Only JavaScript based content validation.
At anytime user can disable javascript feature. Keep security restriction support from server side.
3. No server side content sanitizing and validation
if you are missing server side data sanitizing and validation, it would worth a huge lost, when some people will introduce database injection or other problem.

4. If any button is used for single purpose, it should be disabled or hidden after performing its task.
Otherwise user may click on that button once again, perhaps that button will hit an unexpected server hit. Save server side hit.

5. Incase of own managed session, every session should commit to suicide after a certain life time. After session dead, every session ID must be invalidated.
Otherwise, user may use previous session id to perform any spamming.

6. Limit your controller to “POST” only.
All form submission and data changes request will be performed over “POST” request. And all data retrieval request will be performed over “GET” method.

7. Releasing product without proper security test.
Perform and verify all probable security pitfalls and development limitation, before opening for public.

8. Asynchronize ajax request for each function.
All functionality should be synchronized to perform each request. For example, a pipe can be used to handle one function, another pipe for handling another function. So whenever user double clicks on any button or function. It will wait until previous function is completed.

Functional pipe process

That’s all for today

Escenic – “MyArticles”

On our daily activities we have to manage a lot of articles. Most often articles are managed over user own computer. Obviously google doc (old writely) is doing excellent job. Google doc or these kinds of services are managing online documents.

But what do you think about Escenic?
Escenic is known as Content Management System. Many popular Nordic, UK and USA newspapers are publishing on Escenic Engine. Millions of articles, millions of multimedia objects and many user profiles are managed over strongly backed java based Escenic Content Engine.

Let’s think about an escenic publication where user manages own created articles. User has option to use Escenic web studio or Content Studio to manage own articles.
Let’s imagine we have developed a highly optimized AjAX based web interface where we are providing escenic backed article management and publishing system.

What does article mean?

1. A container of textual content
2. multimedia contents (i.e. Flash content)
3. pictorial contents
4. audio and video contents

escenic is born to maintain these kind of stuff. More over escenic has proved its own strength over year and year.

What does publishing mean?
User can publish own article on any 3rd party services. Let’s think you have a blog site. You want to publish one of your articles which is kept in “MyArticles” service. See how easily we can manage this stuff:

1. Just select your article from escenic web panel
2. Select publish to “my blog” service.

Exactly same way you can publish, podcast, video blog and so on.

How about busy journalist?
Let’s think about a journalist, who engages himself with lot of news services and blog site. How can we simplify his daily life? Obviously “MyArticles” can become a big hug.

What would be the features of “MyArticles” service?
1. Common platform for publishing article on many different services
a. Newspaper
b. Blog service
c. Picture, Video and Audio blog
2. A common platform and an API will be introduced to integrate new service
3. many more…

Food for think

order clomiphene

Color Selector V-1.0

Hello,

i was searching my old projects, suddenly i found one of my funniest projects. i named it “Color Selector”.

“move your mouse over anywhere and checkout the color’s hexa code. it is very helpful for web designer, who wants to pick color.”

Color hints popup window attached with mouse movement	System trey pop up enable/disable icon

history:
JDK 1.5 was in beta version, one day i was checking through all stuffs. suddenly i get to know about MouseInfo class.

so i wrote the following line of code:

MouseInfo.getPointerInfo().getLocation().getLocation();

now i have prepared a standalone package for windows with installer.
hope you will enjoy..

Scaling: Not Just About Architecture

published by Frank Sommers

        Summary

At SD Forum 2006, two eBay architects presented an overview how eBay’s
architecture handles a billion page requests a day, and how that
architecture evolved from a few Perl scripts to 15,000 application
instances running in eight data centers. One conclusion from the
presentation is that scaling is only in part a question of architecture.Predictably, the presentation contained a few awe-inspiring statistics, such as:

• 212,000,000 registered users
• 1 billion page views per day
• 26 billion SQL queries and updates per day
• Over 2 petabytes of data
• $1,590 worth of goods traded per second
• Over 1 billion photos
• 7 languages
• 99.94% uptime

Scaling: Not Just About Architecture

powered by performancing firefox

You Won’t Believe This, But The Arrow Operator Is Coming To Java 7

collected from www.weiqigao.com

Yes, the -> operator. According to Danny Coward, Sun Java SE Platform Lead, Java 7 will use the arrow operator for Java Beans property access:

Danny Coward talk PDF (p.27): Reading JavaBeans properties

a.setFoo(b.getFoo());a->Foo = b->Foo;

What’s wrong with using the good old dot?

Most of the stuff mentioned are nice and useful. I like the XML
literal and the BigDecimal arithmetic operator overloading. The Swing
simplification effort is long over due too.

powered by performancing firefox

Internet advertising is not just about ppc. It means a lot of work on the web design as well as the rest of the web development.

James Gosling’s Letter to the Java Community

Dear Java Community,

As you can see, we’re making progress with our plans to open source
Sun’s implementations of the Java platform. I’m happy to see Java
technology embarking on a new journey with this official open-source
licensing announcement.

Java technology has been a cornerstone of software development for
more than a decade now — the community is ready for the next chapter,
and the timing is right. As we stated at the JavaOne conference last
May, the most crucial part of this decision was that we realized
developers want to preserve compatibility, interoperability, and
reliability. We intend to take steps to help make sure Java technology
remains compatible, interoperable, and reliable. And we know the Java
community feels the same way.

We will continue to do an immense amount of testing with the Java
platform. Everything we do will get checked, rechecked, and we will
debug rigorously. We expect that people who care about reliability and
compatibility with the Java specification will continue to use and
enhance Java technology.

One reason Java technology remains so popular is that it’s
remarkably successful at spanning a lot of different domains. You can
write software for application servers, cell phones, scientific
programming, desktop applications, games, embedded software — the list
is endless. We’re intend to maintain the support of this broad span of
domains.

Sun continues to embrace open source, and I invite you to join us.
There are all kinds of contributions you can make. If there’s a bug
that you really care about, you can go work out a fix. (That’s one area
where developers have made tens of thousands of contributions over the
years.) I also invite you to help us add new features. If there’s new
functionality that you really want in Java technology, the process is
there to help you to add that to the platform as well.

Sincerely,
James Gosling

powered by performancing firefox

Monitoring and Managing Java SE 6 Platform Application

nice article on monitoring and managing java se 6 was published on java.sun.com/developer.

An application seems to run more slowly than it should or more
slowly than it did previously, or the application is unresponsive or
hangs. You may encounter these situations in production or during
development. What is at the root of these problems? Often, the causes
– such as memory leaks, deadlocks, and synchronization issues — are
difficult to diagnose. Version 6 of the Java Platform, Standard Edition (Java SE) provides you with monitoring and management capabilities out of the box to help you diagnose many common Java SE problems.

This article is a short course in monitoring and managing Java SE 6
applications. It first describes common problems and their symptoms in
a Java SE application. Second, it gives an overview of Java SE 6′s
monitoring and management capabilities. Third, it describes how to use
various Java Development Kit (JDK) tools to diagnose these problems.

Note: Any API additions or other enhancements to the Java SE platform specification are subject to review and approval by the JSR 270 Expert Group.

Monitoring and Managing Java SE 6 Platform Applications

powered by performancing firefox