|
|
|
|
News - Articles/Tutorials/Code/Reviews - JSP/Servlet Hosting Companies - Links |
|
HTTP://WWW.JSPInsider.com/ .
___________________________ Sponsors ________________________________
This newsletter sponsored by: JSP Insider.
_____________________________________________________________________
***** IN THIS ISSUE **************************************************
1:The Brazil Project
2:Expresso Framework, Release 2.0
Rambles
1:Tea and JSP Revisited. A Closer Look at Tag Libraries
Links
1:Code samples
2:The Dilbert Zone
3:SecurityFocus.com
4:Java Cryptography Extension (beta 1.2.1 release)
5:Cryptix JCE. Java security implementation
Main Topic
1:Live Long and Prosper! The New Truths of Building a Web Application
Like this newsletter? Tell a friend about the JSP Buzz!
**********************************************************************
================================================================
THE LATEST NEWS
================================================================
1) The Brazil Project (Sun 8/22/2000)
Brazil is a next generation server product. Instead of delivering
information as a web server, it serves up any source of data about
which it has been given information. The power of this is many fold.
For example, you will be able to serve up information from many web
sites as if they were all the same web site. You can make
"dynamic-dynamic" web sites. (I had to think about that one for a few
moments. I suppose Sun can market the term Dynamic Squared! or Dynamic-
to-the-Nth-degree web sites). You may change the way the content gets
served up depending on the device requesting information. Brazil offers
two-way connectivity between ANY devices connected on the web. In
short, Brazil is something that is going to take the market and
developers months to digest and absorb its possible impact, and
then several more months to determine its net worth. If Brazil
(and other products like it) do catch on, we are looking at another
fundamental shift of the way we build web sites and applications.
It must be noted that the market has been slowly working its way to
products like Brazil for the past two years and the final success of
these products will entail a shift that will be years to realize.
So if you are an early adopter of technology, check it out!
If you are a more patient type of developer or enterprise, then
definitely keep an eye on this so you aren't caught by surprise. Of
course, the JSP Buzz will keep you up-to-date with trends and details
of this technology. Stay tuned!
2) Expresso Framework, Release 2.0 (Jcorporate 9/5/2000)
This news release announces an open source Java framework based on the
Java Servlets. While I haven't used this software myself, I have
noticed that in the JSP list forum people have had only positive
comments about Expresso. When people freely recommend
software, that's the best form of recommendation.
================================================================
Rambles by Casey Kochmer
================================================================
**** Tea and JSP Revisited: A Closer Look at Tag Libraries ****
A month ago, I raised the following two questions to the JSP community.
-Are you being successful with tag libraries?
-Have tag libraries made it easier for content designers to work
with your JSP sites?
The results are in and they are:
The JSP community was surprisingly silent on this issue. Of the
thousands of JSP and Java professionals reading these questions,
I received eight replies. So from the silence, the replies and
my research from questions being posed in the various forums, I
come to my first conclusion.
1) Tag libraries are still too new for people to have received
sufficient experience to be able to answer these questions.
The second conclusion I have found from my research is:
2) Building and deploying a tag library may be a cumbersome experience
for the JSP programmer undertaking it. (* This is a cosmic balance
sort of thing. Make something easier for one set of users at the
cost of others. Making things easy for everybody risks the formation
of black holes I suppose.*)
The third conclusion I can extract from the people who did
reply with their experiences is:
3) They felt tag libraries were worth building.
So these three conclusion lead me to a final conclusion.
Tag libraries are worth building. But, give yourself extra time
and resources to build a successful library due to the
difficulties and the newness of the technology.
Since it is clear tag libraries are new and it will take time
to see how successful they will become, we will revisit
this topic in the future at the JSP Insider web site.
Referenced Material: Tea and JSP (Casey Kochmer 8/1/2000)
================================================================
Links of Interest
================================================================
[Programming Aids] Code samples (Sun 9/2000)
Sun has put together a collection of examplets, small and simple
examples of how to code in Java. For example, if you were curious
how to serialize and deserializing an Object, 2 small
and simple examples are provided to show you how. These examplets
come from the book "The Java Developers Almanac 2000"
[Site]The Dilbert Zone
This is for Dilbert fans. In several previous issues of the JSPBuzz
I have talked about the strength's of the Java market and how
it is a good time to be a Java developer. I thought
it only fair to put a humorous twist about the marketplace in
this issue.
[Site] SecurityFocus.com
Nothing is ever secure and security is always a relative term.
This is another web site I recently began to use to help me keep
track of the various security issues we face in building web sites. In
addition, they have a good listserv called BugTraq which is a full
disclosure list for the detailed discussion and announcement of computer
security vulnerabilities (what they are and how to fix them).
[Security] Java Cryptography Extension
The JCE 1.2.1 beta release is available at Java Developer Connection.
This is Sun's implementation of a framework to provide encryption,
key generation, key agreement and Message Authentication Code (MAC)
algorithms. Support for encryption includes symmetric, asymmetric, block
and stream ciphers. The software also supports secure streams and
sealed objects.
[Security] Cryptix JCE. Java security implementation.
Cryptix JCE is a complete clean-room implementation of the official
JCE 1.2 API as published by Sun. Cryptix JCE is expected to be 100%
compatible with Sun's implementation and it is available
internationally under their liberal license. Best of all, Cryptix
is open source software!
================================================================
MAIN TOPIC by Casey Kochmer
================================================================
Live Long and Prosper: The New Truths of Building a Web Application
A fundamental shift is happening in web design and many people
are unaware of the direction successful web application development
is taking. These new truths of design are not really new. The fact
of the matter is that a new truth is often based upon old knowledge.
This is the case for the current design revolution.
The fundamental problem comes from a cultural view of the way programs
should be developed by programmers. Over the years, many people have
been trained to build applications in a client server or windows
environment. The problem is the design approach client server
and window projects take, what I term "throw away applications".
CURRENT DESIGN PHILOSOPHY
The current design approach, based on throw away applications, embraces
these tenets:
1) The most important factor in selecting a development language is
the speed at which you can develop your application. The second most
important factor is usually what tool is available that, simply, will
work.
2) These applications are not truly maintained, but rather new versions
or totally new applications are built to meet additional needs.
For example, many organizations have systems which are missing a desired
functionality. Often times in these cases the users built their own
systems using Excel, Access, or some other quick and easy tool which could
initially address their needs. The point here being, 90% of the time the
main client server application isn't expanded, but rather a new
application gets built!
Adding new features to an existing client server program is often
harder than buying a new program that works better. Often times, adding
a new feature means re-building and re-testing much more than just the
new feature, making expansion of existing applications
more expensive and time consuming. Again, the end result is
that new programs are built rather than current programs being
maintained.
3) New versions of software and operating systems will break old
versions of code.
BUT THE WEB ISN'T CLIENT SERVER
Web applications change the way we must think about building
a project. Two well know reasons (but not all the reasons) include:
1) Web applications are meant to be expanded! You don't need to
rebuild your whole system to add a series of new pages to your web
site. Expansion is easy, and more importantly, expansion is an
EXPECTED requirement of most web applications.
2) Web applications are less vulnerable to code breakage when new
software releases are applied because you have a high degree
of control of your server environment. Once your system is working
you don't need to upgrade very often (and, in practice, you don't
want to either unless required).
OK, nothing I have said here is news. It's all common knowledge. But
people are not connecting the dots yet. Many people building web
applications are building them as they learned to build client server
applications! In other words, developers are building sites with an eye
towards speed and ease of development. The fact of the matter is web
sites built this way have a large failure rate due to the throw away
development mentality. Ironically, many people will not realize their
web project has failed until a year or two after it is done!
And even then they won't realized they failed since the reaction will
be to build a new web site. They will contribute the web site failure
to changing conditions or some other factor. Little do they realize
a different approach could have ensured a long life span for their site.
THE NEW REALITY
Here's the new reality of building a successful web application.
1) The first thing you need to consider is maintenance. The tool used
to build your web site needs to match the current and future ability
of your enterprise to maintain and expand the web site. For example,
you have your web site built in PHP. Yes the site will work and
PHP is a great tool. If you only have CGI experience and
you can't find a PHP programmer easily, however, your site will fail
in the long term since you cannot maintain the site. It's not a matter
on how good PHP is as software. The strength of the solution hinges
on your ability to maintain your site.
2) The design needs to be modular and simple. Again, this is due to
maintenance considerations. A web application which requires massive
amounts of time just to maintain web pages will fail since your
enterprise will then be unable to expand their web application to meet
customer needs.
3) The design model (the logical model of your site construction)
of your web application needs to match the capabilities of your
enterprise's expertise. A web site may be built in many different
ways. Just because your competitor is successfully using a
particular design doesn't mean your shop will be able to use the same
design successfully. In addition, you need to be careful of the
development tool you pick. What many people don't realize is that
each web tool usually supports a particular design model of development.
So, just because a tool looks easy to use, the design it generates may
be complicated to maintain relative to your shop's expertise. For
example, since Servlets use Java, using Servlets tends to drive an object
oriented design for your site. If you use ASP, you will tend towards a
component based solution.
4) Only fools rush in... Sure you can quickly build a successful web
site. In the rush to get up, however, you may sabatoge your long term
success. Like many things in business and life, a little extra time
planning up front may be your real key to success down the road. For
today's web applictions, one of the new factors which people fail to
consider is integration of the many components required. Extra time
should be taken up front to pick the right components, troubleshoot
possible problems and identify replacement components. Expecting
all of your web components to integrate smoothly is unrealistic and
extra time spent up front will prevent failure of your project later.
Investment in a web application is a long term prospect. Don't be
fooled by faster development times. Extra time well spent up
front will mean longer life for your web application in the end.
This is especially important for a JSP project! For example, in theory
your JSP project will work within any JSP container with any JDBC
driver installed on any platform. In reality is it doesn't work this
way! A JDBC driver that works fine on NT may fail on Unix. JSP code
you wrote for Tomcat may not run on WebSphere. Up front planning is
critical in these cases to ensure everything does integrate smoothly!
5) And now time for my bombshell... A well designed web application
should have a lifetime of at least 10 to 15 years. At this point you
may be laughing or shouting in disbelief! People will say, "But the
software will change, the platforms will change, everything will change.
CHANGE! It's impossible due to CHANGE!"
"Nonsense," I respond. This is throw away application mentallity
drilled into us by our client server experience. Web application
software has a longer life than client server software. We have more
control over the application server. Modular components are easier to
upgrade when things do change. The bottom line is thing's aren't
changing that fast, we control the change more, and we can respond to
change better. We can and should expect more. It is now both practical
and realistic to plan for a web application to have a lifetime of 10,
15 or even more years! We need to look at web applications differently.
We need to walk away from disposable programs and start building
maintainable web applications.
Many web project designers reading this article will say, "But of
course I already think about these issues." Yes, well and good.
But are you thinking about them from a client server perspective or
have you really adopted a web application point of view? Are you really
thinking about and planning for maintenance? Because in two years,
when you have to build a replacement web site for a project you
complete today, I consider that to really be a sign of failure,
not change.
WALK THE TALK
What can you do? If you are in a web development project or are about
to start one, consider the following:
1) Ask yourself, "When the project is done, will I be able to
maintain it?"
2) Ask if you can maintain your project with existing staff or will
you need to hire people. If you try to hire people, can you find them?
3) Will the software AND COMPONENTS you are using be around in 2 years,
5 years or 10 years? If not, how do you plan on replacing them?
4) Can you find people to maintain this software AND COMPONENTS,
2 years, 5 years or 10 years from now?
5) While asking yourself if this web design makes sense also ask
if it can be easily modified to make future additions.
6) Ask if it makes sense that this system should be around for more
than 10 years. If not, then intentionally design for a short life.
If so, take the extra time up front necessary to make sure your web
application can really the test of time!
SUPPORTING MATERIAL
Application Servers Come of Age (SD Times 9/1/2000)
Read between the lines and apply everything I have discussed in this
article.
================================================================
SUBSCRIPTION
================================================================
You may unsubscribe from or subscribe to this newsletter by going to:
http://www.jspinsider.com/jspbuzz/index.html
Browse all of the JSP Insider source-code.
Questions or comments? Contact support@jspinsider.com.
Copyright © 2002 Amberjack Software LLC.