JSP Insider - http://www.jspinsider.com

News - Articles/Tutorials/Code/Reviews - JSP/Servlet Hosting Companies - Links

JSP Buzz: Vol. II Issue #13

JSP and Java Newsletter

7.10.2001
Table of Contents
News
  1. Common Servlet Engine Security Hole Exposed
  2. Linux, Java proponents embrace .NET
Rambles
  1. .Net Examination
  2. HTML Based Newsletters
  3. Java Conferences
Links of Interest
  1. Electronic Publishing with XML
  2. JSP Security for Limiting Access to Application-Internal URLs
  3. Principles of good GUI Design
  4. The gentoo.org redesign, Part 3
  5. Personalize Your Website With Skins
  6. Java Cookbook: Web Server Java: Servlets and JSP
  7. Are EJB's really needed?
  8. Some Questions about object databases
  9. Comparing Semantic Equivalency Of XML Documents
  10. JSP and Velocity Comparison
Products
  1. Oracle licenses Orion Server
  2. Sybase v12.5 Adaptive Server Enterprise has built in EJB container.
  3. ZoneAlarm Version 2.6
Reviews
  1. XML Spy 3.5
  2. JBoss - Even Closer to a BEA Killer
News
Common Servlet Engine Security Hole Exposed
The ServerSide  July 3rd,2001 
A common security flaw in several Servlet/JSP containers has been found. The bug allows JavaScript code to be embedded in a URL of a target servlet engine, which will result in the JavaScript being executed within the users browser.
Linux, Java proponents embrace .NET
Infoworld  July 6th, 2001 
The Mono Project will enable .Net to be deployed to Linux servers as part of the Gnome project. Source code will be available under the General Public License (GPL) and the Lesser General Public License (LGPL). The project will consist of three sections, A C# compiler, a set of CLI compatible class libraries and a Linux version of the Microsoft CLR run- time engine to permit Linux systems to run .NET applications. The interesting part of this project is the attempt to build everything under an open source license without the hassles of Microsoft's shared source program.
Rambles
.Net Examination
Casey Kochmer 
Well I am excited, since I have been ask to visit and chat with some of the people at Microsoft. I am looking forward to this as a chance to really closely look at the .Net and ASP.Net products. Since .Net should be released in final production format in the last quarter of this year, the timing is right to see where ASP.net is now. Having talked to several .Net experts It seems many of new features which excite programmers the most are the ones which are available to Java/JSP programmers. This means the playing field should be pretty even between ASP and JSP. After I get back, I will write down my thoughts and comparisons between the products. The big question for the JSP Buzz readers is: What questions do you have? Send them my way so I can compile a list of questions to ask the folks at Microsoft. I should have something to write up by the end of the month!
HTML Based Newsletters
Casey Kochmer 
The vote is in and no one requested the HTML format to be mailed out. Several requests were received to keep the text based version. So the JSPBuzz will remain a text based email newsletter.
Thanks for your feedback.
Java Conferences
Casey Kochmer 
Well this year many of the conferences are slowly disappearing. However, a few outstanding conferences are still around for the benefit of JSP programmers. I would like to take a moment to actively plug one particular Java Conference. The Java Jam. Not only is this a great chance to get some one and one time with Java and JSP experts, But it is a chance to relax while learning. The conference has a great JSP line up with many well known experts. Every session at this conference will help your JSP web- application skills along.
GEEK CRUISES' JAVA JAM: NOVEMBER 11-18, 2001
With the exception of JavaOne which won't happen again till next year, you will not find a better conference to learn JSP! I am usually pretty low key on promoting events and such, but I am excited to be part of the Java Jam and look forward to seeing some of the JSPBuzz readers there!
Check out the schedule:
Links
Electronic Publishing with XML
John McKeown, Benjamin Jung  June 27, 2001 
A description of the process used in creating electronic publications using XML and related standards. The article is based upon the methods used to generate conference proceedings for the XML Europe 2001 conference.
JSP Security for Limiting Access to Application-Internal URLs
Jamie Jaworski  June 27, 2001 
A example of how to use XML and JSP together to build a simple multiple page application. The article includes example code and links to the source.
Principles of good GUI Design
   
These guidelines are more geared towards client server and applet types of applications, however, many of the guidelines can still be applied to a web page. Many JSP and Server-Side developers concentrate on the server side aspects of a project. This results in weak / poor client side GUI design and practices. Remember no matter how perfect your server side Java is, your project still fails if the user cannot use the final HTML page.
The gentoo.org redesign, Part 3
Daniel Robbins  July 2001 
Since we are on the topic of GUI design. Here is an article about a site redesign and the thoughts of the programmer working on the redesign. The words of wisdom I liked the best are: "remember that content comes first, layout second, and graphical embellishments a distant third. "
Personalize Your Website With Skins
Brian R.J. Heumann  June 2001 
If you are interested in offering visitors a website with a customizable look and feel, here is a good introduction. The article demonstrates building dynamic "skins" for a JSP site. While it might be extra work for us developers, someone out there is sure to love the choice of Polo, Aqua, and Brick color schemes.
Java Cookbook: Web Server Java: Servlets and JSP
Ian Darwin   
This sample chapter contains code samples on how to perform basic functionality. For example, there is a simple example on how to process the data from an HTML form within a servlet. Another example shows how to generate a PDF file from a servlet. Overall the examples are fairly basic, and newer JSP and Servlet programmers could find the examples handy.
Are EJB's really needed?
The ServerSide   
A great discussion on the need for EJB's and how to distribute your logic within a large application. This discussion also talks about Java stored procedures and using object databases. It is also a debate on whether business logic should be moved to the database or to a middle application tier. I highly recommend this thread to application designers.
Some Questions about object databases
   
While relational databases are well understood, using object databases are not as well known. This is a quick FAQ about using object databases which will give a high level introduction to the subject.
Comparing Semantic Equivalency Of XML Documents
Brett McLaughlin  June 2001 
This is an examination on how to compare XML documents to find out whether they're the same. As with most of Bretts articles this is an excellent article. Anyone working with XML files with Java of beginning to mid level of experience will find this of interest.
JSP and Velocity Comparison
Jon Stevens  July, 2001 
This presents a look at JSP and gives a comparison to Velocity. It should be noted that Jon is a co-founder to the Velocity project so he will have a biased view towards Velocity. The article really ends up being a long discussion on JSP's weaknesses and Velocity strengths. In other words an attitude against JSP exists within the article. However, it is a good article to read as knowing the weaknesses of a product is as important as knowing the strengths.
Products
Oracle licenses Orion Server
   
This is old news now, since Oracle began using the Orion server last month within its product line. This great news for Orion, which is an awesome product. However, the fun part and the reason the link is in this buzz comes from the month of comments various programmers have made about the products. This makes for interesting reading from my geek perspective. It also can be viewed as a brutally honest review of the J2EE marketplace.
Sybase v12.5 Adaptive Server Enterprise has built in EJB container.
   
Sybase's newest version of Adaptive Server Enterprise database has modified the way it uses EJB's. This new version features direct XML persistence (as opposed to storing as BLOBS), an entity bean container that runs in the database, and the integration of the file system with the database. The link here actually takes you to the Server-Side which has an extremely interesting discussion about the ramifications of such an architecture.
ZoneAlarm Version 2.6
   
In the last issue we mention security as a problem for web developers. Another issue of security is your own personal PC. While at work we may be behind a secure Firewall, many of us also work from home. You shouldn't forget about securing your home PC either. One product which you can download for free home personal use is ZoneAlarm. While no single product can make you safe, using ZoneAlarm at least gives an initial level of protection for your computer.
Reviews
XML Spy 3.5
Altova   
I like XML spy. It did help me in working with my XML files. I consider it to be craftsman's tool workbench. You lay out your XML file, clamp it done on XML Spy and go to work. XML spy is not perfect and it does take a little while to get use the features. I have been using it for three weeks on and off and I am only beginning to dig down into the tool. Even so, at my high level of usage it did help speed up my XML development. I basically used it as a expanded text editor which gave the ability to place a spread sheet like interface to work with a XML file. However, it is much more than a expanded text editor, offering XML validation, schema / DTD design and more. XML spy is also handy for working with XSL transformations with plug in modules for supporting various different XSL and XPath engines. I am highly interested to see where Altova expands this tool. I suspect it will have a bright future. I do recommend that you download the trial version before buying XML spy. The tool will probably not be what you expect it to be upon first trial. It is a tool that takes a bit of time and use in order to both grow to appreciate and determine how to best use it with your XML files.
JBoss - Even Closer to a BEA Killer
The ServerSide   
A great review on JBoss with a comparison to BEA. The conclusion is that JBoss is an excellent J2EE server worth looking into for anyone starting a J2EE application.

Browse all of the JSP Insider source-code.

Questions or comments? Contact support@jspinsider.com.

Copyright © 2002 Amberjack Software LLC.