Links

  • 1. Sogeti
  • 2. JBoss
  • 3. IBM
  • 4. Oracle
  • 5. SpringSource
  • 6. NL-JUG
  • 7. Java

Archives

Syndication  RSS 2.0

RSS 1.0
RSS 2.0

Bookmark this site

Add 'JCN Blog' site to delicious  Add 'JCN Blog' site to technorati  Add 'JCN Blog' site to digg  Add 'JCN Blog' site to dzone

Posted by Hans-Jürgen Jacobs at 21:59 on Monday 11 April    Add 'The next wave in J2EE deployment' site to delicious  Add 'The next wave in J2EE deployment' site to technorati  Add 'The next wave in J2EE deployment' site to digg  Add 'The next wave in J2EE deployment' site to dzone

In the 1990s, enterprises discovered that storage was best treated as infrastructure, and network attached storage went from being a radical idea to a mainstream solution in the course of only a few years. Today, network attached processing—consolidating middle-tier server sprawl into a small pool of compute appliances—is poised to deliver similar management and consolidation benefits to J2EE deployments, which can reduce the cost and complexity associated with developing, deploying, managing, and provisioning distributed J2EE applications. [javaworld]

Posted by Hans-Jürgen Jacobs at 10:40 on Thursday 20 January    Add 'Software Infrastructure Bottlenecks in J2EE' site to delicious  Add 'Software Infrastructure Bottlenecks in J2EE' site to technorati  Add 'Software Infrastructure Bottlenecks in J2EE' site to digg  Add 'Software Infrastructure Bottlenecks in J2EE' site to dzone

Sometimes you can throw more CPUs and memory in a box and your web application doesn’t get any faster. This can happen when the bottleneck is not in the hardware but the software; specifically, your application server. Deepak Goel looks at what this looks like in terms of performance characteristics and what you can do about it. [onjava.com]

Posted by jcn at 22:52 on Wednesday 12 January    Add 'Programming Legends Debate .Net, J2EE' site to delicious  Add 'Programming Legends Debate .Net, J2EE' site to technorati  Add 'Programming Legends Debate .Net, J2EE' site to digg  Add 'Programming Legends Debate .Net, J2EE' site to dzone

VANCOUVER, British Columbia—In a meeting of programming heavyweights dubbed a shootout of competing platforms, participants exhibited criticism and sarcasm, but also a grudging respect for their opposing peers. [eweek.com]

Posted by jcn at 11:13 on Monday 3 January    Add 'Mastering J2EE Application Development Series from OTN' site to delicious  Add 'Mastering J2EE Application Development Series from OTN' site to technorati  Add 'Mastering J2EE Application Development Series from OTN' site to digg  Add 'Mastering J2EE Application Development Series from OTN' site to dzone

The Oracle Technology Network has launched a new 12-week series of technical articles providing expert advice and best practices on how developers can simplify the J2EE application development life cycle in 12 easy steps. Read the advice and real-world experiences of J2EE experts such as Ted Neward, Rod Johnson, and Craig McClanahan. This week:… [ artima.com ]

Posted by Hans-Jürgen Jacobs at 11:05 on Wednesday 29 December    Add 'J2EE and .NET Web Service Integration Problems' site to delicious  Add 'J2EE and .NET Web Service Integration Problems' site to technorati  Add 'J2EE and .NET Web Service Integration Problems' site to digg  Add 'J2EE and .NET Web Service Integration Problems' site to dzone

This article analyzes a number of interoperability problems resulting from interaction styles, basic data types, structures, and namespace issues between .NET and J2EE technology. It then offers some practices that you can use to avoid problems and improve the chances of successful integration. [TheServerSide.net]

Posted by Hans-Jürgen Jacobs at 9:56 on Wednesday 29 December    Add '(Woensdag)Hacking J2EE Systems' site to delicious  Add '(Woensdag)Hacking J2EE Systems' site to technorati  Add '(Woensdag)Hacking J2EE Systems' site to digg  Add '(Woensdag)Hacking J2EE Systems' site to dzone

Spreker: Erwin Geirnaert

De spreker begint zijn betoog met het feit behalve externe bedreiging de insider threat eigenlijk het meest voorkomt. Daarna laat hij een mooie checklijst zien aan de hand waarvan hij zelf een systeem zou kunnen hacken.

  1. Het OS (meestal windows)
  2. Als daar alles dicht zit komt de webserver aan de beurt
  3. Mocht die ook helemaal dicht zitten dan is er altijd nog de Applicatie Server

Het OS kan met een poort scan, google, geïnstalleerde backdoors (van die insider) en sites als metasploit.com redelijk eenvoudig worden gehackt. Als het OS goed dicht zit kan met webserver en daarna de appliactieserver worden gestart.
Het voordeeel van een webserver en applicatie server is het simpele feit dat deze eenvoudig zijn te downloaden denk aan Apache Tomcat en JBoss, maar ook BEA Weblogic en WAS zijn als trail te downloaden.

Menig webserver en applicatieserver wordt out-of-the-doos neergezet met al die handige sample en web based admin applicaties. Door deze applicaties bijvoorbeeld door de decompiler te halen zijn de zo mogelijke gaten op tes sporen. Via een admin webapplicatie kan vaak weer root rechten worden verkregen. Erwin geeft een aantal voorbeelden o.a. een waarmee in 4 regels een BEA 7.0 Webloic server kan worden gehackt. Slik. Geeft je wel te denken!

  • Test je applicatie
  • Ontwerp met beveiliging in het achterhoofd
  • Pas beveiliging op alle lagen toe
  • Encrypt alle vertrouwlijke data

Posted by Hans-Jürgen Jacobs at 21:22 on Sunday 19 December    Add 'A first look at Apache Geronimo' site to delicious  Add 'A first look at Apache Geronimo' site to technorati  Add 'A first look at Apache Geronimo' site to digg  Add 'A first look at Apache Geronimo' site to dzone

When released, Geronimo will be the first J2EE-certified open source server. This article will give you the basics you need for developing and deploying J2EE applications on Geronimo. Examples include a simple Web application, a JDBC (Java Database Connectivity) connection pool, and a simple EJB (Enterprise JavaBean) component. [java-channel.org]

Posted by Hans-Jürgen Jacobs at 12:02 on Tuesday 30 November    Add 'Clash of the .Net, J2EE Clans?' site to delicious  Add 'Clash of the .Net, J2EE Clans?' site to technorati  Add 'Clash of the .Net, J2EE Clans?' site to digg  Add 'Clash of the .Net, J2EE Clans?' site to dzone

Jim Wagner of InternetNews has written another piece that tries to pit .NET vs. J2EE. He cites a Forester report that claims .NET is in use in more enterprises than J2EE. He then goes on to talk about "ease of use" issues, and how Java 5 is coming to save the day. [TheServerSide]

Posted by jcn at 12:00 on Tuesday 29 June    Add 'Writing portable applications with AVK' site to delicious  Add 'Writing portable applications with AVK' site to technorati  Add 'Writing portable applications with AVK' site to digg  Add 'Writing portable applications with AVK' site to dzone

Portable applications, is dat niet waar Java voor staat? Helaas, vandaag de dag worden door verkeerd code gebruik of vendor-specifieke klassen de portabiltiteit nog behoorlijke schade aangedaan. Om hier meer inzicht in te krijgen heeft Sun de AVK ontwikkeld oftewel de Application Verification Kit. Hiermee willen zij een standaard neerzettten voor portable J2EE applicaties, en daarmee de kosten voor migratie te drukken en investeringen te garanderen. De toolkit test applicaties voor het correcte gebruikt van de J2EE API en voor het vermijden van vendor-specifieke (niet portable) code.
Read the rest of this entry »


© 2020 Java Competence Network. All Rights Reserved.