January 5, 2016

NetBeans Dream Team

It is great to start 2016 with the announcement that I have been included in the NetBeans Dream Team!

I always try to be as objective and unbiased as possible when writing and talking about tools and technologies, but I guess it has been pretty obvious that NetBeans is my favorite IDE and in my opinion the best IDE for Java EE development. Being a member of the Dream Team will enable me to contribute even more to make this great tool even greater.

More information about the NetBeans Dream Team can be found on the wiki.

December 5, 2015December 9, 2015

Snoop becomes SnoopEE [ˈsnuːpı]

SnoopEE [ˈsnuːpı] – The lean and simple discovery mechanism for Java EE based microservices.

What’s in a name, really?

Naming is hard! When I came up with the name Snoop for my discovery mechanism for microservices based on Java EE, my though was to associate the name with “snooping around for services to discover”. It seems, however, that most people’s thought goes to Snoop Dogg when hearing the name and that was never my intention.

That is one of the reasons for the renaming. Another consideration is that I want to point out that the best fit for SnoopEE is for Java EE!

At the same time I don’t want to signal that it is only for Java EE. I want it to be just as lean and simple no matter what technology used to implement the services. That is the only reason why I have been a little reluctant to the renaming.

SnoopEE has a nicer feel and as the twitter poll indicates, I am not alone thinking this.

For the record, I have nothing at all against Snoop Dogg! I just feel that Snoopy the dog is a little bit cuter…

I have crated a new page for SnoopEE, but as for everyhing else, such as GitHub repo, maven coordinates and naming, it all stays as it is until properly announced otherwise.

November 17, 2015

Cool Security Feature in MVC 1.0

If you are developing web applications, sooner or later you will come across something called Cross Site Request Forgery. The most common way to prevent CSRF attacks is by embedding additional, difficult-to-guess data fields, or tokens, in requests containing sensitive data.

Support for CSRF protection has been added to the MVC 1.0 specification. It goes like this:

First, enable CSRF Protection in your application configuration by setting the javax.mvc.security.CsrfProtection to either CsrfOptions.EXPLICIT or CsrfOptions.IMPLICIT.

@ApplicationPath("mvc")
public class MyApplication extends Application {

    @Override
    public Map<String, Object> getProperties() {
        final Map<String, Object> map = new HashMap<>();
       
        // explicit CSRF Protection
        map.put(Csrf.CSRF_PROTECTION, Csrf.CsrfOptions.EXPLICIT);
        return map;
    }
}

Then add the CSRF token to your forms. The Csrf object is available in Expression Language as mvc.csrf .

<form name="form" action="" method="post">
   ...
   <input type="hidden" name="${mvc.csrf.name}" value="${mvc.csrf.token}"/>
</form>

If CsrfOptions.IMPLICIT is used, you’re done. All controller methods annotated with @POST and that consumes the media type x-www-form-urlencoded will be automatically checked for a valid CSRF token.

If CsrfOptions.EXPLICIT is used, then the @CsrfValid annotation must be added exlicitly to the methods you want the CSRF token to be validated.

@CsrfValid
@POST
@Path("new")
public Response createReservation(@BeanParam FormBean form) {
   // your controller implementation
}

And that’s all you need!

November 15, 2015

DZone Most Valuable Blogger Program

I am proud to announce that I have been added to the DZone Most Valuable Blogger (MVB) Program. In practice, this means that they will select among my published blog posts/articles and republish it on DZone.

The list of my DZone articles can be found here.

October 31, 2015October 31, 2015

JavaOne is all about Community

JavaOne 2015 is a wrap!

Five days packed with technical sessions, discussions, community building…It is such a blast!

I have heard more than once that this conference is more about the people than the technology. And I totally agree with that.

Since I am pretty heavy involved in the Java Community Process (JCP), many of my activities this year (as last year) was connected to this. I was interviewed on NightHacking about the JCP in general as well as the JSRs I am on the expert group of (368, 371 and 375). I also managed to get in a word or two about Snoop with input from Arun Gupta.

In addition to my planned sessions, CON1615: Meet Snoop – a Discovery Service for Java EE and BOF3666: How would you like to improve the Java EE Security API, I was also on stage at the CON4176: Introduction to MVC 1.0 (JSR 371).

Thursday morning we had a very productive Face-to-Face meeting in the JMS 2.1 Expert Group (JSR 368). The minutes from this meeting can be found here.

Last, but not least, thanks to Tomitribe for gathering together the #usualsuspects and making sure everyone is having a good time.

September 29, 2015

Meet Snoop @ JavaOne

JavaOne in San Francisco is less than a month away. If you have not registered yet, do so now!

So far so good! Then you will need to add sessions you want to attend to to your personal schedule. Make sure you don’t wait until the last moment. The most popular sessions tend to fill up pretty fast.

My presentation Meet Snoop – a Discovery Service for Java EE may be can be found in the Schedule Builder by searching for CON1615. Add it to your schedule so that you are sure to get a seat. It may fill up…

September 5, 2015

Help Wanted – Logo for Snoop

Are you in possession of artistic and/or creative skills and want to contribute to an Open Source project?

Snoop is an open source service registry and discovery mechanism for Java EE based microservices that is in desperate need of a logo.

Have a look at https://github.com/ivargrimstad/snoop/issues/13 and see if you can help.

Check out Snoop@GitHub for more information about Snoop.

September 4, 2015September 5, 2015

Snoop in Swarm

If you want to run a Snoop enabled microservice in WildFly Swarm, you will need to add some more dependencies to get it to work. This is because Snoop relies on being run in a Java EE 7 compliant application server. And you will need to tell Swarm what parts you need to be able to run it.

In addition to the Swarm modules your microservice depend on, you will also need to add the following dependencies that Snoop requires:

<dependencies>
  <dependency>
    <groupId>eu.agilejava</groupId>
    <artifactId>snoop</artifactId>
    <version>1.3.0-SNAPSHOT</version>
  </dependency>
  <dependency>
    <groupId>org.glassfish</groupId>
    <artifactId>javax.json</artifactId>
    <version>1.0.4</version>
  </dependency>
  <dependency>
    <groupId>org.wildfly.swarm</groupId>
    <artifactId>wildfly-swarm-jaxrs</artifactId>
    <version>1.0.0.Alpha4</version>
    <scope>provided</scope>
  </dependency>      
  <dependency>
    <groupId>org.wildfly.swarm</groupId>
    <artifactId>wildfly-swarm-ejb</artifactId>
    <version>1.0.0.Alpha4</version>
    <scope>provided</scope>
  </dependency>      
  <dependency>
    <groupId>org.wildfly.swarm</groupId>
    <artifactId>wildfly-swarm-weld</artifactId>
    <version>1.0.0.Alpha4</version>
    <scope>provided</scope>
  </dependency>      
</dependencies>

The build section may be just as any swarm application:

<build>
  <plugins>
    <plugin>
      <groupId>org.wildfly.swarm</groupId>
      <artifactId>wildfly-swarm-plugin</artifactId>
      <version>1.0.0.Alpha4</version>
      <executions>
        <execution>
          <goals>
            <goal>package</goal>
          </goals>
        </execution>
      </executions>
    </plugin>
  </plugins>
</build>

Doing this will enable you to run your application as a JAR:

java -jar myservice-swarm.jar

A more complete example can be found here:

https://github.com/ivargrimstad/snoop/tree/master/snoop-examples/snoop-swarm

July 13, 2015

New Design

I have been thinking of freshening up the design of this blog for a while. The plan was to do it in a controlled manner with a proper backup first. But as we all know, everything does not necessarily happen according to plan in this industry. Sometimes a rm -rf * in a slightly unfortunate location has a tendency to speed up the process a bit…^[1]

But, apart from a couple of missing images that will be added within the next couple of days, I think the result turned out pretty good!

_{[1] Can’t even blame the cat for sitting on the keyboard this time…}

June 27, 2015June 28, 2015

Snoop 1.0.0 Released

Snoop..what…?

An explanation may be in order. Snoop is an experimental open source discovery service for Java EE that I created as a demo for my presentation at JavaLand earlier this year. After that I have developed it a little further and now I deem it good enough to be showcased more publicly.

The artifacts are published in Maven Central and has the following coordinates:

<dependency>
   <groupId>eu.agilejava</groupId>
   <artifactId>snoop</artifactId>
   <version>1.0.0</version>
</dependency>

<dependency>
   <groupId>eu.agilejava</groupId>
   <artifactId>snoop-client</artifactId>
   <version>1.0.0</version>
</dependency>

The Snoop Service is also available in Maven Central and for convenience available as a Docker image.

$ docker run -it -p 8081:8080 ivargrimstad/snoop-service:1.0.0

The GitHub project contains the source code as well as more documentation.

https://github.com/ivargrimstad/snoop

agilejava.eu

by Ivar Grimstad