It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
Why would you ever need to create a custom Classloaders? A real world example would be great!
Application servers such as Java EE servers and OSGI containers use custom classloader to support updating and removing software dynamically.
Other custom classloaders are used to support dynamic code injections (From Java 5.0 Instrumentation is preferred)
Typical cases are:
Instrument/Load classes at runtime.
Load encrypted classes.
Remote class loading.
It's not something you'd be likely to ever have to write yourself, but you might make use of one as part of some complex frameworks -- for instance, dependency injection is often implemented with ClassLoaders. Another common use of custom class loaders is in unit testing: a custom class loader can be used to replace classes loaded by the unit under test with "dummy" versions which respond in a controllable way (for instance, to simulate errors which would otherwise be difficult to create).
Frankly speaking it is really hard to imagine Java ecosystem without non-standard classloaders. A lot of loosely coupled architectures are based on classloaders. I would suggest to spend several hours with JSPF (Java Simple Plugin Framework), because only some practical experience will be really valuable for you. JSPF is quite simple and allows not only to understand potential cases, when custom classloaders are needed, but also to feel the power of such solution.
Try to follow a simple plan:
Define an interface (a contract)
Provide an implementation as independent module/jar
Use JSPF and previously defined contract to discover available implementation(s)
Do some useful stuff with discovered implementation
Understand you have loosely coupled system
Find out how classloaders are actually used in this example
Please also look through the following links:
http://code.google.com/p/jspf/
http://code.google.com/p/jspf/wiki/UsageGuide
Related
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
maybe this is not a technical question but I bet here are many experienced developers that can help me answering that
thanks
A DAO layer is essentially an abstraction like Sajit says. However I disagree with his interpretation. The point of abstracting something to achieve a goal - usually the simplification of some more complex use case.
You could easily create a DAO layer that also provides more functionality than simply doing application entity - data entity mapping. It could provide caching, optimisation, translation, resiliency etc. So There is no reason why it could not offer the ability to better scale your application.
Ultimately is depends on terms - what does scaling mean to your application? More/faster ??? etc.
Dao is typically used to abstract away the implementation details of the database in an application and has nothing to do with scalability.
The DAO (Data Access Object) is used to provide a layer of abstraction over the database. It tends to have methods which in turn eventually open connections and execute queries and/or stored procedure.
I think that when it comes to the scalability issue, you need to watch out for 1 major thing in a DAO: Connection management. If you are using some third party library, maybe something along the lines of Hibernate you will most likely have to worry less about connections since these are managed by the library itself.
On the other hand, if you implement everything yourself you will need to make sure that you open the connection at the last moment possible and release it at the first possible moment. Having a DAO which hogs connections will eventually limit how will your application scale.
Lastly, in some cases, the DAO passes direct queries to the database. You will need to keep an eye on how you build these queries to make sure that they do not involve any unneeded processing.
In really simple words, You really can't make a scalable application if everything is tied up. DAO is just another layer which helps you deals with the Data Access Logic. This way you know where you can find your dynamic sql and stuff and can enhance and maintain it.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I'm currently developing a programming contest website, and want to implement support for submitting code and running it on the website. After quite a bit of googling, I still haven't found any "guides" for this.
Does anyone know of a website(or other sources) that contains some basic guidelines or ground rules for this?
Appreciate all replies.
PS: If anyone wonders about all the programming language tags, I'm planning on supporting at least these languages.
Careful -- if you're finding it difficult to break this project down into some smaller, more tactical problems, I'd strongly suggest that you make no attempt whatsoever to actually run anyone else's code on your site. In terms of creating the site itself, I'd suggest leveraging pre-built components or services where possible -- Wordpress, GitHub, etc.
Once you've got the submissions, you'll want to have a way to run them safely. For all practical purposes, this means that you should assume that any machine you run someone else's code on might spontaneously burst into flames. While it's true that some of these languages have features you should be able to use to run code in a "sandbox", you're probably not going to be expert enough in all these languages to be able to properly secure all of them.
It seems that something like Amazon's EC2 might be helpful -- spin up a VM when you need to run a submission, and throw it away when you're done. They've got some pre-configured images that would probably be well-suited to running this code, and if something gets buggered up because of buggy or malicious code, you don't mind too much because you're just going to throw it away when you're done.
There is a site that already does this, albeit for a particular purpose: scraping data.
https://scraperwiki.com/ - Unlike jsfiddle, scraperwiki executes server-side code. As far as I can gather, they likely sandbox the environment via amazon instances. Not sure that their code can be entirely audited and sanitized, given the variety of languages and scraping libraries they support.
I think most people are baffled as to how scraperwiki keeps hackers and spammers at bay from misusing their resources. They've been rather mum about it; either they've manually audited every bit of executed code, or hackers/spammers haven't caught onto them yet. Since the site has a specific function, they probably check data utilization to determine suspicious activity. ...but, one man's site scraping is another man's harassment and injection by get/post.
My hunch is that they'll never publicly spell out what their security audit process is like.
If you really had to do it, simplest mechanical way of doing this without virtualization is to use a variant of eval(). But, not all languages have that. Which brings you to option B, which is virtualization. Better people than I can explain how to regiment virtual machines to this effect, and will caution you properly on letting strangers abuse your resources. Instead, I'll share my PHP experience.
Some years back I've made a project that does code execution on the fly (on a local machine.) As you type, it takes the code via ajax and executes after each keystroke. Here's a video of its behavior: http://www.youtube.com/watch?v=Yfxrt2pc3pg.
Half a decade and 3 improvement prototypes later, I'm still not sure how I would responsibly lock this down as a common resource.
For Java it is quite simply:
You're have to create Servlet, for uploading source code into server (for
example, via POST request)
Use Java Compiler API to compile source code to bytecode ( tutorial )
Compiled bytecode you're might dynamically load via ClassLoader and launch it (also you're might configure SecurityManager)
And don't forget about MVC architecture :)
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
I would like to give an executable jar file to my client and I have a code in it to expire after a certain time. But if the client uses some decompiler and reads the class file, he can modify and make the code to work Is there any way I can stop this from happening.
Can I use deleteOnExit() or some other technique ???
If you are so worried someone will crack your software, you'll need to use some kind of client/server architecture where your client can only log in to a webpage in your servers.
Any code can be cracked if there's someone who really wants too. Of course, most of the time its simply not worth it.
Best solution for this is PaaS (platform as a service)..
put your logic on a server as server-app and let client-app communicating with server-app through web-service or any other way .. this is the best real solution..
BTW: using obfuscation cannot protect your code.
Sorry, not possible in any kind of environment currently in use. If you are so worried about the client stealing your code, it might be good to reevaluate your relationship with him.
On the other hand, you could provide him with a gated VNC view of your software, whereby he can use it but where you remain in control of the environment.
In the past, I've used Zelix KlassMaster to perform obfuscation. It does a very good job, however, you have to spend time to configure it such that it works properly for your needs. If you use reflection, then you have to ensure that it doesn't obfuscate those class/method/property names, etc. One of its strong suits is that it will obfuscate strings as well.
All that being said, the end result is that your client will still have your code, alebit in a very difficult-to-understand format. However, if he truly has the time and effort, he can reverse engineer it.
A lot also depends on exactly what it is that you are trying to protect. If you are trying to protect the actual IP then obfuscation will help you out. If you are trying to protect licensing, then obfuscation just makes it a little more challenging for someone to figure out where your licencing module(s) are and how to circumvent them. In the latter case, I would then suggest that you use something like AspectJ to weave in licensing checks in several different classes just to make it more difficult to break. However that too is not fail-proof.
As others have already said, the only fool-proof system is to not give the client the code in the first place and change to a SAAS (Service as a software) solution.
What about using a modified classloader that is able to load your classes from an encrypted storage. As you do not directly expose the jar and the classes inside it might help but as all others said above - it won't be bulletproof.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 12 years ago.
Hypothetically, could java be used to write a website instead of, say, asp.net. or php?
J2EE is an entire branch of Java made towards running Java as a web server. It includes making it easy to code for distributed servers, a messaging protocol and database interaction. It's extremely powerful, well written and stable and you'll find it's used by many large web sites.
It's also very different from just coding a simple single-purpose server. Some of the complication is up-front/built in, so there is a larger initial learning curve but you won't encounter many of the problems you would if you tried to do it on your own...
For instance, imagine the most complex server-side code you've written--what would it take to make it run distributed across 2 servers (So that either server may answer any request with the requests based on server load)? If it were written in proper J2EE it would just be editing a few config files.
Some would argue that this is what Java is mostly used for! Sarcasm aside check out the Wikipedia entry for Java Enterprise Edition for the summary and of course the official Oracle Java EE website for details.
Basically there is a whole host of mature server APIs and application servers from different vendors (including Open Source vendors) that implement those APIs. Server side Java is really a mini-industry with god knows how many companies, open source projects, conferences and the like.
If you are new to server side Java you coming in at a good time, you missed the dark days EJB 1.0 and 1.1 and now there is a rather useful, if a little heavyweight set of APIs on which to build your server side applications.
Yes, it is actually quite common.
I think so. It's the basis for JSP and Java Servlets.
Yes.You can use Tomcat web container or glass fish, JBoss,...
There is few frameworks, like Tapestry, JSF,...
If you encountered a .jsp extension for a page, it was definitely Java (.jsp = Java Server Pages). Of course you can generate plain HTML (or whatever you want) as well.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 12 years ago.
I am new to Java and really impressed with it. I am interested in leveraging the latest java technology, however, not from an enterprise standpoint. I want to leverage the latest technology from a small business development point of view. I feel that the small mom and pop grocery store can enhance their operational effectiveness by using the new Java technology, obviously not on an enterprise scale. If my thinking here is incorrect and if there is a school of thought that the current Java technologies is not designed for the small business person (which consist of 80% of the businesses today), I can accept that. If not, then
what Java development framework, tools, skills, etc; do you recommend as a minimum for small business development?
Jerry McLeod
Frameworks, tools, languages and skills are all designed for tasks, therefore it's relatively meaningless to talk about the organisation instead of about the tasks which an organisation might wish to perform. A kid in garage could use every piece of Java Enterprise software available just as well as a Fortune 500 company could choose to use PHP.
So in essence, your question doesn't make a lot of sense without reference to what you might want to do with it. It's true that a small business is unlikely to want many of the large-scale features that Java can offer, but it doesn't mean they can't use them if it's appropriate for the task at hand!
Tools should fit the task at hand; the task at hand should not be defined so as to use the latest tools.
What tasks need to be done for small businesses? If I were just working on a website, I'd probably use PHP. But I have no idea what you're looking for.
Core framework for Java (Web) Development is Spring and Apache Commons libraries. And same for database access is hibernate. As development tools I would suggest SpringSource Tool Suite and for web application deployment Apache Tomcat. And my favorite build tool is Apache Maven.
But all this can variate what you would like to develop.
you should watch out with getting flooded in al sorts of skills, frameworks, tools you start learning. That might become a huge confusion. Basically if you want me to spam with words, I'd say you definately need
J2EE, JAAS, Spring and hibernate.
As a person I would recommend you to learn OO programming first if you are not familiar with java. I think there is little use in these tools if you don't know how to use java. I would start with reading Design patterns - Head first, and Effective java, to explore what OO is really all about. You can't get into business development (how small it is even...) except if you do it together with someone who knows what he does.
but that's just my thoughts
First of all why would Mom&Pops care if it's Java, C++ or ASM? Second of all you didn't really tell us what you want to achieve. Do you want to create web applications or standalone apps? For the latter you just need Java SE+any framework needed to get a certain job done. If you want to do webapps then it gets a bit hectic. Some people already mentioned Java EE, Spring, Hibernate etc. but there's also EJB (well it's part of the Java EE), Struts and so on.
Some might say java isn't well suited for small web apps, well I can't agree with that. JSF+Spring+Hibernate and you can get a simple usefull webapp up and running in 2-4weeks.