Spartan Java

It’s usually very nice, and sometimes a requirement, to validate usernames and passwords using existing credentials. And in most situations big frameworks or single sign-on systems are just damn overkill and complex.

If you need to check your users credentials via an existing Unix system (that supports PAM) or a Windows domain controller check out (continue reading…)

Using a nice AJAX auto completable input box is much nicer (for the user) than a combo box with 100 options. If you use jQuery, you may use a quite easy yet powerful plug-in called jquery.autocomplete (original, eh?). Grab it at http://www.pengoworks.com/workshop/jquery/autocomplete.htm.
(continue reading…)

Just in case you didn’t know, raising an exception makes the JVM do a lot of dirty work breaking execution flow and stuff. (continue reading…)

Do you really need to have a database table with all existing countries? What’s the benefit? Apart from adding one more database query to each page hit and an array to each users context while loading that form…

Think it over, every software component’s goal must be, first of all, to satisfy the users needs as fast and as reliably as possible. Considering the “fast” part, you must always evaluate if it’s really necessary to store this kind of info in a database table, and penalize the applications overall performance by adding another database query, recordset run through and a whole bunch of new objects in an array in request or session context.

(continue reading…)

If you ever deployed an application in a corporate environment, where an IT Security officer likes to keep a tight leash on who knows each system password, you probably needed to figure out some sort of security mechanism to store the passwords your application needs to connect to some database, access a web service, etc.

The most obvious and straightforward approach is to use a symmetric algorithm, like 3DES or AES, with an encryption password hard coded in your application to decrypt/encrypt the sensitive credentials. This has several cons:

1. Anyone with access to the source code of the application can decrypt all sensitive data, ie you can’t guarantee the security officer that someone from your team/company won’t abuse this
2. Anyone with access to the binary files of the application and a good de-compiler can decrypt all sensitive data, ie the security officer can’t even trust his IT production staff
3. To change the encryption password you have to re-deploy the application

And these are just the 3 most important issues that come to mind in 5 minutes…

(continue reading…)

I guess in more than one time you needed to display some text in a space where it not always will fit. For example graphical designers love to lay out lists and tables and purposely forget about how long each field will really be ;)

A solution I like is to display always a fixed number of characters and add the full text as a title (mouse over display). A really easy way to do this is using the substring function from the JSTL functions library, for example:

1
2
3

<span title="${myBean.myProp}">
${fn:substring(myBean.myProp,0,25)}
</span>