Friday, August 24, 2007

Javascript dynamic nature

1. eval() function
eval(string) is a top level built in function which lets you define and execute code on the fly. A programmer my not known in advance what code should be executed. Depending on values of different variables a particular statement may need to be executed at run time.


var fieldList = new Array('field1','field2','field3','field4','field5');
var tempObj;
for (count=0;count<fieldList.length;count++) {
tempObj= eval("document.myForm." + fieldList[i]);
if (tempObj.value.length==0) {
alert(fieldList[i] + " requires a value"); }
}
}

Also, eval() is used to parse JSON string to javascript object representation too.

var value = eval("(" + jsonText + ")");

2. The javascript object is essentially just an associated array, with fields and methods keyed by name. Javascript doesn' have built in concept of inheritence, every javascript object is really an instance of the same base class, a class that is capable of binding memeber fields and functions to itself (as associated array) at runtime.

myObject.shoeSize ="12" <=> myObject['shoeSize']="12"
myObject.speakShoeSize = function() { ...} <==> function speaksth() {...}
myObject.speakShoeSize=speaksth;

** note that NOT speaksth()

javascript function is a type of built-in object. A descendant of Object and can do everything that a Javascript object can such as having properties or other function object attached to it.

We can achieve polymorphic (dynamic binding) easily, for instance
myObject['methodName'](x, y, z); where methodName is a runtime passed in string

Wednesday, August 22, 2007

WebWork 2 to Struts 2 Migration Note

1. web.xml
Update FilterDispatcher, ActionContextCleanupFilter and SitemeshFilter to use Struts

2. JAR libs
Remove webwork-2.2.5.jar, xwork-1.2.2.jar, xwork-tiger-1.2.2.jar
Use struts2-core-2.0.9.jar, xwork-2.0.4.jar, struts-sitemesh-plugin-2.0.9.jar and struts-spring-plugin-2.0.9.jar. Note that the extensions are separated into different plugin jars.

3. xml Config files
Rename xwork.xml to struts.xml, xwork-agent.xml to struts-agent.xml, xwork-audit.xml to struts-audit.xml, etc.
in the config files, change some occurences of 'xwork' to 'struts' and change DOCTYPE to use struts-2.0.dtd

4. property files
Rename webwork.properties to struts.properties and change all occurences of 'webwork' to 'struts' in the property file
multipart parser set to jakarta which replaces com.opensymphony.webwork.dispatcher.multipart.CosMultiPartRequest
change ui templateDir to admin/themes/struts

Note that the conversion property file is still called xwork-conversion.properties

***NOTE that in struts.properties, set struts.i18n.encoding=UTF-8, otherwise it will cause problem in working with dojo contentPane. By default, struts will use charset CP1252 encoding for windows server and UTF-8 encoding charset for Linux.

5. validatiors.xml
Change all com.opensymphony.xwork to com.opensymphony.xwork2, and the DOCTYPE must be defined to avoid SAXParser exception. It is allowed for webwork though.

6. Action classes
Imported package name: com.opensymphony.xwork change to com.opensymphony.xwork2 and com.opensymphony.webwork change to org.apache.struts2
Class Configuration is changed to DefaultSettings. It seems that Struts 2 provides better support in custom property config setting
AroundInterceptor is removed from xwork2, use MethodFilterInterceptor instead.

7. On all FreeMarker ftl pages
Rename webwork tag prefix @ww. to @s.

8. FreeMarkerManager, ActionSupport API
Change OgnlValueStack type to ValueStack in parameter list.

9. FileUpload
The random generated file names such as xxx.tmp is used and the files are stored in a upload folder on the server when we upload the files. So the features such as install cartridge, script agent builder are broken because they will get the random generated file name instead by calling File.getName() or File.getAbsolutePath(). To obtain the original file name, MultiPartRequestWrapper provides a method getFileNames() method, and for FileUploadInterceptor, the file name is injected.

Tuesday, August 14, 2007

JBoss / JMX

- JBoss architectural layers: JMX microkernel, service layer, aspect layer, application layer

- JBoss server and container completely uses component-based plug-ins. The modularization is supported by JMX.

- JMX is the best tool for integration of software. It provides a common spine (or common bus) that allows the user to integrate modules, containers, and plug-ins. Components are declared as MBean services that are then loaded into JBoss and subsequently be administered using JMX.

- JMX is an isolation and mediation layer between manageable resource and management systems. Resources use JMX to make themselves manageable by a management system to ensure high availability and utilization.

- JMX is an internal instrumentation API.

Monday, August 13, 2007

Java Security

- Codebase + signer = Code Source
In java policy file, the code source associate various permissions to create protected domain.


grant signBy "sdo", codeBase "http://www.oreilly.com/" {
permission java.io.FilePermission "/tmp", "read";
permission java.lang.RuntimePermission "queuePrintJob";
};

The default policy for all JVM in $JREHOME/lib/security/java.policy; And by default the sandbox for java applications is initially disabled.

- KeyStore (code signing)
The certificates are held in a location (usually a file) called the keystore. For developer, keystore is consulted to find the certificate used to sign your code; For end user or system admin, the keystore is consulted when you run signed code to see who actually signed the code.

- Certificates
Two types of keys: asymmetirc (private/public key pair) and symmetric (secret key). Certificates are used to authenticate public keys; when public keys are transmitted electronically, they are often embedded within certificates. It is issued by well- know entity (Certificate authority, or CA). The certificate contains a digital signature of the CA. So we have a bootstrapping problem here - how do we obtain the public key of the certificate authority to authenticate the certificate itself?

Friday, August 10, 2007

MySQL Admin

- MySQL
By default, the user cannot connect to mysql db remotely. To enable remote access to a mysql db, suppose the user connect from host IP 10.4.115.211


c:>mysql> mysql --user=root --password=mypassword
mysql> grant select,insert,update, delete on db_name.* to user_name@10.4.115.211 IDENTIFIED BY "user_password";

mysql>show schemas;
mysql>show tables;
mysql>show columns from tbl;

mysql>select * from tbl into outfile 'C:/myexport.txt';

mysql>select * from tbl\G; // the option \G format the output

Wednesday, August 8, 2007

WebWork value stack & Interceptor

The value stack is central to the dynamic context-driven nature of webwork. A stack of objects against which expressions can be evaluated to find property values dynamically, by searching for the first object (from the top of the stack down) that has a property of that name. WebWork builds up the value stack during execution by pushing action onto stack (so action property is available to expressions in view pages). Note that not property itself but the contained object in the stack.

It provides a convenient way to expose common values such as security permission to the front-end. Creating a custom interceptor SecurityGateInterceptor, which push a secInfo object into the value stack, then all the properties available through getxxx() in SecInfo object will be exposed to all the view pages.

Relate methods are: context.getValueStack.push(obj); context.getValueStack().findValue("propertyName");

Interceptors are conceptually the same as servlet filters and JDK's Proxy class. They provides a way to supply pre-processing and post-processing around the action. With it, we can do dependency injection using a combination of set injection and interface injection. With the assistance of interfaces such as PrincipalAware, SessionAware, etc.