Wednesday, March 05, 2008

Sun Tech Days Sydney - Day 2 (5 March 2008)

I blogged about the first day here. A lot more happened today, or so it appeared to me. I saw the most jaw-dropping piece of technology demonstrated today, but you'll have to wait a bit to hear more about it.

Sang Shin spoke about AJAX and Web 2.0 technologies. Sang has a wonderful blog at http://www.javapassion.com. This site is chock full of detailed courses on major Java technologies, all generously made available free of charge. His presentation today was based on some of those courses. It was hard for him to do justice to the depth of the topic in just one hour, but I'm sure his blog and the courses there will provide hours of useful instruction to anyone interested in exploring them in detail.

One of the useful tips I picked up while watching his demo was how to use the Firefox extension Firebug. This lets you monitor AJAX traffic, among other things.

The next session I attended was by a person from Atlassian. This session was on Grails. Now, I'd heard of Grails, but didn't quite know what it was all about. I assumed it was a very different technology from Java, something like Ruby on Rails. Only half right, as it turned out. Yes, the technology was inspired by Ruby on Rails, but it's based on Java technology. To be precise, it's a software stack consisting of Java, Groovy, Spring, Hibernate and HSQLDB.

It's a little hard to describe what Grails is. Those who attended Ben Alex's talk early last year on the coming Spring project tentatively called ROO (Real Object Oriented) will have a fair idea of what I'm talking about. Grails seems to have everything that ROO promised (but hasn't yet delivered on). It's a toolset that lets designers build applications based on the principles of Eric Evans's Domain-Driven Design, and it works very hard behind the scenes to build all the infrastructure required to make the domain objects just work. Persistence, a RESTful web interface, test cases, - all get automatically generated. An increasingly common theme that I'm hearing pervades Grails - "Convention over configuration." In other words, if you stick to standard naming conventions for things that you create, the system will make it very easy for you to build a working application with a minimum of coding.

That's the jaw-dropping technology I talked about at the beginning of this post. Grails is a developer's dream. One can knock together working code in minutes. InfoQ has a Grails guide and example code which I intend to work through as soon as I possibly can. I would recommend Grails to all Java developers looking for the next burst of productivity. Best of all, Grails applications can be exported into standard war files and run on standard app servers, so there is no need for any new run-time technology.

Funny how one can be searching for months for a productive development environment that lets you build applications rapidly yet correctly, and then one fine day, it comes up and hits you between the eyes. Praise the Lord! I intend to use Grails to illustrate concepts with working code from now on. I'll blog about my experiences with Grails as I get some experience with it.

(I also liked Atlassian's byline: "Where VB is only in the fridge.")

Lee Chuk-Munn presented next on JavaDB. This is, of course, the much-renamed Cloudscape/Derby pure-Java database that takes up all of 2 MB of space and supports database sizes of up to 700 GB. It is thread-safe and therefore OK for multi-user use, but is positioned as best for use as an embedded database. Since new owner Sun has to juggle other databases like MySQL and PostgreSQL as well, I suspect that the recommendation to use JavaDB for single-user or embedded use has more to do with positioning than with the actual limitations of JavaDB. Too many capable technologies (Linux, MySQL and Tomcat, anyone?) have been unfairly treated as toys in the past for me to swallow such a recommendation.

JavaDB has stored procedures, triggers, functions, built-in XA (distributed transactions), encrypted databases, crash recovery, etc. It also supports JDBC 4.0, with autoloaded drivers, scrollable and updatable ResultSets, better support for CLOB, BLOB, ARRAY and STRUCT, chained exception handling and XML datatype support. The only enterprisey thing JavaDB lacks at the moment is replication, but a basic version is said to be coming in version 10.4.

A very neat feature of JavaDB is the ability to place an entire database inside a jar file on a USB stick for use as a read-only database.

Another neat feature is the ability to define stored procedures in Java rather than a dialect of SQL. The actual command to create the database procedure merely references the Java static method.

Lee showed us examples of how JavaScript and Java may enjoy bidirectional communication using the long-presumed-dead applet technology. He also showed us Java/JavaScript code to demonstrate client-side persistence using embedded JavaDB.

JavaDB is pretty cool, when you stop to think about it. Relational database technology has been a big yawn for a few years now, but things like this make me sit up and take notice.

Carol McDonald spoke about JSF, AJAX, Woodstock, etc. I'm not terribly interested in JSF and would much rather it simply died. I'm not a big fan of web frameworks because I think all thin-client architectures follow a common design anti-pattern. My money is on SOFEA. Still, JSF is something that refuses to go away. Among the goals for the next version of JSF (2.0) is the now-common refrain "Convention over configuration".

After that were two sessions on security. They covered the usual ground, with nothing very spectacular that caught my attention.

A few tidbits from Raghavan "Rags" Srinivasan's session:
1. C14N stands for "canonicalization", the process of rendering XML documents into a common format (i.e., especially differing use of whitespace, which could otherwise play havoc with cryptographic techniques to detect tampering).
2. SAML can be used to make 3 kinds of assertions:
a) Authentication assertions ("This person (or program) is so-and-so.")
b) Attribute assertions ("This entity has the following properties.")
c) Authorisation assertion ("This principal may read data but not update it.")

OpenSSO
is Sun's identity management solution. You may download and try it.

There was another talk on SOA security from a person from a company called Layer7. This was more high-level with no code.

The contents of all lectures will be put up on the Sun Java Tech Days website anyday now.

There was an OpenSolaris Installfest going on in the registration/catering hall, and they were giving out CDs and guidebooks. I'm definitely going to try and install OpenSolaris and report on the experience.

Today marks the end of the official Sun Tech Days conference, but tomorrow is a set of community events, which also I plan to attend.

I've been invited to drop by the GlassFish booth tomorrow to discuss my difficulties with the server.

No comments: