|
|
Heated discussions around net filtering has been going on in Austria. And given Google’s recent pulled out, I started to wonder why is there a lack of discussions around an easy way to bypass these content filters. Here I would like to provide a simple techniques using Apache server that allows you to access the websites that you would like to access.
Reverse proxy with Apache server
Most people think about Apache server as a web content server only, however, it has been maturing its system for some time and does provide a lot of out-of-box features such as virtual host, Http header rewrite, URL rewrite … etc. One of the key features that we can take advantage is its proxy feature. Continue reading …
Software documentation should be written for specific audience. Understand what your audiences care for is vital to important to determine what information is required. Traditionally, most documentation is done in huge MS Word document. However, most people lost interests when a huge document is presented and also more importantly, the document is more likely to be out-of-dated as soon as you deliver it. If this is not the case, it also make maintenance of the document very difficult if not impossible.
Solution architecture
Solution architecture document are meant to be produced to give an overview of what it is that we are trying to achieve. It should outline the requirements of the solution is satisfying, overall architecture, and some of the challenges and design decisions that was made.
Continue reading …
Cross Site Scripting
Cross site scripting (XSS) is a security vulnerability found in websites where malicious attackers inject malicious javascripts to steal information from users accessing the websites. This type of attack usually take advantage of defects in websites that have minimum checking on user inputs hence allow attackers to put malicious code onto the websites.
There are a few types of attacks
1. Non-persistent, where attackers put malicious code in the request, resulting in the destination page executing the code. Even though this seems harmless (because it seems like the attackers can only attack the page he is viewing himself), however, attackers can put the malicious code inside a hidden frame on his/her own websites and once the user visits the website, the malicious code is executed without user knowing, and therefore steal visitors information.
For example, I could have hide the code of this link inside a hidden frame and submit the cookie back into my server.
2. Persistent
Very similar technique are applied here, but this impact is much more wide spread and serious. This is because attackers are able to embed malicious code into the content of a prominent website. Websites that allows people to post HTML contents usually suffer from this vulnerability.
Continue reading …
Business these days need to allow customers to personalise the services they desire. Similiar trends have taken off with websites that opened up their platform to allow businesses and developers to be creative on how they utilise the platform. Here are some of the platforms the help you expand you online presence.
Widget distribution platform
Widgets have gained popularity as they could live on either a desktop, or websites. Popular desktop widget engines are
- Apple dashboard
- Windows gadget
- Google desktop widget
- Yahoo widget
If your organisation have a strategy to distribute mini tools on to your client’s desktops, there are services that help you achieve this.
Continue reading …
Defining Enterprise Architecture Strategy
It is often an enterprise architect’s responsibility to work with the business stakeholders to define an enterprise strategy that fits into the over strategy of the organisation. Using the TOGAF architecture development method, the enterprise architect will work with the business to define
- (A) an architecture vision,
and go through the series of processes to thoroughtly define
- (B) the business architecture; the business process and organisation structure, roles and responsibilities
The information architects and the technology architects will assist the enterprise architects and the business stakeholders to define
- (C) the information system, data and application architecture; the data model, domains and applications involved
- (D) the technology architecture; the technology choice, development methodology
A few of these so call “strategy” may form to deliver the overall architecture vision.
(Source: The Open Group Architecture Framework)
Continue reading …
Proper MVC with JSF
Most Java web frameworks were designed with MVC in mind, however, JSF is probably one of the only few that achieved the goal. Combining JSF with JBoss Seam and Facelets, a developer can implement the MVC design pattern by using
- JBoss Seam POJO bean, representing the data model
- JBoss Seam action bean, representing the controller, where the business logic is implemented, and where the data access layer is implemented
- XHTML Facelets, representing the view.
It is a true MVC implementing because the JBoss Seam POJO bean acts like a DTO to allow read/write of data. The JBoss Seam action bean is used for manipulating the data object, and the XHTML facelets only renders the data that were “pushed” into the Seam beans.
Continue reading …
An agile organisation
People often talk about the Agile software development approach as the ability to adapt changes and to take new requirements and to re-prioritise the deliverable.
I believe wholeheartedly in that agility is the key to the success of any IT organisation. But what is agility and how do we achieve agility in IT, given there are so many books and SDLC process out there discussing this topic? In my experience over the years, the degree of difficulties in achieving agility is largely depending on how the business team (whether it’s the entire organisation or a small department) understands and manages changes. Putting my business head on and looking at IT, agility is all about how do I control(increasing/reducing) the budgets approved for IT overs the life of a project.
Agile software estimation
Software estimates directly correlates to the cost and timeline of a project. The estimation changes throughout the life of a project are caused by
- removing the unknowns
- introduction of the changes in scope/directions
To provide an “educated guess”, here are some of the strategy that I have been using
Continue reading …
I was browsing the net trying to learn from some experienced architects about implementing an architecture framework. Interestingly, I came across a few blogs and tweets talking about what enterpise architecture is and what it is not. The article that sparks the discussions were a research published by Gartner, “Gartner Identifies Ten Enterprise Architecture Pitfalls” (funny enough for a big organisation like, Gartner, they don’t know how to use friendly url). Discussions on the tweets are summarised on this page, and here are a few I found very true:
aleksb6: Re: EA Pitfall List #3: Modified waterfall planning: “we have 2 wait 4 biz to define their strategy before we can start!” #eapitfall
malcolmlowe: EA pitfall – EA is just about technology #eapitfall
mcgoverntheory: Most developers have no clue what project plans even say.Why bother to read them. 90% done, 2 years remaining on 6m project #pmp #eapitfall
Continue reading …
Maven is the de facto tool for JEE application build and dependency management. Most developers are familiar with how to use it, mainly for its artifact dependency management.
Simpliest Setup
A simple maven 2 pom looks like below
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>com.kole.component</groupId>
<artifactId>example</artifactId>
<packaging>jar</packaging>
<name>example component</name>
<version>1.0.0-SNAPSHOT</version>
<description>example component</description>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.0</version>
</dependency>
</dependencies>
</project>
Usually this will sit under a directory structure of
/project
-/src/main/java
-/src/test/java
-pom.xml
Modular Setup
In most real world projects, there are usually more than 1 software modules within each applications. In a standard JEE project, the application are created as a combination of components/utilities where each of them is built to satisfy a specific requirements.
Continue reading …
|
Donation Your help can keep this blog going a long way.
|
