Are you the publisher? Claim or contact us about this channel

Embed this content in your HTML


Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog

    0 0
  • 06/06/12--07:33: Doing more as a Programmer
  • In this post I want to write about my first talk titled Doing more as a Programmer. This presentation is about maximizing your value as a programmer by enhancing the way you interact with yourself, your surroundings, with community and to your career.

    I have attached the presentation here, it is available on SlideShare.
    I had fun presenting it in my office, hope you will enjoy it too.

    0 0

    Recently I have experimented with hibernate cache. In this post I would like share my experience and point out some of the details of Hibernate Second Level Cache. On the way I will direct you to some articles that helped me implement the cache. Let's get started from the ground.

    Caching in hibernate

    Caching functionality is designed to reduces the amount of necessary database access. When the objects are cached they resides in memory. You have the flexibility to limit the usage of memory and store the items in disk storage.The implementation will depend on the underlying cache manager. There are various flavors of caching available, but is better to cache non-transactional and read-only data.

    Hibernate provides 3 types of caching.

    1. Session Cache

        The session cache caches object within the current session. It is enabled by default in Hibernate. Read more about Session Cache. Objects in the session cache resides in the same memory location.

    2. Second Level Cache

         The second level cache is responsible for caching objects across sessions. When this is turned on, objects will be first searched in cache and if they are not found, a database query will be fired. Read here on how to implement Second Level Cache. Second level cache will be used when the objects are loaded using their primary key. This includes fetching of associations. In case of second level cache the objects are constructed and hence all of them will reside in different memory locations.

    3. Query Cache

    Query Cache is used to cache the results of a query. Read here on how to implement query cache.When the query cache is turned on, the results of the query are stored against the combination query and parameters. Every time the query is fired the cache manager  checks for the combination of parameters and query. If the results are found in the cache they are returned other wise a database transaction is initiated.  As you can see, it is not a good idea to cache a query if it has number of parameters or a single parameter can take number of values. For each of this combination the results are stored in the memory. This  can lead to extensive memory usage.

    Finally, here is a list of good articles written on this topic, 

    1. Speed Up Your Hibernate Applications with Second-Level Caching
    2. Hibernate: Truly Understanding the Second-Level and Query Caches
    3. EhCache Integration with Spring and Hibernate. Step by Step Tutorial
    4. Configuring Ehcache with hibernate

    0 0

    As a typical Java developer I never monitored the memory usage of my application apart from following typical best practices like closing the connections, streams etc.. Recently we were struck with few issues in our JBoss servers that I had to dig in to the memory management. 

    One of the best thing in java is that the developers are not required to handle the memory allocations when the objects are created. The JVM does that for us. Most of the time we just need the outer layer knowledge of heap memory and garbage collector. I will share some really interesting investigations that I had. I is a huge topic and I am writing from a point of view of a web application developer, what all minimum I thought we should understand about it.

    The Tools

    There are number of good tools available to profile the java applications some of them are,

    1. Your Kit Java Profiler

    2. JProfiler 
    3. Eclipse MAT
    4. Visual VM

    Out of these Your Kit and JProfilers needs licences and others are free to use products. We are going to use VisualVM. It is a simple yet powerful tool and comes bundled inside the JDK. It has power list of plugins that you can download and use. To start using VisualVM, go to your <JDK_HOME>\bin and run the jvisualvm.exe. I found the below articles it useful to get going. 

    1.Profiling With VisualVM
    2.VisualVM performance tuning tool
    3.How to Get VisualVM to Profile JBoss Without Crashing

    Since we are talking about memory here make sure you install the Visual GC plugin on the VisualVM as told in this article.

    Setting the stage - JVM Memory Structure

    The JVM Memory is divided in to 3 parts as shown in the below image. In our applications we are concerned about the Heap Memory. We can input this value to JVM using the parameters,

    -Xmx<size> - to set the maximum Java heap size
    -Xms<size> - to set the initial Java heap size

    JVM Memory Structure

    The non-Heap memory stores per-class structures such as runtime constant pool, field and method data, and the code for methods and constructors, as well as interned Strings.

    Here is a nice article with more details on the JVM memory sizes. Read Javin's article on JVM Heap space here

    The one common confusion is about the stack memory and heap memory. This is well explained here.Stack values only exist within the scope of the function they are created in. Once it returns, they are discarded. Java only stores primitives on the stack. This keeps the stack small and helps keeping individual stack frames small, thus allowing more nested calls. Objects are created on the heap, and only references (which in turn are primitives) are passed around on the stack.

    Now, Lets get real. Given below the image from Visual GC, a plugin inside the VisualVM as told earlier. We see many graphs here a detailed decription of the output is available here

    The Game begins - What happens when the application runs

    When the objects are created, they reside inside the Eden. When the Garbage collector(GC) runs, if the object is dead (means they are no active references) it is flushed out otherwise they are moved to S1(Survivor Space 1) or S2. This is called a GC cycle. Internal GM algorithm decides the frequency of the GC cycle. Eden + S1 + S2 section of Heap memory is called as Young generation. Objects that survives a fixed number of GC cycles are moved in to Old Gen space. Most number of java objects die as infant and never reach Old Gen. This typically includes local variables which are flushed after the methods are executed.

    The frequency of GC cycles inside the Old Gen is much lesser than Young Gen. Typical examples of Old Gen objects are singletons, cached objects and other application wide used data.

    When things do not go as per the plan

    In a typical application there will be less variation inside the Old Gen space. If the Old Gen space grows linearly with time even after the GC cycle that would lead to a OutOfMemoryError. This might be a indication of a memory leak inside the code. However we might need to use a profiler to find out the exact reason for the same. Here is a Dzon article on some of the Causes of Java EE Enterprise Performance Problems.

    These are the basic building blocks of how JVM memory is organized and reacts when the application is executed. From this point there are lots of topics including tuning the memory parameters and garbage collector. I will add some of the useful resources related to this.

    1. Java Performance Tuning, Profiling, and Memory Management
    2. InfoQ Presentation : Diagnosing Web Application OutOfMemoryErrors
    3. InfoQ Presentation : Everything I Ever Learned about JVM Performance Tuning @twitter
    4. InfoQ Presentation : Extreme Performance Java  
    5. Java theory and practice: Garbage collection and performance

    0 0

    In this post I would like to write on how to succeed in a technical interview based on my experience as an interviewer. Most of the interviews follows some patterns. If you understand it and frame your response in the same way you can clear any interview. If you don't know stuff this might not help you, but if you are prepared, this article will help you show of your full potential.

    If you are skillful the only reason you can loose an interview is by lack of preparation. You may know all the stuff but you still needs to prepare by reading books, article etc.. Theses may not teach you anything new but will help in organizing things that you already know. Once you have organized information it is really easy to access it. You should read not only for interviews, make it a practice and get better at your job.

    Most of the time interviewer is looking for a candidate who can work with him. The vacancy may be in other teams but they use this parameter to judge. Mostly this article contains general tips. These are targeted for 2 to 6 years experienced candidates.

    1. Be honest and don't bluff

    Answer what you know, confidently. If you have been asked a question that you don't know, Start by telling "I am not sure, but I think It is .....". Never tell a wrong answer confidently. That will make them doubt your correct answers also or may feel that they were guesses. You can't use this technique for every question, but I would think 25% is a good amount. Most importantly this shows your ability to think and a never die attitude. No one wants to work with people says "I can't do this". Try to do some thing about all the questions.

    2. Be ready to write Code

    If you are been asked to write some code, be careful and follow some basic standards. I heard people telling me "I forgot the syntax..." and this for the syntax of a for loop. No one expect you to remember everything but basics like looping, if conditions, main method, exceptions are never to be forgotten. If you did, brush them up. Always write the code with good indentation using lots of white spaces. That might make up for your bad handwriting!!

    3. Get ready to explain about your project

    As engineers you have to understand the business before you start code it. So you should be able to explain what is being done in your project. Write down 3-4 lines that will explain the project in high level. By hearing the lines some one out side your team should get an idea about it. Because we always works inside on features, most of the time it is difficult to frame these. Check your client's internal communications how they are marketing and get some clue from it. Practice what your are going to say with friends make make sure you are on to the point.

    Once you have explained about the business needs then you will be asked about the technical architecture of the project. You have to be prepared with a architecture diagram that shows how the interaction of components in your project. It don't have to be in any specific UML format, but make sure you can explain stuff relating to the diagram you have drawn. For example if you are working in a web application show how the data is flow from UI to DB. You can show different layers involved, technologies used etc.. The most important part is you should be clear in your mind about what you are currently working on. 

    4. Convert arguments to conversation

    Even if you know that that person is wrong do not argue and try to continue the conversation saying "Ok, But I am not so sure if that is correct, I will check that out". This keeps the person in good terms. Be an active listener during the interview use reference to your experience when you are answering. 

    5. Be prepared for the WHY question

    Good interviews focus on the question "Why?". It might start with "What" but will end in "Why?". For example in Java typical question would be "What is the difference between String and StringBuffer?". A follow-up why question will be like "Why is String has so-and-so" or "How is it done..?". Be ready to give inside information by answering "How?" and "Why" parts of he question.

    6. Tell about your best achievement

    During your work there might be something that you consider as your best achievement. It is important to describe it in such a way that interviewer feels that you have did something extraordinary there. So, prepare a believable story on how your abilities helped you complete that task. It is important to prepare this because it takes time to dig your memory and find situations.

    7. Do you have any questions for me?

    This question gets repeated in every single interview. Here you don't actually care about the answers; but you should make yourselves look good by asking "smart" questions. This article will help you in this.

    0 0

    Last week I was trying to create a report using Jasper. In this post I will document some of the resources and links so that it will be useful for any one looking for similar information. I will cover life cycle of Jasper reports, examples and Dynamic Jasper. 

    The Jasper Reports is the world's most popular open source reporting engine. It is entirely written in Java and it is able to use data coming from any kind of data source and produce pixel-perfect documents that can be viewed, printed or exported in a variety of document formats including HTML, PDF, Excel, OpenOffice and Word.

    JasperReport Life Cycle

    As in the image the life cycle has 3 distinct phases,

    1. Designing the Report

    In this step involves creation of the JRXML file, which is an XML document that contains the definition of the report layout. We can use the either iReport Designer or a text editor to manually create it. Using iReport Designer, the layout is completely designed in a visual way, so you can ignore the real structure of the JRXML file.

    Here is the detailed tutorial on designing a report using iReport. We can also use Dynamic Jasper described later in the article to design a report.

    2. Executing the report.

    Before executing a report, the JRXML must be compiled in a binary object called a Jasper file(*.jasper). This compilation is done for performance reasons. Jasper files are what you need to ship with your application in order to run the reports. Once the report is compiled it is filled with data from the application. The class net.sf.jasperreports.engine.JasperFillManager provides necessary functions to fill the data in the reports.

    The report execution is performed by passing a Jasper file and a data source to JasperReports. There are plenty of types of data sources, it's possible to fill a Jasper file from an SQL query, an XML file, a csv file, an HQL (Hibernate Query Language) query, a collection of Java Beans, etc... If you don't find a suitable data source, JasperReports is very flexible and allows you to write your own custom data source.

    JasperFillManager.fillReportToFile( "MasterReport.jasper" , parameters, getDataSource());

    This operation creates a Jasper print file (*.jrprint), which used to either print or export the report.

    3. Exporting to the desired format

    Using the Jasper print file created in the previous step we shall be able to export it into any format using JasperExportManager. Jasper provides various forms of exports. This means with the same input we can create multiple representation of the data. Jasper inernally uses different APIs to create documents. But these complexity are hidden by the simpler JasperExportManager.

    JasperExportManager. exportReportToPdfFile( "MasterReport.jrprint" );

    In a nutshell the life cycle can be summarized in the below image

    Image from Ramki Tech

    References and other good articles on Jasper Reports Life Cycle


    I have found it really hard to find a working example of Jasper report. But it is right there inside the package shipment!. Once you have downloaded the Jasper Library go to demo\samples, you will find a lot of sample programs. Many of these needs a working HSQL DB connection, to activate it go to demo\hsqldb and start the server. Every folder has a readme.txt file which will help you in understanding how to run it. All the examples can be executed using ant tasks.

    Here is a list of few other sources.

    Simplify report creation using Dynamic Jasper

    DynamicJasper (DJ) is an open source free library that hides the complexity of Jasper Reports, it helps developers to save time when designing simple/medium complexity reports generating the layout of the report elements automatically.

    The project homepage provides lots of examples and code snippets on how to use the library. I have been using it for some time and it is a pretty stable replacement for the JRXML file.While using dynamic jasper the report design is coded in Java. Which means every time the report is compiled, filled and exported. By using dynamic jasper we are replacing the first step in the above mentioned jasper life cycle. Even with dynamic jasper you need the jasper library and other dependent files.

    Here is some more examples of Dynamic Jasper usage.

    0 0

    Planning to start something new in this year? You can try online learning!!. Online education is gaining popularity over the last few years, as it should. I have tried few of them last year and will share my experience with them in this post. Since I am a software developer we are going to focus on the materials related to it.

    So, here is a list of 15 sites that you should visit before you make you make your choice. I have not used much on all of them, but worth a spending some time. The italic text below the title are taken from the respective sites. The order of names are arbitrary and does not carry any significance.

    OCW makes the materials used in the teaching of MIT's subjects available on the Web.

    Add caption

    2. Coursera

    We are a social entrepreneurship company that partners with the top universities in the world to offer courses online for anyone to take, for free. We envision a future where the top universities are educating not only thousands of students, but millions. Our technology enables the best professors to teach tens or hundreds of thousands of students.

    3. Khan Academy

    Learn almost anything for free

    6. Code School

    Code School teaches web technologies in the comfort of your browser with video lessons, coding challenges, and screencasts.

    Whether you are completely new to coding or a developer looking to learn a new language, LearnStreet courses make it engaging and fun to create with code. Our interactive courses are designed to help you learn by actually writing real code and getting immediate feedback. is a video tutorial web site offering cutting edge programming and computer tutorials. We specialize in focused and linear content. WiBit is a great place to start learning how to program, or to pick up new skills even if you've been at it a while.

    Solve interesting challenges and also get connected to amazing tech companies if you are interested. Join in to be among the elite group of talent in the world.

    10. PeepCode

    Specialize in screencast tutorials for professional web developers and designers. Learn advanced Ruby, JavaScript, Ruby on Rails, Node, Git, Design, and connect with developers you admire in our popular Play by Play series.


    At P2PU, people work together to learn a particular topic by completing tasks, assessing individual and group work, and providing constructive feedback.

    0 0

    This post is about 5 things that I am planning to do this year. I have created it for me to track my progress then thought it can be a good direction for anybody similar.

    1. Create an application using a NoSQL Data store and connect it with Java

    If you have yet not understood the NoSQL databases its the best time. Lots of choices on the NOSQL side, may be MongoDB or Hadoop can be a starting point. We can create applications using Spring Data or the native Java adapters to connect to the Data Store.

    2. Get the first app on Java PaaS on Cloud and ask your 5 friends to use it.

    You have many platforms available including Openshift backed by JBoss and Redhat , CouldFoundry backed by Spring source and VMware. Cloud is the future of application deployments and Software as service gaining more popularity. From a developer point of view nothing really changes apart from the configurations and deployment.

    3. What really is Software Design?

    Read the GOF Design Pattern catalog and Search your project for the usage of it. If you are not using them check if you have similar patters. If you have a Java enterprise application you can check for Java EE patterns. Take a existing use case and think of possible alternative implementations.

    4. Learn a new Programming Language and create a sample project

    I think here you have 2 broad choices, Ruby or a JVM functional language. There are a number of functional languages available. It will help you become a polygot programmer.

    5. Contribute to the community

    You should be doing it already if not it is the time to start. There are a number of ways including Community Forums, Stack overflow or write a blog
    on how your leanings.

    0 0

    I have been looking in to NoSQL databases for few months and would like to share my experience with it. This is a post might help you if you indent to start learning about the NoSQL Databases. I would try to link the resources which I found useful here.

    Step 1: What is NoSQL?

    NoSQL DEFINITION: Next Generation Databases mostly addressing some of the points: being non-relational, distributed, open-source and horizontally scalable. The original intention has been modern web-scale databases. The movement began early 2009 and is growing rapidly. Often more characteristics apply such as: schema-free, easy replication support, simple API, eventually consistent / BASE (not ACID), a huge amount of data and more. So the misleading term "nosql" (the community now translates it mostly with "not only sql").

    As seen on

    Martin Flower'sNoSQL page is a good starting point. His below talk on Goto Conference explains the need and structure of NoSQL data stores. Martin and Pramod has written a book titled  "NoSQL Distilled: A Brief Guide to the Emerging World of Polyglot Persistence"  and is a good read. It summarizes his talks and other blog post into a book.  Martin has been an influential speaker on this topic and has written number of articles on this. I have read and seen many introductions but his work helped me to get things in to my head.

    If you likes to view the slides, then the below presentation by Tobias Lindaaker on slideshare might inspire you. He gives similar ideas.

    MongoDB has an online course MongoDB for Java Developers  which is really useful if you are interested in trying out things.

    Step 2: How and for what are NoSQL used in Real world?

    Once you have some idea, try to find the usage patterns. The above presentations will give lot of information on how these systems are used. You could go through the below links, which explains how specific business problems are solved using NoSQL. This is important because we could easily relate the case studies and get more insights into the capabilities of these systems.

    1. MongoDB Customers page.
    2. Powerd By Haddop 
    3. Neo4J Customers Page
    Step 3 : Find Usage Patterns that you could work on!

    Once you have reached this point, you should try and implement the concepts. Look back at the application that you are working on and see if there is a need for an alternative data store. Do you store Product recommendations? Do you have issues with heterogeneous data? Can your application compromise ACID model for scalability? Do you store XML files or Images on you relational DB?  These are some of the questions that you could ask. This way you could determine if there is a serious need of a investigation for a alternative persistence mechanisms. This  is in no way means removing the RDBMS completely but moving to a polygot structure of data stores.

    If there is no opportunity to try out these concepts in your work, you could create your own test projects and implement them. This way you would encounter problems and will learn from them.

    0 0

    Most of the enterprise Java applications share some similarities in their design. Mostly the packaging of these applications are driven by the framework used by them like Spring, EJBs or Hibernate etc. Alternatively you can group you packages by features. Like any other item regarding modeling this is not free from any issues. Lets discuss some trade-off and how get around them. In this post we will discuss the pros and cons of both approaches against common usage scenarios.

    Package By Layer (PBL)

    This is a the first thing that developers do when the create an enterprise application in to split it to number of layers like DAO, SERVICE, VIEW etc.. This gives nice separation of code when we use different frameworks at different layers. For example if I were to use Hibernate, Spring and JSF, then I will have all my Hibernate dependent code in the DAO layer and JSF related code in the VIEW Layer. This is sort of good in case I need to migrate to a new framework only at the view layer or DAO Layer.

    Package By Feature (PBF)

    Package-by-feature uses packages to reflect the feature set. It places all items related to a single feature (and only that feature) into a single directory/package. This results in packages with high cohesion and high modularity, and with minimal coupling between packages. Items that work closely together are placed next to each other. They aren't spread out all over the application.

    This also increases coherence as a large percentage of a the dependencies of a class are located close to that class.

    Comparing the approaches

    Let me compare both the approaches in below dimensions.

    1. Adding a new Feature.

    In case of PBL code has to be added to VIEW, SERVICE and DAO Layers and it can be tedious. PBF solves this problem by grouping all the code related to same feature in to a single directory.

    2. Changing a framework used.

    As discussed already PBL makes it easier to change a framework as all the related code are kept at same place. Here we know exactly the scope of the change and its impact. In case of PBF we need to dig into all the feature set to see the framework related classes.

    If you choose to migrate the framework module by module, then it could be argued that PBF is better than PBL.

    3. Code Navigation.

    As developers needs to work on the features most of the time using PBF is easier for code navigation. When you know exactly know what has to be done its not much advantage.

    4. Keeping the Common Code.

    Every application will have some components which will be reused across the features ie, the features are not always exclusive. In such case if we package all the features separately the interactions between them can be quite messy. As a general principle we need to reduce such interactions and increase the cohesion inside the package. We can get around the situation be adding such entities to a common package. This approach is used in many projects including Hibernate.


    Most application will have 4 types of classes. ie,

    1. Domain Objects
    2. Business Services
    3. Data Retrieval Logic
    4. Data Representation Logic

    If we use PBF it gives us a good structural representation but does not give any functional representation. We need our architecture to resemble the problem domain. So its better to use Package By Feature style. We could internally classify the classes by using naming conventions like MyFeatureDAO or MyFeatureService . This way we could communicate the intend of the classes.

    I have found some discussions on this topic and hope that might also help you choose.

    0 0

    I have finished reading the book titled "NoSQL Distilled: A Brief Guide to the Emerging World of Polyglot Persistence" written by  Martin Fowler and Pramod J. Sadalage recently and thought of a writing short review. First of all it short book and you can run through the pages fast. As the title says, the book is really an introduction of No SQL databases.

    It was..

    The number one reason for the use of NoSQL databases is not performance and should be our use case. This means if our data model does not fit well in to the relational model, rather than twisting the data we can choose alternate data stores. This is absolutely critical if you want NoSQL to be used in most of the mid sized enterprise applications.  Also companies will start to believe that they should consider NoSQL it even if they are not Google or Amazon. 

    Normally the technology books written by its creators of it will only focus on the advantages of using it. It can be quite an issue if you do not do proper research before choosing your application architecture. Since both Martin and Pramod do not belong to this category, they does a fair evaluation of various choices available to us. The section which says where to use it and where not to use is particularly impressive on that front.

    Even though the book is selling you a new idea of NoSQL databases, it does not plays down the significance and importance of existing RDBMS. The book also brings light to some of the fundamental trade offs in the world of data stores like  consistency, availability and performance.

    and is also..

    When I was reading the book I thought that Polygot persistence is about using multiple data stores in same application depending on the use cases. But authors also seems to suggest that applications should wrap around the data stores with services ( like web services or REST). If we need to do this ideally we could only have one data store accessed by one service. Which would conflict the first statement. I am not sure about the reverence this question but I would love to have read more about using the different data store in the same application and its pros and cons.

    I mean to say, 

    This is a very great book if you are  looking get in to wild jungle of NoSQL databases. The authors does a great job in giving the brief introduction and making sure the basics are covered.

    0 0

    Recently I was reviewing Gang of Four Design Patterns and created a Trello board for the same. Well, Here is how it look like!

    Hope it could be useful for others as well.

    0 0

    This post is a write up to my talk titled "How can Agile help you in clearing the technical debt?" presented at the Scrum Bangalore Meetup 2013. It was a short talk for 30 Minutes, So thought of a write up to elaborate the ideas on the slides.

    Defining Technical Debt

    As per Wikipedia, "Technical debt metaphor referring to the eventual consequences of poor or evolving software architecture and software development within a code base". Technical debt is most understood when it is compared with Cost of Change of software. More Debt means the cost of introducing a change in your system is more.

    The term Technical Debt was coined by Ward Cunningham in the year 1992. He used the term to explain to his manager about a particular refactoring which he wanted to do. Since he was working in the financial industry it was easy to communicate in terms of debt. Ward explains more about the metaphor here. The term is immensely popular in communication of the importance of code refactoring to the business and stake holders. Like financial debt technical debt is some times unavoidable but we should take steps to minimize it.

    As you can see in the above image when you have technical debt in your system you could either pay the interest or pay back the principle. When we do regular stories we do bit of "extra" work than what ideally needed due to the technical debt. This is an example of the interest payment. It is important that we take some time and effort to pay back the principle by refactoring and cleaning up of the code.

    Technical Debt in Agile Context

    The below principle from the list of agile principles was the best one I could find which refers to clearing technical debt "Continuous attention to technical excellence and good design enhances agility". In agile projects working software has a lot of emphasis but this in no way implies that the intrinsic value of software can be compromised. As we push for more and more features it is important that we take time to look back at the health of the application. So, make make sure that your agile projects do not become Fragile as it grows.

    There are lots of ways to deal with technical debt. I want to talk about 3 simple steps that we have tried in our projects.

    1. Tools - Your must have defense

    One of the major improvement with the agile development practices is the widespread usage of continuous integration (CI). Your CI environment should be configured to measure the health of the application. It should include the report from static code analysis and test coverage applications. SonarQube is a god platform where you can create a dashboard and see results from the tools mentioned above. It also has a plugin to view the technical debt. Apart from the tools you should be using good programming practices and guidelines.

    2. Negotiating with Product Owner

    The second techniques that we have tried to minimize technical debt is to negotiate with the product owner and take him on board in the technical improvements that we wanted to do.  You have to Use the opportunity of Change requests to clean up the functionality. We had a module in our application with lots of bugs. There was a major change request which was planned on that module. After much discussions we identified that it would be much easier to rebuild the module than fixing the issues. Once we rebuild the change request was 75% easier to implement compared to the old code.

    This means that we have to evaluate the possibility of refactoring with every opportunity and go for it when the time is right. It is the professional responsibility of a developer to communicate dept of technical debt in the application and we should take all steps possible to minimize it. 

    We can also have technical Stories in Release planning. Contrary to a user story, a senior developer should describe the success criteria of the story. This is another case where you need to get your product owner on board.

    3. Trying out new Stuff

    In our projects most things can be done multiple ways and we have to choose one of them. There are also situations where we are not sure about the complexity of the task performed and story point estimation is difficult. We can use spike to deal with such situations. A spike is an experiment that allows developers to learn just enough about something unknown in a user story, e.g. a new technology, to be able to estimate that user story. A spike must be time-boxed. This defines the maximum time that will be spent learning and fixes the estimate for the spike.

    A daemon thread is a low priority thread that is running on the operating systems. We have used the same strategy to do a major change in our application. It was upgrading our frameworks (Spring, Hibernate and Tapestry) to their latest versions. Since it is a time consuming activity, we do not want to stop everything else and work on it. So, we choose to keep doing it as a low priority tasks and it took us 10 sprints to complete. Since the team continuously delivered features during this period it was very easy to get the buy in from product owner.

    Useful Links:-

    Note:- There are many ways to define and minimize technical debt. I have discussed few ways that we have successfully tried. You can go through the above links to find more information and choose the best methods that suits you.

    0 0
    0 0

    Over the years I have been a panelist in many of the interviews for Java Developers. I have previously written a post titled Top 7 tips for succeeding in a technical interview for software engineers which covers few of the general guidelines. In this post I will share a mind map containing general topics covered in a Java developer interview. I have prepared this as a general reference for myself to remember the pointers and to keep a common standard across the multiple interviews.

    XMind gives a nice listing of the map. You can find the map hereHere is Image which you can download and use.

    Finally here is a old fashioned tabbed content list which is easier to copy paste.

    Interface - Abstract Class
    IS-A vs HAS-A Relationships
    Aggregation vs Composition
    Method overloading vs Method Overloading
    Compile time vs Runtime
    Creating threads
    Thread Transitions
    Marker Interface
    Shallow copy vs Deep Copy
    Map, List and Set
    Equals - Hashcode
    Legacy - Synchronized Classes
    Stack vs Heap Memory
    Garbage Collection
    Class loaders
    Checked Vs Unchecked Exceptions
    Exception handling best practices
    try, catch, finally, throw, throws
    String - StringBuffer - String Builder
    Java IO
    SAX Based & DOM Based
    JAXB - Java API for XML Binding
    Access specifier 
    Access modifier 
     Inner/Nested Classes
    JavaEE Basics
    Packaging the Applications
    SOAP, WSDL Webservices basics
    Contract first vs
    RESTful  and its advantages


    This is a work in progress and I hope to refine it further. Let me know if you have any comments.

    0 0

    Not really!! Here is why...

    Few days back, I was speaking about one of our newly created Filter API with server side pagination to my friend. In the implementation we were querying the view to get the data. Since the pagination was at the server side, at a time the query will return only 10 records. His question was since views internally going to use the tables for querying, will it end up being less performative? Will it create the result set of all data and then pick the top 10 items?

    My initial reaction was to agree with question and confess we have an issue. But I was sure that this can not be the case. If this is so then we could have had severe issues. I am not much of a DB guru myself so went and did some research with others to figure out the story behind the scenes. By the way we use MS SQL Server 2008 and I am not sure if this descriptions applies to other database or not. 

    The question to ask was. We know that the views are used to simplify other queries or standardize access to data. but do we compromise on speed while doing so? 

    I got a related answer from SO. When an SQL statement references a nonindexed view, the parser and query optimizer analyze the source of both the SQL statement and the view and then resolve them into a single execution plan. There is not one plan for the SQL statement and a separate plan for the view. So it is fine to use the views for my above use case.

    Further, I got to know about Indexed views from this discussions, which can further improve the performance. Microsoft has a nice documentation on Improving Performance with SQL Server 2005 Indexed Views.

    0 0

    Many application developers do not focus much on the infrastructure on which their code runs. When it comes to web applications there are common confusions like what is the difference between webserver and applications server or when to go for a EAR vs WAR file deployment etc...

    There are many good answers that differentiate between web servers and applications servers like this one. Most of the times the terms Web Server and Application server are used interchangeably. This article explains the working of a typical web server. Typically we get confused with the example of Tomcat Server (an example for a web server) having the capability to run the enterprise applications. So, tomcat is a web server or an application server? Let me tell you how I convinced my self regarding this.

    Some time back I was struck with the question What's the difference between JPA and Hibernate on stack overflow. I did answer it, but one of the comment lead me to a more detailed understanding of the JavaEE spec and certified servers. If you can understand this then differentiating between the web server and application server is easy. During my investigations I got this article, which discusses the advantages of both.

    A more detailed look in to the meaning JavaEE specification will throw some light in to our discussions. As we know specifications are set of rules. Simply put they contain the interface. Any JavaEE servers which needs to comply to spec needs to have the implementation of these interfaces. You can find the certified JavaEE servers list here. If you are deploying your enterprise applications (means you have JPA, EJB or some technology which is part of Java EE) to the a server which comply to JavaEE then the lib need not contain the API implementation jars. But these are needed if you are using a web server like tomcat for deployment.

    For example, if you use JPA in your applications and deploying it to the  Jboss AS 7, then you need any additional jars in the lib. But the same application you want to deploy to the tomcat server then you need to have additional jars to lib that implements the JPA spec may be eclipselink or Hibernate. This is what makes JBoss AS 7 an application server and tomcat a web server. Another key difference is that we can not deploy an EAR file to tomcat, it could only handle WAR files.

    0 0

    For some time we were thinking about migrating our build to maven from ant. It happened last month and was actually simpler than what we have anticipated. From my experience, here is a brief about the steps we have followed. Our application is a  is a enterprise web application build with multiple frameworks and technologies and is deployed as a single WAR.

    1. Create maven project directory structure.

    As told in the Maven user guide create the below directory structure. We have done it under a new folder for the project.

    2. Move the files/folders keeping the SCM logs. 

    Even though the folder structure is new the source files will be old ones! We want to keep the SCM logs while moving them to new locations. Remember to commit the folders created in step 1 before you start moving your files. If you use SVN, see this user guide or SO question on how to do this. Move the java source, unit/integration test and configuration resources to appropriate folders.

    3. Create the POM and add dependencies

    Most critical part in the migration is adding the dependencies in the POM. Start by adding the dependencies for the frameworks used in your application. Make sure you are adding the right version of the jars. You can find the version of the jar by reading the MANIFEST.MF file inside the META-INF folder of the jar. This will help if the versions are missing from the file name.

    Any third party jars can be added to the maven repository as told here. If you are using very old versions of jar files some of them may not be available in maven repository.Here you can either try upgrading to newer versions or prepare local install as told before. Once you have added all the dependencies try building the application. Watch out for any major issues.

    4. Make sure you haven't changed much in the WAR

    Maven is a build tool. This means your WAR should not change. So, in the last step we compare both versions and make sure they are the same. Make sure you are on top of all the differences. Also, compare the jar files generated by maven and your existing files, Sync them by 
         - Adding <exclusions> to remove the unwanted jars
         - Add the dependencies for the missing jars
    This can be a tiring tasks depending on the number of jars you have in your lib. But make sure that you have each one covered and know that why they exists in your app.

    May  be this is a late post, most applications might have already been migrated by now. Anyways, better late than never! According to many experts Gradle is also a good choice as a build tool for your new project.

    0 0

    This week I spoke at Bangalore DevOps meetup on the topic "The story of SonarQube told to a DevOps Engineer". I have started writing TalkNotes inspired from Martin Fowler.Unlike his detailed article my posts aims to help the audience better understand my slides. SonarQube is a open source code quality management platform. It was a 30 mins talk focused at the need, setup, CI Infrastructure and administration of the SonarQube to the DevOps community.

    I have started the talk with one of my favorite subject Technical Debt. We have also looked at some of the parameters which determines the quality are coding standards breach, duplication, lack of unit tests, bad distribution of complexity, Spaghetti Design etc... I have spoke about this in more detail at previous post. There are various existing tools that helps reduce the technical debt by improve the code quality. What was missing was a easier way of tracking these code rule violations. For examples I need to know how much debt was introduced or was cleaned up? As a developer how do you quantify improvement the which a particular code refactoring has brought to the team etc..

    This is where Sonar come to your help. Sonar's rich feature set allows you to do these and more. Currently it can run the quality analysis on more than 20 languages including Java, C#, C/C++, PL/SQL, Javascript, PHP, Web, XML etc.... It stores the analysis results and the data is displayed through various dashboards. Further slides discusses the sonar platform overview and installation.

    The below diagram shows the CI environment including SonarQube. The Hudson plugin for SonarQube can be configured by following the wiki.

    Image Idea from this blog.

    The best part of sonar is its documentation. This was the most comprehensive documentation I have read about any open source product. You just need their wiki page to get 99% of answers. Now that I have it configured hope to write more about it in the coming moths.

    0 0

    We all know we need to use connection pools where ever we connect to a database. All of the modern drivers using JDBC type 4 supports it. In this post we will have look at an overview of connection pooling in spring applications and how to deal with same context in a non JEE enviorements (like tests). 

    Most examples of connecting to database in spring is done using DriverManagerDataSource. If you don't read the documentation properly then you are going to miss a very important point.

    NOTE: This class is not an actual connection pool; it does not actually pool Connections. It just serves as simple replacement for a full-blown connection pool, implementing the same standard interface, but creating new Connections on every call.
    Useful for test or standalone environments outside of a J2EE container, either as a DataSource bean in a corresponding ApplicationContext or in conjunction with a simple JNDI environment. Pool-assuming Connection.close() calls will simply close the Connection, so any DataSource-aware persistence code should work.

    Yes, by default the spring applications does not use pooled connections. There are two ways to implement the connection pooling. Depending on who is managing the pool. If you are running in a JEE environment, then it is prefered use the container for it. In a non-JEE setup there are libraries which will help the application to manage the connection pools. Lets discuss them in bit detail below.

    1. Server (Container) managed connection pool (Using JNDI)

    When the application connects to the database server, establishing the physical actual connection takes much more than the execution of the scripts. Connection pooling is a technique that was pioneered by database vendors to allow multiple clients to share a cached set of connection objects that provide access to a database resource. The JavaWorld article gives a good overview about this.

    In a J2EE container, it is recommended to use a JNDI DataSource provided by the container. Such a DataSource can be exposed as a DataSource bean in a Spring ApplicationContext via JndiObjectFactoryBean, for seamless switching to and from a local DataSource bean like this class.

    The below articles helped me in setting up the data source in JBoss AS.

    3. JBoss Wiki 

    Next step is to use these connections created by the server from the application. As mentioned in the documentation you can use the JndiObjectFactoryBean for this. It is as simple as below

    If you want to write any tests using springs "SpringJUnit4ClassRunner" it can't load the context becuase the JNDI resource will not be available.

    For tests, you can then either set up a mock JNDI environment through Spring's SimpleNamingContextBuilder, or switch the bean definition to a local DataSource (which is simpler and thus recommended). 

    As I was looking for a good solutions to this problem (I did not want a separate context for tests) this SO answer helped me. It sort of uses the various tips given in the Javadoc to good effect. The issue with the above solution is the repetition of code to create the JNDI connections. I have solved it using a customized runner SpringWithJNDIRunner. This class adds the JNDI capabilities to the SpringJUnit4ClassRunner. It reads the data source from "test-datasource.xml" file in the class path and binds it to the JNDI resource with name "java:/my-ds". After the execution of this code the JNDI resource is available for the spring container to consume.

    To use this runner you just need to use the annotation @RunWith(SpringWithJNDIRunner.class) in your test. This class extends SpringJUnit4ClassRunner beacuse a there can only be one class in the @RunWith annotation. The JNDI is created only once is a test cycle. This class provides a clean solution to the problem.

    2. Application managed connection pool

    If you need a "real" connection pool outside of a J2EE container, consider Apache's Jakarta Commons DBCP or C3P0. Commons DBCP's BasicDataSource and C3P0's ComboPooledDataSource are full connection pool beans, supporting the same basic properties as this class plus specific settings (such as minimal/maximal pool size etc).

    Below user guides can help you configure this.

    The below articles speaks about the general guidelines and best practices in configuring the connection pools.

    Note:- All the text in italics are copied from the spring documentation of the DriverManagerDataSource.

    0 0

    Recently I have attended a workshop on EXIN Cloud Computing Foundation course and cleared the certification exam. This post is bit about topics covered in the exam and my experience learning those topics.

    The principles of Cloud Computing. This chapter deals with definitions, types of clouds (Public, Private and Hybrid) and cloud services (IAAS, PAAS, SAAS).
    Most contents in the section are from the The NIST Definition of Cloud Computing paper. Other topics include The Evolution Toward Cloud Computing, Cloud Computing Architectures and Benefits and Limitations of Cloud Computing. The part about Virtualization and its role in the raise of Could computing was quite interesting for me.

    Using the Cloud. This part is about accessing the cloud and mobility in the cloud.
    This module covers the topics Overview of Accessing the Cloud, How Cloud Computing Can Support Business Processes and Service Providers Using the Cloud.

    Security and Compliance. Is about the risks of cloud computing and the measures you can take
    This module covers the paper Top Threats to Cloud Computing prepared by the Cloud Security Alliance under the Security Risks and Mitigating Measures title. Managing Identity and Privacy section deals with Triple-A authentication and various aspects of identity management.

    Implementing and managing Cloud Computing. You learn about local cloud networks and how to support the use of cloud computing
    This module includes the topics Building a Local Cloud Environment and Managing Cloud Services. There is a lot of focus on managing cloud services and related governance frameworks.

    Evaluation of Cloud Computing. Examples of the subjects here are cost aspects, (dis)advantages and SLA’s.
    This module speaks about the business case for cloud computing. For example cost implications to an organization evaluating the cloud services in terms of capex and opex. Forming the Service level requirements and agreements.

    The text in italics are taken from the official exam page.
    Written with StackEdit.

    0 0

    This April I had to create a Individual Development Plan (IDP) for me as part of the regular official procedures. One of step was to identify the gaps in you compared to the ideal position you want to reach. Thinking more in this line I have created the below table which contains ways to identify the specific areas of development for a developer. 

    Guide to reading the table:-

    Ask yourself the questions in the column (D). If your answer is "Yes" to any of the questions then you needs to consider the action plans listed in column (E).

    Sl No
    B. Section C D. These things happens with You E. Your Action Plans
    Understanding what to do 
    What to do? (40%)
    1. You have missed some of the requirements.
    2. You hear others say "This feature was not supposed to work like this"
    3. Your completed work gets re-opened during QA or User Testing.
    -Improve your domain knowledge.
    -Ask more questions to your PO so that you can impove your understanding of the requirements.
    -Push for improved requirements documentation.
    -Spend more time in testing your features.
    -Listen to sprint demos to get the overview of all the new features added.
    Knowledge of Frameworks,
    Design patterns, practices and principles
    How to do it - Your skills to do it

    (20 - 30 %)
    1. You don't know where to start with when you have to implement a new feature
    2. You don't know if a similar functionality already exists in the application or not
    3. You don't completely understand the frameworks in the application and how they are used
    -Pair program with an experienced developer to learn how he approaches a problem.
    -Learn more about the frameworks used in your app.
    -Try creating sample applications using them.
    -Identify the patterns and principles used in your app and try to use them.
    3 Problem solving, Analytical, Debugging skills
    How to do it - Your Ability to do it

    (10 - 20 %)
    1. You face difficulties when it comes to writing algorithms
    2. You are weak in debugging and finding issues in the code
    -See if you can apply some known patterns to solve the problem.
    4 Communicating with your code How well you did it?
    How easily somebody can understand how ?

    1. Your code is not up to the standards or frequently ignores code quality.
    2. You don't have enough code coverage
    3. You can't write a quality documentation
    -Use tools like sonar to asses the quality of your code.
    -Spend more time in refactoring and improving the code quality.
    5 Communicating about your work
    How well can you communicate about your work

    1. Your don't follow the process in the team.
    2. Your check-in comments are not useful.
    3. Your team don't know what you are working on.
    -Understand and adhere to the team policies. If you feel that there is somethings wrong, communicate and get it clarified.

    This is the first draft of the version I have created. Try to apply this to you or your team and let me know your feedback. I hope I can expand each area by writing more in the future.

    0 0

    Security is a top priority item on everyone's checklist nowadays. In this post, I will introduce you to useful reference material that can help you get started with securing applications. I want to focus more on web applications built with Java related technologies.

    1. Authentication and Authorization

    When it comes to security the most fundamental concepts are Authentication and Authorization. Unless you have a strong reason you should be following a widely accepted framework for this purpose. We have Java EE Authentication and Spring Security to help us out in this context. I have worked with spring security in the past and it can be customized to suite your specific needs. 

    2. Security in the Web Layer

    In our application stack the web layer is most vulnarable to attacks. We have may established standard practices and detection mechanisms to minimize these risks. OWASP Top 10 list is a must have check point for security checks. The Open Web Application Security Project (OWASP) mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

    3. API Security

    With the rise of mobile applications and stronger browsers expressing functionalities using the API is more popular day by day. We need to follow the same security practices for the web layer. All the API requests should be authenticated and we should use the principle of least privilege. I found the presentation from Greg Patton in the AppSec EU15 titled The API Assessment Primer is a great start for API security validations. Two major points focused in his talk are,
    Do not expose any operations that are not needed
    Do not expose any data that is not required

    Which is in line with the basic security principle of giving least privilege by default.

    To authenticate the services, we can create simple token-based API authentication mechanism based OAuth2 standards. If the services expose any sensitive data, it is better to use https so that man-in-the-middle attacks can be avoided.

    4. Validating the User Input

    Be aware that any JavaScript input validation performed on the client can be bypassed by an attacker that disables JavaScript or uses a Web Proxy. Ensure that any input validation performed on the client is also performed on the server. Go through the OWASP and WASC checklist to identify the potential validations you need to do in your application.

    Other Useful Reference Materials

    0 0

    Last week I spoke at the Bangalore Software Architects Meetup on the topic "Do you need microservices architecture?". Here is the presentation and bit more info about it.

    Over the last few years there has been lot of attention on microservices. After the initial "hype" we saw that what problems it solves and what it can not. I have tried to cover what are microservices and where it can be useful and where it is not. I want to share the guidelines which can be used to choose between a monolith and microservices.

    I feel that one must answer the below questions before they choose a microservices architecture and it will be beneficial to you if the answer to these questions are "YES".

    1. Does your services represents different business cases/domains..?
    2. Does the services needs to be deployed and managed independently..?
    3. Does different parts of the application has different scaling/Technology needs..?

    A modular monolith can be transformed to a set of microservices in case the need arises. So, we should start with monolith when we are not sure about the future.

    0 0

    Over the last few years we have been adding unit tests to our existing product to improve its internal quality. During this period we always had the challenge of choosing unit-vs-Integration tests. I would like to mention some of the approaches we have applied to improve the quality of existing system.

    At its core, unit testing is about testing a single component at a time by isolating its dependencies. The classical Unit tests have these properties "Fast, Independent, Repeatable, Self-Validating,Timely". Typically in java a method is considered as a unit. So traditional  (and most common) approach is to test the single method of a class separated from all its dependencies.

    Interestingly there is no hard-core definition of "what makes a unit". Many times a combination of methods which spread across multiple classes can form a single behavior. So in this context the behavior should be considered as a unit. I have seen people breaking these units and writing multiple tests for the sake of testing a single method. If the intermediate results are not significant this will only increase the complexity of the system. The best way to test a system is to test with its dependencies where ever we can accommodate them. Hence we should try to use the actual implementation and not mocks. Uncle bob puts this point very well, "Mock across architecturally significant boundaries, but not within those boundaries." in his article.

    If the software is build with TDD approach it might not be a challenge to isolate dependencies or adding a test for your next feature. But not all software's built like these. Unfortunately we have systems where there are only few or none of the test are written. When working with these systems we can  make use of the above principle and use tests at different levels. Terry Yin provides an excellent graphics (which is show below) in his presentation titled Misconceptions of unit testing. This shows how different tests can add values and what are its drawbacks.

    Many of our projects uses Java and Spring framework. We have used springs @RunWith and SpringJUnit4ClassRunner to create AppLevel Tests which gives you the objects with all its dependencies initiated. You could selectively mock certain dependencies if you would like to isolate them. This sets a nice platform to write unit tests with multiple collaborating objects. we call them App level tests. These are still fast running test with no external dependencies. A different term was chosen to differentiate itself from the classical unit test. We also had Integration test which would connect with external systems. So, the overall picture of developer tests can be summarized as below,  

    Tests Naming convention Runs at When to use Exec Time
    Unit Test Ends with Test Every build Rule based implementations where the logic can be tested in isolation Few Milliseconds
    App Level Tests Ends with TestApp Every build / Nightly builds (Teams choice) Tests the service layers in connection with others. Frees you from creation of mock objects. Application context is loaded in the tests. Few Seconds
    Integration Test Ends with TestIntg Runs on demand when a special profile is used in build. All the above + Use when you need to connect to external points like DB, web services etc.. Depends on the integration points.
    Manually Running Tests Ends withTestIntgManual Manually running tests, Used debugging a specific problem locally All the above - Can't be automated. Depends on the integration points.

    This approach gives the developers choose the right level of abstractions to test and helps in optimizing their time. Nowadays my default choice is App Level tests and I go to unit tests if I have a complicated logic to implement.

    Further reading:

    0 0

    Here is a video recording of my session titled Practical communication strategies for software architects on Bangalore software architect meetup.

    The session covers communication ideas for various stages and to different stakeholders in a project scenario.

    Practical communication strategies for software architects from Manu Pk

    Have a look at the video recording of the session