License 2 Code

A workplace book group is starting up with Core Security Patterns. This is a well regarded title if you’re to believe amazon reviews. And its huge. If you are perhaps bored to sleep by the topic and an opportunistic thief breaks in thinking you an easy mark, you’ll have something to bludgeon him to death with.

While the first chapter suggested the size was more about lack of editing than content, the second chapter was actually very useful. Excellent overview on symmetric/asymmetric keys, ssl, and key concepts in security.  And if the readable chapter wasn’t enough - you can check out Hamlet D’arcy’s excellent material prepared for the topic.

Seriously - Mary Queen of Scots as a real example to help me discuss security? Trust me it works AND is interesting. And if that (or the second Mary piece) isn’t good enough - see the online-merchant of venice example. I guess you don’t get the name Hamlet without being able to quickly rattle off great Bard references.

Using real-world examples to discuss security principles reminded me of Dick Hardt’s great Lessig-style short presentation explaining authentication/identity 2.0. Relates a form of third-party trust management in the physical world (photo IDs), to how one might think about identity trust in the electronic world.

Fits well with the Queen of Scots example-style, and while I think it will help you understand identity in a new way, if nothing else it’s completely well-done and uses a keen style of presenting.

An interesting take on categorizing popular web frameworks - I’d love to see this represented graphically - Tufte disciples - get crackin’!

Manning: Groovy in Action

Book Description
Groovy, the brand-new language for the Java platform, brings to Java many of the features that have made Ruby popular. Groovy in Action is a comprehensive guide to Groovy programming, introducing Java developers to the new dynamic features that Groovy provides. To bring you Groovy in Action, Manning again went to the source by working with a team of expert authors including both members and the Manager of the Groovy Project team. The result is the true definitive guide to the new Groovy language.

Is this book going to be good? I know a fair amount about Groovy and none about Grails. Should I buy it?

http://www.amazon.com/Groovy-Action-Dierk-Koenig/dp/1932394842 

I have to admit that I’m very excited to see this JSR. I’ve used Joda time and think it’s a superb library. I wouldn’t use anything else for date manipulation in Java.

Announcing JSR 310 - Date and Time API

My software company has updated to Groovy 1.0. There were a few subtle syntax changes (due to a stricter parser) and one not so subtle one (@Property was removed). I’ve followed Groovy for many years and am happy to see it reach 1.0.
The two features I like most are the conveniences for handling bean properties and closures. Two other features I make use of are the on-demand compilation (take any string/stream representing a class and get a class/object back) and the dynamic dispatch (invokeMethod can be overriden to handle any scenario).

I’d love to see these features rolled into Java.

Groovy 1.0 is there - Groovy - Confluence

PS: Maybe it’s time to take a look at Ruby.

InfoQ has a great format for video/podcast content - recordings synced with transcriptions or slides. I started watching Joshua Bloch’s Javapolis presentation on API design. “But I don’t design APIs or frameworks…” Um, do you program? Bloch starts with the adage that thinking in terms of API design improves code quality - “Good code is modular - each module has an API”.

I have found this to be extremely true, and the more I’ve learned about API design, the more my own code quality has improved. Learning the principles of design-by-contract for example, had a tremendous impact on my code. A longer summary is in order once I can digest the entire presentation.

There is an incredible amount of content online like this these days - ninja-quality speakers, slide-sets included. Makes one think you could assemble your own mini-conference (minus the networking of course) in your pajamas. Anyone up for an API design discussion session over beers after watching this?

*bonus - a great interview/concurrent transcription with DHH on the future of Rails.

After wrasslin’ with a simple Eclipse plug-in project, I was struck that if:

IDEA is OSX,

and JBuilder is Windows,

then Eclipse is Debian Linux.

Well, it finally happened. Java is now open source under the GPLv2.

http://www.sun.com/software/opensource/java/

I feel this will have a very substantial impact on the Java community and that this impact will be positive:

• Specifically, I believe bug fixes and features will be added to the JDK at a faster rate.
• Additionally, I believe additional “usages” of Java will be enabled by this (e.g. being able to natively compile a Swing app).
• Finally, I believe this will substantially improve Java’s adoption (in part due to inclusion in Linux distros).

Interesting piece on interface design, masquerading as an article advocating premature optimization. Yeah, that’s what I thought - ‘isn’t premature opt. the root of all evil? - we’ve ground whole battalions of spies against the rogue regimes it can create!’

The article focuses on interchange types in an API, and the tradeoffs associated. An interchange type is a caller/callee-neutral data type that neither caller/callee is likely to actually have or want to use, but to which both can easily convert.

The interchange type seems appealing - apparently clean, general, but there’s a good warning here: ‘you should still ensure that you make smart tradeoffs. Sometimes there are alternate input or output formats that your callers are more likely to use’. Hmmm - let’s see - design is about smart tradeoffs… Be client/user-focused… So simple, and yet it can sometimes take Bondian discipline to keep these in mind.

Don’t worry - premature optimization is still evil.