tag:blogger.com,1999:blog-32342075766549151542024-03-13T11:22:17.518-07:00Muhammad Khojaye's Blog | Java, Cloud, Big DataBlog about Java programming language, Cloud Computing, Big Data and Technology TrendsMuhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.comBlogger20125tag:blogger.com,1999:blog-3234207576654915154.post-48322988178183751732018-03-25T15:54:00.003-07:002018-05-09T13:41:54.551-07:00Federated SAML based Single Sign-On Authentication with AWS Cloud<p>In a previous post, I have described the technique to implement <a href="https://muhammadkhojaye.blogspot.com/2017/02/securing-applications-single-sign-on.html" title="Securing Java Applications with Single Sign-On">Single Sign-On</a> <em>security</em> functionality in <em>Java</em> using <em>OpenID Connect (OIDC)</em>. In this blog post, I am going to implement <em>federated</em> <em>AWS</em> <em>Single Sign-On</em> <em>(SSO)</em> using <em>SAML</em> which will enable users to <em>authenticate</em> using <em>on-premises credentials</em> and access resources in <em>cloud</em> and third-party <em>SaaS</em> applications on <em>AWS</em>. </p>
<h3>Why Federated Single Sign-On for Cloud</h3>
<h4>How to secure cloud credentials</h4>
<p>Users generally require working with multiple applications for business reasons which are often provided and hosted by different organisations. In addition, enterprise organisations of utilising <em>cloud</em> and third-party <em>SaaS</em> applications are also growing continuously and keep getting bigger. This requires users to remember multiple <em>credentials</em> to access each application they need to work with, which results in exposing <em>security vulnerabilities</em> and complex user experience. The organisation needs to control who can access each application without exposing <em>data security risks</em>.</p>
<p>To provide user single point of <em>authentication</em> with seamless <em>federated Single Sign-On</em>, we can separate user <em>authentication</em> logic from the application code, and delegate <em>authentication</em> responsibility to a trusted <em>identity provider</em> (IdP).
</p>
<p>
AWS also supports <em>federated</em> <em>SAML</em> based <em>single sign-on (SSO)</em> which provides a mechanism to issue <em>temporary security credentials</em>. This mechanism allows application to assume a <em>role</em> in <em>AWS</em> and obtain a <em>temporary access key</em>, <em>secret access key</em> and <em>session token</em>.</p>
<p>
The mechanism enables users to log into the Console or invoke the <em>AWS APIs</em> <em>programmatically</em> without requiring the organisation to create an <em>IAM</em> user for each of them. From the user’s perspective, the process happens transparently. The user requests, for instance, could start at the organisation’s internal portal and end up either at the <em>AWS Management Console</em> or invoke <em>programmatic AWS APIs</em> calls by using <em>assertions</em> from a <em>SAML compliant identity provider (IdP)</em>. The user <em>authentication</em> happens without ever providing any <em>AWS credentials</em> or creating any <em>AWS config</em> file.
</p>
<p>
This design approach simplifies development, minimise the requirement for <em>user administration</em>, and also improves user experience of the application. In addition, it also increases <em>cloud security</em> and productivity by avoiding the use of multiple passwords and the need to log in separately to each application. Moreover, by incorporating this mechanism, <b>the attackers will not be able to obtain <em>security credentials</em> and run their malicious code in a <em>data breach</em> incident</b>.
</p>
<p>
<h3>Pre-requisite</h3>
<p>
Before we can use <em>SAML</em> based <em>federation SSO</em>, we must be running <em>IdP</em> that supports <em>SAML 2.0</em>, for instance, <em>ADFS</em> etc. For configuring <em>ADFS</em> with <em>AWS</em>, the detailed step-by-step guide be found <a href="https://aws.amazon.com/blogs/security/enabling-federation-to-aws-using-windows-active-directory-adfs-and-saml-2-0/">here</a>.
</p>
<h3>AWS Single Sign-On Implementation</h3>
<p>A sample code in <em>Node.js</em> <em>Javascript</em> to implement <em>AWS</em> <em>Single Sign-On (SSO)</em> via <em>SAML</em> for creating <em>Federated</em> <em>authentication token</em> to other applications is illustrated in the example below.</p>
<pre class="brush: js">
//example for brevity
var inputPar = {
UserName: 'username',
Kmsi: 'True',
Password: 'password'
};
AWS.config.update({
region: 'eu-west-1'
});
function authenticateWithAWS(){
request({
url: 'https://ADFS_SERVER_FQDN/adfs/ls/idpInitiatedSignOn.aspx?loginToRp=urn:amazon:webservices',
method: 'GET'
}, function (err, res, body) {
request({
method: 'POST',
followAllRedirects: true,
form: inputPar,
url: res.request.uri,
jar: true
}, function(error, response, body) {
if (error) {
console.log(error);
} else {
assertion = // parse the body parameter with any parser
// and extract SAML assertion value
// can be use parser like cheerio etc
generateToken(assertion);// authenticate without supply any AWS credentials
}
});
});
};
function generateToken(assertion) {
AWS.config.update({
credentials: new AWS.SAMLCredentials({
RoleArn: 'arn:aws:iam::<trustedaccount>:role/SAMLRole',
PrincipalArn: 'arn:aws:iam::AWS-account-ID:saml-provider/provider-name',
SAMLAssertion: assertion
}),
});
}
</pre>
Here is an example of generating <code>SAMLAssertion</code> for <em>AWS</em> <em>Single Sign-On (SSO)</em> using <code>Java</code>.
<pre class="brush: java">
//example for brevity
//imports are also omitted for brevity
public String generateSAMLAssertion() throws IOException {
URL url = new URL(
"https://adfs_server_fqdn/adfs/ls/idpInitiatedSignOn.aspx?loginToRp=urn:amazon:webservices");
Document doc = Jsoup.parse(url, 10000);
if (doc.getElementById("loginForm") != null) {
Element loginForm = doc.getElementById("loginForm");
String host = "your_adfs_server_fqdn";
String protocol = "https";
String formSubmitUrl = new URL(protocol, host, loginForm.attr("action")).toString();
// submit login form with post data
Response response = Jsoup.connect(formSubmitUrl)
.timeout(10000)
.data("UserName", "yourUser", "Password", "yourPassword")
.method(Method.POST)
.execute();
Document document = response.parse();
// find the SAMLResponse attribute and return!!
Elements samlResponse = document.select("input[name=SAMLResponse]");
return samlResponse.attr("value");
}
return null;
}
</pre>
<h3>AWS Single Sign-On (SSO) Example with SAML assertion</h3>
<p>The example source code below illustrates the retrieval of <em>service catalog</em> information while using <em>SAML assertion</em> token for <em>authentication</em>.</p>
<pre class="brush: js">
// example of an API invocation with a SAML assertion
// Retrieve AWS ServiceCatalogProducts
serviceCatalog = new AWS.ServiceCatalog();
serviceCatalog.searchProducts({}, function(error, res) {
if (error) {
console.log("Error", error.stack);
} else {
console.log(res);
}
});
</pre>
<h3>Refresh Expire AWS STS Token</h3>
<p>The <em>temporary AWS security</em> credentials that we use for either logging into the Console or calling the <em>AWS APIs</em> last up to 1 hour. When the <em>access token</em> used by client application to access an <em>API</em> or console expires, the client must request a new <em>access token</em>. To deal with unnecessary credential prompts and also to ensure and maintain high levels of <em>security</em>, a simple example of a refreshing <em>token</em> is illustrated below. The refresh process is performed by invoking the <code>authenticateWithAWS()</code> method again in order to get a new <em>security token</em>.</p>
<pre class="brush: js">
// example for brevity
// Retrieve AWS ServiceCatalogProducts
serviceCatalog = new AWS.ServiceCatalog();
serviceCatalog.searchProducts({}, function(error, res) {
if (error) {
console.log("Error", error.stack);
} else {
console.log(res);
}
})
.catch(function(error){
if (error.stack.indexOf(EXPIRE_TOKEN_ERROR_MESSAGE) > -1) {
// define retry policy here...
authenticateWithAWS();
}
});
</pre>
<h3>Troubleshoot AWS SSO SAMLAssertion issues</h3>
<h4>Handling HTTP Redirect</h4>
<p>If we are getting a response <code>statusCode</code> indicating redirect to another <code>URL</code> (<code>301</code>, <code>302</code> or <code>307</code>), or the body is empty, make sure that <code>followAllRedirects</code> config is set to <code>true</code>. By default, the <em>redirects</em> are turned on for <code><b>GET</b></code> requests only and we need to add this <em>config</em> to our <code><b>POST</b></code> request.</p>
<h4>Configuring Proxies</h4>
<p>
If the expected <code>SAMLAssertion</code> or <code>SAMLResponse</code> attribute value of the input tag doesn't come back, check that we have correctly configured the <em>proxy</em> variables. We may need to configure <em>proxy</em> by setting <em>environment variables</em> (e.g. <code>HTTP_PROXY</code>, <code>HTTPS_PROXY</code>, <code>NO_PROXY</code> etc) before executing the code. This <a href="https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/node-configuring-proxies.html">link</a> describes how to configure proxies for <code>Node.js</code>.
</p>
<h4>Access Denied Error</h4>
<p>
If we get "<code>Access Denied</code>" error while invoking the <code>AWS API</code>, for instance, by calling <code>serviceCatalog.searchProducts()</code> method, it means that the user is <em>authenticated</em> successfully but the given <em>federated</em> user doesn't have the required permissions. Please follow this <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html">link</a> to find out how to give required permissions and roles to a <em>federated</em> user.
</p>
<h3>More References</h3>
<ul>
<li><a href="https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/STS.html" target="_blank" >AWS.STS</a></li>
<li><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html" target="_blank" >About SAML 2.0-based Federation</a></li>
<li><a href="https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html" target="_blank" >AssumeRoleWithSAML</a></li>
<li><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html" target="_blank" >Enabling SAML 2.0 Federated Users to Access the AWS </a></li>
<li><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml_3rd-party.html" target="_blank">Integrating Third-Party SAML Solution Providers with AWS
</a></li>
</ul>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com2tag:blogger.com,1999:blog-3234207576654915154.post-52674310891588948242017-02-02T15:54:00.002-08:002017-02-14T15:22:21.461-08:00Securing Java Applications with Single Sign-On<p>In this blog post, I am going to share my experience working with <em>Single Sign-On</em> (a product from Red Hat) and will provide the detail information and instructions on how to configure different enterprise <em>java</em> applications with Single Sign-On using OpenID Connect (OIDC). This blog can be used by anyone who is interested in <em>Single Sign-On</em> implementation and be used by any developer to get started with <em>Single Sign-On</em> implementation quickly as possible.</p>
<p>This blog post will explain the high-level <em>architecture</em> (end-to-end request flow among applications), integration of SSO with <em>JBoss EAP</em> and <em>BPM Suite</em>, enabling SSO in Continuous Integration/Delivery and configuration of <em>LDAP</em>, <em>AD</em> and <em>Kerberos</em> for <em>SSO</em>.</p>
<h3>Single Sign-On Implementation in Java</h3>
<p>For securing application, the Red Hat <em>Single Sign-On</em> (RH-SSO) provides following options.</p>
<ul>
<li>OpenID Connect (OIDC)</li>
<li>SAML</li>
<li>OAuth 2.0</li>
</ul>
<p>Red Hat <em>Single Sign-On</em> comes with supports of <em>SAML</em>, <em>OAuth 2.0</em> and <em>OpenID Connect</em> Connect out of the box.</p>
<h4>OpenID Connect (OIDC) vs SAML</h4>
<p><em>OIDC</em> is a new protocol supported by Red Hat <em>Single Sign-On</em> comparing to old fully developed <em>SAML</em> protocol. Although <em>SAML</em> is proven and secure with supporting loads of use cases, however, in most cases, <em>OIDC</em> is still recommended. In this blog, we will use <em>OIDC</em> which is an extension to <em>OAuth 2.0</em>.</p>
<h3>Architecture - End-to-End Application Request Flow</h3>
<h4>How does Single Sign-On Authentication work?</h4>
<p><em>Single Sign-On</em> provides the mechanism for authorization and authentication which enables users to authenticate once against one of our applications and doesn’t require to authenticate again for other applications.</p>
<p>Red Hat has released the <em>Single Sign-On</em> standalone product which provides the seamless integration and federated authentication for enterprise applications.</p>
<p>When applications are secured by <em>Single Sign-On</em>, a user is only required to authenticate the first time they access any of the secured resources. Upon successful authentication, the roles associated with the user retrieves from a local database (or external shared database, if using) and used for authorization of all other associated resources. This allows the user to access any further authorised resources without re-authenticating. After user logs out from an application, or an application invalidates the session programmatically, the process starts over.</p>
<p>The high level architecture request flow among different applications secured with Red Hat <em>Single Sign-On</em> is explained in figure below.</p>
<a href="https://3.bp.blogspot.com/-wl1K2RKpj0Q/WJYVtiFWS2I/AAAAAAAABBY/uSKFXsLnWPoQxBNoyLuBmF2HOYKTZ5K5QCLcB/s1600/End-to-End-Application-Request-Flow-RH-SSO.png" imageanchor="1" ><img border="0" src="https://3.bp.blogspot.com/-wl1K2RKpj0Q/WJYVtiFWS2I/AAAAAAAABBY/uSKFXsLnWPoQxBNoyLuBmF2HOYKTZ5K5QCLcB/s400/End-to-End-Application-Request-Flow-RH-SSO.png" width="440" height="275" alt="End-to-End Application Request Flow with Red Hat Single Sign-On" title="End-to-End Application Request Flow with Red Hat Single Sign-On"/></a>
<p>The end-to-end application request flow follows the similar pattern as any other <em>SSO</em> product. Any user tries to access an application first time without any valid <em>authentication token</em> will be redirected to <em>Single Sign-On</em> login page. Once user login successfully, the <em>SSO</em> <em>token</em> (containing <em>token</em> string along with user roles and other information) will need to set in a <em>request header</em> and passed to other applications.</p>
<p>Since the applications are already configured with SSO server, the SSO server first validates the session token from the incoming request and authenticates the user.</p>
<p>In case, the <em>token</em> expire or the user is not authorized to access the application, the <em>Single Sign-On</em> server will response with <code>401 unauthorized error code</code> and user will be redirected to login page where user can obtain a valid <em>token</em> again.</p>
<p>A sample code to pass <em>authentication token</em> to other application is illustrated in example below.</p>
<pre><code>
private static void invokeServiceWithToken(HttpServletRequest req,
String uri) {
CloseableHttpClient httpClient = null;
try {
httpClient = HttpClients.createDefault();
HttpGet get = new HttpGet(uri);
KeycloakSecurityContext session = (KeycloakSecurityContext) req
.getAttribute(KeycloakSecurityContext.class.getName());
if (session != null) {
get.addHeader("Authorization", "Bearer " +
session.getTokenString());
}
HttpResponse response = httpClient.execute(get);
} catch (Exception e) {
throw new RuntimeException(e);
} finally {
if (httpClient != null)
try {
httpClient.close();
} catch (Exception e) {
throw new RuntimeException("Error closing
HttpClient", e);
}
}
}
</code></pre>
<p>For more concrete examples, follow the link mentioned in section “Example Projects”.</p>
<p>The application flow explained in above Figure illustrate an example flow using different applications deployed in <em>EAP</em>, <em>BPM Suite</em> and <em>Fuse</em>, however, this can be generalised to any number of enterprise applications.</p>
<h3>Single Sign-On Installation</h3>
<p>The Red Hat <em>Single Sign-On</em> product can be downloaded from the <a href="https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=core.service.rhsso">RedHat</a>. We need RedHat account with active subscription to download this license server. The Open Source version is available to download from <a href="http://www.keycloak.org/downloads.html">here</a>.
</p>
<p>We will first download the Red Hat <em>Single Sign-On</em> server and will start the server with default configuration. However, we may need to change the default port for the server in case we are starting on the same host machine where other <em>EAP servers</em> are also running.</p>
<p>To change the default port to something else, add the appropriate <em>JBoss</em> binding offset in the <em>standalone</em> (or <em>domain.xml</em>) configuration.
<pre class="brush: java">
<system-properties>
<property name="jboss.socket.binding.port-offset" value="1600"/>
</system-properties>
</pre></p>
<p>After server start up successfully, visit the URL <a href="http://localhost:9680/">http://localhost:9680/</a> to ensure the Red Hat <em>Single Sign-On</em> server is running.</p>
<p>By default, the Red Hat <em>Single Sign-On</em> Server comes with the <em>H2 database</em> which is used for storing <em>realm</em> and user data. However, we can also configure an external database service. For instance, we need to configure the external database, if we are running in a cluster environment. Red Hat <em>Single Sign-On</em> supports loads of different databases like <em>Oracle</em>, <em>MySql</em>, <em>PostgreSQL</em> etc and the latest updates for the same list can be referred from Red Hat documentation.</p>
<p>The first thing, after installing server, would be to create an admin user account to manage the Red Hat <em>Single Sign-On</em> server.</p>
<p>To create admin user, use the URL <a href="http://localhost:9680/auth">http://localhost:9680/auth</a></p>
<p>After creating an admin user, we now log into the server and start playing with Red Hat <em>Single Sign-On</em> Server configuration. To login into Red Hat <em>Single Sign-On</em> Server, use the URL <a href="http://localhost:9680/auth/admin/">http://localhost:9680/auth/admin/</a></p>
<h4>Realm</h4>
<p><em>Realms</em> are used to authenticate domain applications and are used to restrict access to the resources of different applications. Each realm is mapped to a domain and we can add as much as <em>Realms</em> for different domains. Red Hat <em>Single Sign-On</em> provides the default <em>Master Realm</em> and Admin user can use this to manage other realms. We can add multiple realms by using the <b>Realms</b> tab through the Administrator console. We can also configure different realms with different authentication protocol. For instance, Realm A can use <em>OIDC</em> protocol while Realm B can support <em>SAML</em> as an authentication mechanism. Similarly, each realm can be configured and associated to different <em>LDAP</em> or <em>AD</em> for user authentication.</p>
<h5>Master Realm vs Application Realm</h5>
<p>The <em>master realm</em> in Red Hat <em>Single Sign-On</em> is an exceptional realm and should handle differently compared to other application specific realms. The best practice is to create a separate new realm for securing application while keeping the Master Realm for management purpose only. <em>Master Realm</em> best be used as a place to create and manage other realms in our system.</p>
<h4>Creating Realm and User</h4>
<p>To create a new Realm, follow the link <a href="http://localhost:9680/auth/admin/">http://localhost:9680/auth/admin/</a> and use “Add Realm” option.</p>
<a href="https://2.bp.blogspot.com/-3WF76c1mAsY/WJJdqYxRrBI/AAAAAAAAA_Y/DlPTzXj3buYRRSYjQrdi7PdamfMnMVLVwCLcB/s1600/Add-Realm-RH-SSO.png" imageanchor="1" ><img border="0" src="https://2.bp.blogspot.com/-3WF76c1mAsY/WJJdqYxRrBI/AAAAAAAAA_Y/DlPTzXj3buYRRSYjQrdi7PdamfMnMVLVwCLcB/s640/Add-Realm-RH-SSO.png" width="640" height="194" alt="add realm from admin console" title="create realm from admin console" /></a>
<p>The detail steps found on the following link: <a href="https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-beta/paged/getting-started-guide/chapter-3-creating-a-realm-and-user">creating a realm</a></p>
<p>Create new user by click “Users” menu and then “Add User”. This user is used for authentication and authorization for configured application which can be a web application, web service or simple mobile based application.</p>
<h4>User Login and Logout</h4>
<p>Since the user is managed against the realm, therefore, to login with the specific user, make sure the URL contains the correct realm.</p>
<p>For example, to login with user associated with “test” realm, the URL should be: <a href="http://localhost:9680/auth/realms/test/account">http://localhost:9680/auth/realms/test/account</a>.</p>
<h4>Themes and Custom Login Page</h4>
<p>Red Hat <em>Single Sign-On</em> Server comes with the default <em>theme</em> and login page. It is possible to create a custom login page specific to an application and configure/deploy in Red Hat <em>Single Sign-On</em> server. The server can also be themed for providing users with a seamless experience. Please refer to <a href="https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-beta/paged/server-developer-guide/chapter-3-themes">Red Hat documentation</a> for more information.</p>
<h3>Integrating Single Sign-On with JBoss EAP</h3>
<h4>Overview</h4>
<p>This section explains the integration and configuration of Red Hat <em>Single Sign-On</em> with <em>JBoss EAP</em>. We assume that <em>EAP</em> is running in a <code>standalone mode</code> and therefore, we will modify <code>standalone.xml</code> file for the configuration. However, we need to either modify <code>standalone-ha.xml</code> or <code>domain.xml</code> depending on our operating mode.</p>
<h4>Client Adapter</h4>
<p>To secure application with Red Hat <em>Single Sign-On</em>, we need to install Red Hat <em>Single Sign-On</em> <em>client adapters</em>. The <em>client adapter</em> provides the tight integration of Red Hat <em>Single Sign-On</em> with any platform. It enables application to communicate and be secured by Red Hat <em>Single Sign-On</em>.</p>
<p>To begin, we will download the <em>client adapter</em> from <a href="https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=core.service.rhsso">RedHat website</a> (account with active subscription is required). We need to choose the right version of adapter depending on the platform we are using. We install the client adapter using the simple <code>CLI</code> command as explained <a href="https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-beta/single/getting-started-guide/#installing_the_client_adapter">here</a></p>
<h4>Register Application with Single Sign-On Server</h4>
<p>Any application that needs to be secure with <em>SSO</em>, it has to be registered with <em>Single Sign-On</em> Server. We will first create and register the client using the Red Hat <em>Single Sign-On</em> admin console.</p>
<p>Login the admin console and use the “<b>Clients</b>” tab to register the client application. Please refer to the <a href="https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-beta/paged/getting-started-guide/chapter-4-securing-a-jboss-servlet-application">Red Hat documentation</a> for detail steps on creating and register a new client application.</p>
<p>After registering the client, we configure the client installation using either the <em>adapter subsystem configuration</em> into the <code>standalone.xml</code> or <em>Per WAR Keycloak configuration subsystem</em>.</p>
<p>To configure using <em>adapter subsystem</em> configuration, open the <i>standalone/configuration/standalone.xml</i> file and add the following text:</p>
<pre class="brush: java">
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="TestApp.war">
<realm>testrealm</realm>
<auth-server-url>localhost:9680/auth</auth-server-url>
<public-client>true</public-client>
<ssl-required>EXTERNAL</ssl-required>
<resource>Test</resource>
</secure-deployment>
</subsystem>
</pre>
<p>Please note that we have to replace <code>WAR</code> name with the actual application <code>WAR</code> name. This will secure the application using the <em>adapter subsystem</em> as opposed to securing it through <code>web.xml</code> file inside each application <code>WAR</code>.</p>
<p>Please also note that we need to either change <code>standalone-ha.xml</code> or <code>domain.xml</code> depending on our operating mode.</p>
<p>To find detail information about how to secure application using <em>“Per WAR Keycloak configuration”</em>, please refer to the guideline <a href="https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-beta/paged/securing-applications-and-services-guide/chapter-2-openid-connect">here</a>
<h4>Per WAR Keycloak vs Adapter Subsystem configuration</h4>
<p>With Red Hat <em>Single Sign-On</em>, there are two ways to secure application.</p>
<ul>
<li>Per WAR Keycloak configuration</li>
<li>Adapter Subsystem configuration</li>
</ul>
<p><em>“Per WAR Keycloak configuration”</em> requires adding config and editing files for each <code>WAR</code> separately. However, with the <em>“Adapter Subsystem Configuration”</em>, the changes need to be done only in <code>standalone.xml</code> file (or <code>domain.xml</code>).</p>
<p>To secure multiple application <code>wars</code> with Red Hat <em>Single Sign-On</em>, all the changes need to be performed in <code>standalone.xml</code> (or <code>domain.xml</code>) file. In the scenario where we want to <em>automate</em> the <em>deployment process</em> to different host environments, the <em>“Adapter Subsystem configuration”</em> provides better flexibility compared to <em>“Per WAR Keycloak configuration”</em> method as it is easy to configure environment variables in <code>standalone.xml</code> (or <code>domain.xml</code>) compared to each application <code>WAR</code>. Moreover, the <code>standalone.xml</code> (or <code>domain.xml</code>) is generally already configured to support different environments (System Test, UAT, Performance Test etc) and therefore, we may not need to perform any extra effort to accomplish this.</p>
<h3>Single Sign-On and Continuous Integration</h3>
<p>In this section, we will discuss the life cycle and explain how to enable the <em>continuous integration</em> or <em>continuous delivery</em> process with <em>Single Sign-On</em>.</p>
<h4>Installation, Deployment, Configuration and Management</h4>
<p>With Red Hat <em>Single Sign-On</em>, we can use any automation tool to enable <em>CI</em>/<em>CD</em> process. For example, I have used <em>GoCD</em> as <em>Continuous Integration</em> and <em>continuous delivery</em> process.</p>
<p>Figure below also explains the general <em>continuous integration</em> flow which can be implemented for any <em>CI</em> or <em>CD</em> tool like <em>Jenkins</em>, <em>TeamCity</em> or <em>Hudson</em> etc. In addition, we can also use <em>deployment management tools</em> like <em>Ansible</em> to automate the servers installation and infrastructure. However, this is not mandatory for <em>CI</em> process as installation or building infrastructure can be a onetime process.</p>
<p>Please note that the step 1, 2 and 3 in figure below either be done in Parallel or can follow any order.</p>
<a href="https://1.bp.blogspot.com/-K2t9r3X5C14/WJc-ywuGuCI/AAAAAAAABBo/3mTBYcM6qDAcIvTj6yKZqxZT9d5ThlOlgCLcB/s1600/SSO-Continuous-Integration-delivery-Installation-Deployment-Configuration-Management-Process.jpg" imageanchor="1" ><img border="0" src="https://1.bp.blogspot.com/-K2t9r3X5C14/WJc-ywuGuCI/AAAAAAAABBo/3mTBYcM6qDAcIvTj6yKZqxZT9d5ThlOlgCLcB/s400/SSO-Continuous-Integration-delivery-Installation-Deployment-Configuration-Management-Process.jpg" width="450" height="400" alt="SSO Continuous Integration and Continuous Delivery with Installation, Deployment, Configuration and Management Process" title="SSO Continuous Integration and Continuous Delivery with Installation, Deployment, Configuration and Management Process"/></a>
<p>Step 1 is very basic in any <em>CI</em> process which builds the development projects and generates the required artifacts in order to deploy in Application Servers.</p>
<p>Step 2 simply installs the client adapter on <em>EAP</em>, <em>BPM Suite</em> and <em>Fuse</em>.</p>
<p>Step 3 explains the life cycle process including installation, administration and management of Red Hat <em>Single Sign-On server</em>.</p>
<p>We start with installing Red Hat <em>Single Sign-On</em> server. After installing server successfully, we perform some administration works. This includes configuring a <em>Master Realm</em> as well as creating an admin user. We also create application specific realm. Please note that we also use Master Realm for applications authentication, however, the good practice is that we should keep Master Realm for administration and management of other realms while application specific Realm for applications authentication.</p>
<p>Thereafter, we create and register client in Red Hat <em>Single Sign-On</em> server. To automate with <em>CI</em> process, I found <em>“Adapter Subsystem Configuration”</em> much better as this provides better flexibility to deploy on to different environment on the fly without changing any host URL or configuration manually. Therefore, after registering client, we also configure application using <em>“Adapter Subsystem configuration”</em> method to secure it with Red Hat <em>Single Sign-On</em> server.</p>
<p>Lastly, Step 4 deploys the apps in the respective application servers. Please note that if we are installing using <em>“Per WAR Keycloak configuration”</em> method, we may need to add keycloak.json in each application WAR artifact.</p>
<p>This is a general high-level request flow going across different application servers. This could easily be generalised for any kind and number of applications.</p>
<h3>Configuring LDAP and Active Directory for Single Sign-On</h3>
<p>Red Hat <em>Single Sign-On</em> supports <em>LDAP</em> and <em>Active Directory</em> users out of the box and supports integration with <em>LDAP</em> and <em>Active Directory</em> configuration for using external user databases. It works by importing the user on demand to its local database. We can always configure how to update the user information.</p>
<p>To configure with Red Hat <em>Single Sign-On</em>, click “User Federation” and then choose “Add Provider”. The below screen shots provide the detail options that is required to integrate with <em>LDAP</em>. Please use your <em>LDAP</em> configuration values and click “Sync all users” or “Sync changed users” to load/update the user information.</p>
<a href="https://4.bp.blogspot.com/-HrG7g_8Dxp8/WJLpZ7uxJFI/AAAAAAAAA_0/A68gNzKFJWEV5sQBI4kUt8Hai_Am32W3gCLcB/s1600/Configure-LDAP-Single%2BSign-On.png" imageanchor="1" ><img border="0" src="https://4.bp.blogspot.com/-HrG7g_8Dxp8/WJLpZ7uxJFI/AAAAAAAAA_0/A68gNzKFJWEV5sQBI4kUt8Hai_Am32W3gCLcB/s400/Configure-LDAP-Single%2BSign-On.png" width="400" height="190" alt="Single Sign On with LDAP and Active Directory integration configuration" title="Single Sign On with LDAP and Active Directory integration configuration"/></a>
<p>More information about this be found <a href="https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-beta/paged/server-administration-guide/chapter-14-user-storage-federation#ldap_mappers">here</a></p>
<p>By default, Red Hat <em>Single Sign-On</em> server import the <em>LDAP</em> users into the local database. To make sure that user information is up-to-date and sync with the <em>LDAP</em> server, we can use “Sync Setting” to configure synchronisation.</p>
<h3>Integrating Single Sign-On with JBoss BPM Suite</h3>
<p>We assume that <em>JBoss BPM Suite</em> is already installed and running. To configure <em>JBoss BPM Suite</em> with <em>Single Sign-On</em>, we will follow the steps below:</p>
<ul>
<li>Install the client adapter on top of <em>JBoss BPM Suite</em>. The client adapter can be installed in a similar way as explained in section <i>“Integrating Single Sign-On with JBoss EAP”</i>.</li>
<li><p>Next, we will modify the <code>standalone.xml</code> as example below,
<pre class="brush: java">
<subsystem xmlns="urn:jboss:domain:keycloak:1.1">
<secure-deployment name="business-central.war">
<realm>testrealm</realm>
<realm-public-key>ABC</realm-public-key>
<auth-server-url>localhost:9680/auth</auth-server-url>
<ssl-required>EXTERNAL</ssl-required>
<resource>kie</resource>
<credential name="secret">a7b4-35ea5d3dcc63</credential>
<principal-attribute>preferred_username</principal-attribute>
<enable-basic-auth>true</enable-basic-auth>
</secure-deployment>
<secure-deployment name="kie-server.war">
<realm>testrealm</realm>
<realm-public-key>ABC</realm-public-key>
<auth-server-url>localhost:9680/auth</auth-server-url>
<ssl-required>EXTERNAL</ssl-required>
<resource>kie-execution-server</resource>
<credential name="secret">bd57-fe1ae4781649</credential>
<principal-attribute>preferred_username</principal-attribute>
<enable-basic-auth>true</enable-basic-auth>
</secure-deployment>
</subsystem>
</pre></p>
<p>Please note that we need to replace realm, realm-public-key and secret credential values with our actual realm values.</p>
</li>
<li>The realm client for <em>Business Central</em> and <em>kie-server</em> in Red Hat <em>Single Sign-On</em> as shown in the figure below:
<a href="https://4.bp.blogspot.com/-WTSgBFrsJlw/WJLtq-QeoOI/AAAAAAAABAA/y7JPR4VHNzYNZS3_e8h65vBQNqcv_2lIACLcB/s1600/Realm-Client-for-Business-Central.png" imageanchor="1" ><img border="0" src="https://4.bp.blogspot.com/-WTSgBFrsJlw/WJLtq-QeoOI/AAAAAAAABAA/y7JPR4VHNzYNZS3_e8h65vBQNqcv_2lIACLcB/s400/Realm-Client-for-Business-Central.png" width="400" height="321" alt="RH-SSO realm client for Business Central" title="RH-SSO realm client for Business Central"/></a>
<p></p>
<a href="https://1.bp.blogspot.com/-6DPOYED6zCQ/WJLtuecgG3I/AAAAAAAABAE/_Fd4iQraNGY2HfqWDMKKI1Z9Zb7nomSkgCLcB/s1600/Realm-Client-for-Kie-Server.png" imageanchor="1" ><img border="0" src="https://1.bp.blogspot.com/-6DPOYED6zCQ/WJLtuecgG3I/AAAAAAAABAE/_Fd4iQraNGY2HfqWDMKKI1Z9Zb7nomSkgCLcB/s400/Realm-Client-for-Kie-Server.png" width="400" height="304" alt="RH-SSO realm client for Kie Server" title="RH-SSO realm client for Kie Server"/>/></a>
</li>
</ul>
<p>After performing the above changes, if we try to access <em>Business Central</em>, it should redirect to Red Hat <em>Single Sign-On</em> login screen. We can also secure the <em>business central</em> <em>remote engine services API</em> with Red Hat <em>Single Sign-On</em>. The detailed explanation can be referred <a href="https://access.redhat.com/documentation/en/red-hat-jboss-bpm-suite/6.4/single/administration-and-configuration-guide/">here</a></p>
<h3>Token Endpoints API</h3>
<p>To generate the new <em>token</em> with Red Hat <em>Single Sign-On</em> server, we use any of the following:</p>
<ul>
<li>Use the <code>curl</code> command to create a new <em>token</em> as below.
<blockquote>curl GET -d "client_id=frontend" -d "username=mali" -d "password=mystrongpassword" -d "grant_type=password" http://localhost:9680/auth/realms/TestRealm/protocol/openid-connect/token</blockquote>
</li>
<li>Use any <code>Rest</code> based tool to generate <code>token</code>. The screen shot below is from <code>POSTMAN</code></li>
<a href="https://3.bp.blogspot.com/-9bECt20rWDI/WJLyDk-6zjI/AAAAAAAABAU/f_v7eept-VcmZwkbNjPfYPEpb4Nr8afFACLcB/s1600/POSTMAN-Rest-based-tool-token-generation.png" imageanchor="1" ><img border="0" src="https://3.bp.blogspot.com/-9bECt20rWDI/WJLyDk-6zjI/AAAAAAAABAU/f_v7eept-VcmZwkbNjPfYPEpb4Nr8afFACLcB/s400/POSTMAN-Rest-based-tool-token-generation.png" width="400" height="236" alt="POSTMAN Rest based tool for token generation" title="POSTMAN Rest based tool for token generation"/></a>
</ul>
<p>Please refer to <a href="https://access.redhat.com/documentation/en/red-hat-single-sign-on/7.1-beta/single/getting-started-guide/#installing_the_client_adapter">API documentation</a> regarding API details.
<h3>Example Projects</h3>
There are some example projects available on GitHub which helps to quickly demonstrate the Red Hat <em>Single Sign-On</em> integration with <em>java</em> applications. These projects are available <a href="https://github.com/redhat-developer/redhat-sso-quickstarts">here</a>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-40038405944369567712016-09-04T03:30:00.003-07:002017-01-24T02:15:46.102-08:00Jboss AJP thread pool not released idle threads<div>
<p>In this blog post, I am going to explain the problem and the solution related to <em>AJP connector executor</em> <em>leaking</em> <code>threads</code>.</p>
<p>We may notice and <em>detect</em> that <code>AJP thread pool</code> with the <code>thread</code> counts will start increase continuously on <code>application servers</code> after upgrade patch with the latest <code>Jboss EAP</code> version. It looks like that the <em>idle</em> <code>threads</code> never <em>recycle</em> or <em>reclaim</em> even after keepalive-time. This behaviour will happen continuously even if the system will remain <em>idle</em> for a long period of time (without any user request). The application <em>leak connections</em> because it is not closing the <code>AJP</code> <em>connection</em> and returning them to the <code>pool</code>.</p>
<p>In the case of <code>unbounded-queue-thread-pool</code> <em>executor</em> configured and the default <code>maximum-connections</code> value being used, a new <code>thread</code> will create for every new request and will remain idle forever. As the number of <code>AJP</code> requests increase, the response from <code>Jboss EAP</code> may get slow eventually.</p>
<p>If we capture a <code>java</code> <code>thread dump</code> (kill -3 Java_ProcessID in Unix to generate thread dump) and check for the <code>AJP</code> <code>threads</code>, we can analyse that all <code>AJP</code> <code>thread</code> wait for requests and are hanging and holding on to the established keepalive connections.</p>
<pre class="brush: java"><i><b>"ajp-/XX.XX.XX.XX:9412-942" daemon prio=2 tid=xxxxx nid=XXX runnable [xxxxx]
java.lang.Thread.State: RUNNABLE
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:152)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at org.apache.coyote.ajp.AjpProcessor.read(AjpProcessor.java:1124)
at org.apache.coyote.ajp.AjpProcessor.readMessage(AjpProcessor.java:1206)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:438)
at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:420)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926)
at java.lang.Thread.run(Thread.java:745)</b></i>
</pre>
<p>The reason for this behaviour is that the <code>AJP thread-pool</code> <em>connections</em> by default have no <em>timeout</em> (default value of <b>"DEFAULT_CONNECTION_TIMEOUT"</b> is -1 for <code>AJP</code>, which means it never recycle) and therefore, the <em>thread connection</em> will persist permanently once established. The same behaviour detectable if we use <code>httpd/mod_cluster</code> in front of the <code>JBoss</code> which will invoke periodic pings to <code>JBoss</code> and fill its <em>connection pool</em>.</p>
<p>The solution is to add the following configuration in <code>standalone.xml</code> or <code>domain.xml</code> to limit the keepalive timeout value for <code>AJP</code>:</p>
<pre class="brush: java"><system-properties>>
<!-- default connection timeout is "-1" (means never timeout) -->
<property name="org.apache.coyote.ajp.DEFAULT_CONNECTION_TIMEOUT"
value="60000"/>
</system-properties>
</pre>
</div>
Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-8007716291857625602014-07-02T15:34:00.002-07:002016-10-03T14:36:17.874-07:00Google Gmail API<p><em>Google</em> introduces new <em>Gmail</em> <code>API</code> which enables <em>developers</em> to use <em>Gmail</em> features into <em>applications</em> and make it easier for others to integrate and use as Plug-in.</p>
<p>According to <em>Google</em>:
<blockquote>
The Gmail API gives you flexible, <code>RESTful</code> access to the user's inbox, with a natural interface to Threads, Messages, Labels, Drafts, and History.</blockquote>
The new <code>API</code> provides <em>RESTful</em> access to an <em>inbox</em> and supports CRUD operations on <em>email</em> <em>threads</em>, <em>messages</em>, <em>labels</em> etc.<br />
The <em>Gmail</em> <code>API</code> can be used for a variety of <em>applications</em> including the cases where full <em>inbox</em> access is not required and the <code>API</code> can be much quicker compared to <em>IMAP</em> to search for a particular <em>email</em>.</p>
<p>The <code>API</code> provides fine-grained control to <em>applications</em> opposite to <em>IMAP</em>, where developers are required to obtain permission to the whole of an <em>email</em> <em>inbox</em> and therefore, will be restricted to:
<ul>
<li>Read messages from Inbox</li>
<li>Send messages</li>
<li>Amend the labels affect to messages</li>
<li>Search for specific messages</li>
</ul>
</p>
More Reading:
<ul>
<li><a href="https://developers.google.com/gmail/api/">Gmail API</a></li>
<li><a href="https://developers.google.com/gmail/api/downloads">Gmail API Client Libraries</a></li>
</ul>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-35162620060017221192014-03-21T06:20:00.000-07:002018-04-05T00:14:22.485-07:00Interface Default Methods in Java 8<p><code>Java 8</code> introduces “<em>Default Method</em>” or (<em>Defender methods</em>) new feature, which allows a developer to add new methods to the <code>Interfaces</code> without breaking the existing implementation of these <code>Interface</code>. It provides flexibility to allow <code>Interface</code> define implementation which will use as <em>default</em> in the situation where a concrete <code>Class</code> fails to provide an implementation for that <code>method</code>.</p>
<p>Let consider small example to understand how it works:
<pre class="brush: java">public interface OldInterface {
public void existingMethod();
default public void newDefaultMethod() {
System.out.println("New default method"
+ " is added in interface");
}
}
</pre></p>
<p>The following Class will compile successfully in Java JDK 8:
<pre class="brush: java">public class OldInterfaceImpl implements OldInterface {
public void existingMethod() {
// existing implementation is here…
}
}
</pre></p>
<p>If we create an <code>instance</code> of OldInterfaceImpl:
<pre class="brush: java">OldInterfaceImpl obj = new OldInterfaceImpl ();
// print “New default method add in interface”
obj.newDefaultMethod();
</pre></p>
<h3>
<a href="" name="N992082">Why Default Method?</a></h3>
<p>Reengineering an existing <code>JDK</code> <code>framework</code> is always very complex. Modify one <code>Interface</code> in <code>JDK</code> <code>framework</code> breaks all <code>Classes</code> that <code>extends</code> the <code>Interface</code> which means that adding any new <code>method</code> could break millions of lines of <code>code</code>. Therefore, <em>default methods</em> have introduced as a mechanism to extending <code>Interfaces</code> in a backward <code>compatible</code> way.</p>
<p><em>Default methods</em> can be provided to an <em>Interface</em> without affecting implementing <code>Classes</code> as it includes an implementation. If each added <code>method</code> within <code>Interface</code> defined with implementation then no implementing <code>Class</code> is affected. An implementing <code>Class</code> can override the <em>default implementation</em> provided by the <code>Interface</code>.</p>
<p>For <em>Java 8</em>, the <code>JDK</code> <code>collections</code> have been extended and <code>forEach</code> <code>method</code> is added to the entire <code>collection</code> (which work in conjunction with <a href="https://docs.oracle.com/javase/tutorial/java/javaOO/lambdaexpressions.html" title="Lambda Expressions">lambdas</a>). With conventional way, the <code>code</code> looks like below:
<pre class="brush: java">public interface Iterable<T> {
public void forEach(Consumer<? super T> consumer);
}
</pre></p>
<p>Since this result each implementing Class with <code>compile</code> <code>errors,</code> as a result, a <em>default method</em> added with a required implementation in order that the existing implementation should not be changed.
The <a href="https://download.java.net/jdk8/docs/api/java/lang/Iterable.html" title="Interface Iterable">Iterable</a> <code>Interface</code> with the <em>Default method</em> is below:
<pre class="brush: java">public interface Iterable<T> {
public default void forEach(Consumer
<? super T> consumer) {
for (T t : this) {
consumer.accept(t);
}
}
}
</pre></p>
<p>The same mechanism has been used to add <a href="https://download.java.net/jdk8/docs/api/java/util/stream/Stream.html" title="Stream">Stream</a> in <code>JDK</code> <code>Interface</code> without breaking the implementing <code>Classes</code>.</p>
<h3>
<a href="" name="N992083">When to use Default Method over Abstract Classes</a></h3>
<h4>Abstract Classes versus Interfaces in Java 8</h4>
<p>After being introduced <em>Default Method</em>, the <code>Interfaces</code> and <code>abstract Classes</code> seems similar, however, they still different concept in <code>Java 8</code>. <code>Abstract Class</code> can define <code>constructor</code>. They are more structured and can have a state associated with them. While in contrast, <em>default method</em> can be implemented only in the terms of invoking other <code>Interface methods</code>, with no reference to a particular implementation's state. Hence, both use for different purposes and choosing between two really depends on the scenario context.</p>
<h3>
<a href="" name="N992084">Default Method and Multiple Inheritance Ambiguity Problems</a></h3>
<p>Since <code>java</code> <code>Class</code> can implement multiple <code>Interfaces</code> and each <code>Interface</code> can define <em>default method</em> with same <code>method signature</code>, therefore, the <code>inherited</code> <code>methods</code> can conflict with each other.</p>
<p>Consider below example:
<pre class="brush: java">public interface InterfaceA {
default void defaultMethod(){
System.out.println("Interface A default method");
}
}
public interface InterfaceB {
default void defaultMethod(){
System.out.println("Interface B default method");
}
}
public class Impl implements InterfaceA, InterfaceB {
}
</pre></p>
<p>The above <code>code</code> will fail to <code>compile</code> with the following <code>error</code>,
<span style="color: red;">java: class Impl inherits unrelated defaults for <em>defaultMethod()</em> from types InterfaceA and InterfaceB </span></p>
<p>In order to fix this <code>class</code>, we need to provide <em>default method</em> implementation:
<pre class="brush: java">public class Impl implements InterfaceA, InterfaceB {
public void defaultMethod(){
}
}
</pre></p>
<p>Further, if we want to invoke <em>default</em> implementation provided by any of <code>super</code> <code>Interface</code> rather than our own implementation, we can do so as follows:
<pre class="brush: java">public class Impl implements InterfaceA, InterfaceB {
public void defaultMethod(){
// existing code here.
InterfaceA.super.defaultMethod();
}
}
</pre>
We can choose any default implementation or both as part of our new method.</p>
<h3>
<a href="" name="N992081">Difference between Default Method and Regular Method</a></h3>
<p><em>Default Method</em> is different from the regular <em>method</em> in the sense that <em>default method</em> comes with <em>default modifier</em>. Additionally, <code>methods</code> in <code>Classes</code> can use and modify <code>method</code> <code>arguments</code> as well as the <code>fields</code> of their <code>Class</code> but <em>default method,</em> on the other hand, can only access its <code>arguments</code> as <code>Interfaces</code> do not have any state.</p>
<p>In summary, Default methods enable to add new functionality to existing Interfaces without breaking older implementation of these Interfaces.<br />
When we extend an interface that contains a default method, we can perform the following action:
<ul>
<li>Not override the <code>default method</code> and will inherit the default method.</li>
<li>Override the <code>default method</code> similar to other methods we have overridden <code>subclasses</code>.</li>
<li>Redeclare default method as <code>abstract</code>, which will force <code>subclasses</code> to override it.</li>
</ul></p>
<h3>
<a href="" name="N992124">References</a></h3>
<ul>
<li><a href="http://cr.openjdk.java.net/~briangoetz/lambda/Defender%20Methods%20v4.pdf" title="Interface evolution via virtual extension methods">Interface evolution via virtual extension methods</a></li>
<li><a href="https://www.oracle.com/technetwork/java/javase/8-whats-new-2157071.html" title="What's New in JDK 8">What's New in JDK 8</a></li>
</ul>
Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-26719369931605671712014-01-15T16:22:00.001-08:002016-10-03T14:58:16.751-07:00JBoss Deployment war error on startup - No content hash available<p>In this post, we are going to discuss the <code>deployment</code> problem that prevents <code>JBoss</code> <code>Server</code> to start properly.</p>
<h3><a href="" name="N12078">Error starting Java JBoss server (in domain mode)</a></h3>
<p>The <code>JBoss</code> <code>Server</code> logs, in this case, looks like below:
<blockquote>
10:16:57,337 INFO [org.jboss.modules] JBoss Modules version 1.1.3.GA-redhat-1<br />
10:16:57,498 INFO [org.jboss.msc] JBoss MSC version 1.0.2.GA-redhat-2<br />
<br />
10:16:57,686 INFO [org.jboss.as] JBAS015899: JBoss EAP 6.0.1.GA <br />
(AS 7.1.3.Final-redhat-4) starting<br />
<br />
10:16:58,310 INFO [org.jboss.as.server.deployment.scanner] JBAS015014: Re-attempting failed deployment abc.warploy<br />
<br />
10:16:58,340 INFO [org.jboss.as.server.deployment.scanner] JBAS015003: Found abc.war in deployment directory. To trigger deployment create a file called abc.war.dodeploy<br />
<br />
10:16:58,348 ERROR [org.jboss.as.controller.management-operation] JBAS014613: Operation ("add") failed - address: ([("deployment" => "abc-ABC.0.0.21.war")]) - failure description: "JBAS018717: <span style="color: red;">No deployment content with hash</span> <span style="color: red;">28c2ce34057a6bd5ebf2c28f9d114814faa66b8a is available in the deployment content</span> <span style="color: red;">repository for deployment 'abc-ABC.0.0.21.war'. </span><br />
<br />
<b>This is a fatal boot error. To correct the problem, either restart with the --admin-only</b> <b>switch set and use the CLI to install the missing content or remove it from the</b> <b>configuration, or remove the deployment from the xml configuraiton file and restart.</b>"<br />
<br />
10:16:58,351 ERROR [org.jboss.as.server.deployment.scanner] JBAS014654: Composite operation was rolled back<br />
<br />
10:16:58,351 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.<br />
<br />
10:16:58,358 INFO [org.jboss.as] JBAS015950: JBoss EAP 6.0.1.GA (AS 7.1.3.Final-redhat-4) stopped in 3ms</blockquote></p>
<p>This <code>error</code> also occurs when we delete directory <em>standalone\data..</em> and then try to <code>redeploy</code> the same application <code>war</code>. The <code>JBoss</code> <code>server</code> unable to delete entries defined in <code>standalone.xml</code> with the same <code>hash</code> for the <code>deployed</code> application.</p>
<p>The <code>standalone.xml</code> looks like below:
<pre class="brush: java"><deployments>
<deployment name="abc-ABC.0.0.21.war" runtime-name="abc-ABC.0.0.21.war">
<content sha1="28c2ce34057a6bd5ebf2c28f9d114814faa66b8a"/>
</deployment>
</deployments>
</pre></p>
<p>Removing the entries manually for the <code>application</code> having defined <code>hash</code> solved this problem and <code>JBoss</code> <code>server</code> will start successfully without error.</p>
Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-71274044702526571172012-07-08T11:15:00.002-07:002016-10-04T15:03:21.398-07:00Eclipse releases new Features and PluginsEclipse has recently announced the release of Eclipse Juno which brings new features such as Detecting resource leaks for both Java7 and Java6 etc.
<br />
<br />
<h3>
<a name="N12078"></a>Previous Plugins to Install</h3>
I firstly install all my plugins from previous eclipse version. The process is quite simple
<br />
<ul>
<li>import and install from existing installation</li>
<li>refer to old eclipse location</li>
<li>Eclipse will show the list of plugins available and then asked for installation</li>
<li>After accepting license, installation should complete smoothly.</li>
</ul>
<h3><a name="N12079"></a>New Features available</h3>
<ul>
<li><i>Java 7 coding support in an IDE</i>. Since Java 7 contains many new feature including dynamically-typed languages support and other small enhancements from Coin project, eclipse Java development tooling will include support for these features of Java 7. </li>
<li><i>Detecting resource leaks of Closeable/Autocloseable resources</i>. This feature is really cool and it also works with “old code”. The common IO and JDBC resources now implement the relevant interfaces and the warnings are good enough to be shown on these.
<br />
Resource leaks can be occurred in the following situations:
<br />
1. A resource opened but not closed
<br />
2. A resource may not closed on all control flows
<br />
3. A resource may not closed at a method exit point
<br />
4. In a Java 7 program a resource is closed but the code could still be improved by using a try-with-resources statement.
<br /><br />
</li>
<li>The new version include the global search bar that gives user quick access to almost any Eclipse feature.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-Ru4uzZwxzAU/T_nHUL_NK1I/AAAAAAAAAD4/fT9mOkh4PhY/s1600/Untitled.png" style="margin-left: 1em; margin-right: 1em;"><img height="214" src="https://1.bp.blogspot.com/-Ru4uzZwxzAU/T_nHUL_NK1I/AAAAAAAAAD4/fT9mOkh4PhY/s320/Untitled.png" width="320" alt="Glabal search bar" /></a></div>
</li>
<li><i>Code Recommenders</i> This is amazing feature that analyzes code of existing applications and extracts common patterns of how other developers have used. It helps deal with the complexity of large APIs using intelligent code completion attribute.
<br /><br />
More examples can be found from below links,
<br /><br />
<a href="http://eclipsesource.com/blogs/2012/06/26/code-recommenders-top-eclipse-juno-feature-2/" name="N12080">http://eclipsesource.com/blogs/2012/06/26/code-recommenders-top-eclipse-juno-feature-2/</a><br />
<a href="https://code-recommenders.blogspot.com/" name="N12081">https://code-recommenders.blogspot.com/</a><br /><br />
</li>
<li>The addition of integrated debugging of JVM-based domain specific languages in the Xtext development framework, The below link provide extensive examples regarding the mentioned feature,
<a href="http://eclipsesource.com/blogs/2012/06/25/xtext-xtend-top-eclipse-juno-feature-3/" name="N12082">http://eclipsesource.com/blogs/2012/06/25/xtext-xtend-top-eclipse-juno-feature-3/</a><br /><br />
</li>
<li><i>Eclipse for Mobile Developers</i> - now developers can use eclipse more easily with a variety of mobile SDKs, including the Google Android SDK
</li>
</ul>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-44735369947652061622012-04-21T13:18:00.000-07:002016-10-10T13:34:25.961-07:00Run Elastic MapReduce Hadoop Job Using Custom Jar - Amazon EMR Tutorial<p><em>Amazon Elastic MapReduce </em> (<em>EMR</em>) is a <code>web service</code> using which developers can easily and efficiently process enormous amounts of data. It uses a hosted <code>Hadoop</code> framework running on the <code>web-scale</code> infrastructure of <code>Amazon EC2</code> and <code>Amazon S3</code>.</p>
<p><code>Amazon EMR</code> removes most of the cumbersome details of <code>Hadoop</code>, while take care for provisioning of <code>Hadoop</code>, running the job flow, terminating the job flow, moving the data between <code>Amazon EC2</code> and <code>Amazon S3</code>, and optimising <code>Hadoop</code>.</p>
<p>In this tutorial, we will first going to develop <code>WordCount</code> <code>java</code> example using a <code>MapReduce</code> framework <code>Hadoop</code> and thereafter, we execute our program on <code>Amazon Elastic MapReduce</code>.</p>
<h3><a href="" name="N10283">Prerequisites</a></h3>
<p>You must have valid AWS account credentials. You should also have a general familiarity with using the <code>Eclipse</code> IDE before you begin. The reader can also use any other IDE of their choice.</p>
<h3><a href="" name="N10279">Step 1 – Develop Hadoop MapReduce WordCount Java Program</a></h3>
<p>In this section, we will first develop an <code>WordCount</code> application. A <code>WordCount</code> program will determine how many times different words appear in a set of files.
<ul>
<li>1. In <code>Eclipse</code> (or whatever the IDE you are using), create a simple <code>Java</code> project name "<em>WordCount</em>".</li>
<li>2. Create a <code>java</code> class name <code>Map</code> and <code>override</code> the <code>map</code> method as follow:
<pre class="brush: java">
public class Map extends Mapper<longwritable,
intwritable="" text,=""> {
private final static IntWritable one =
new IntWritable(1);
private Text word = new Text();
@Override
public void map(LongWritable key, Text value,
Context context)
throws IOException, InterruptedException {
String line = value.toString();
StringTokenizer tokenizer = new
StringTokenizer(line);
while (tokenizer.hasMoreTokens()) {
word.set(tokenizer.nextToken());
context.write(word, one);
}
}
}
</pre>
</li>
<li>3.Create a <code>java</code> class name <code>Reduce</code> and override the <code>reduce</code> method as below:
<pre class="brush: java">
public class Reduce extends Reducer<text,
intwritable,="" intwritable="" text,=""> {
@Override
protected void reduce(
Text key,
java.lang.Iterable<intwritable> values,
org.apache.hadoop.mapreduce.Reducer<text,
intwritable,="" intwritable="" text,="">.Context context)
throws IOException, InterruptedException {
int sum = 0;
for (IntWritable value : values) {
sum += value.get();
}
context.write(key, new IntWritable(sum));
}
}
</pre>
</li>
<li>4. Create a <code>java</code> class name <code>WordCount</code> and defined the main method as below:
<br />
<pre class="brush: java">
public static void main(String[] args)
throws Exception {
Configuration conf = new Configuration();
Job job = new Job(conf, "wordcount");
job.setJarByClass(WordCount.class);
job.setOutputKeyClass(Text.class);
job.setOutputValueClass(IntWritable.class);
job.setMapperClass(Map.class);
job.setReducerClass(Reduce.class);
job.setInputFormatClass(TextInputFormat.class);
job.setOutputFormatClass(TextOutputFormat.class);
FileInputFormat.addInputPath(job, new Path(args[0]));
FileOutputFormat.setOutputPath(job, new Path(args[1]));
job.waitForCompletion(true);
}
</pre>
</li>
<li>5. Export the <code>WordCount</code> program in a <code>jar</code> using <code>eclipse</code> and save it to some location on disk. Make sure that you have provided the <code>Main Class</code> (<code>WordCount.jar</code>) during extracting the <code>jar</code> file as shown below:</li></ul></p>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://2.bp.blogspot.com/-Alclf1SbpwM/T5Lwu6_WkbI/AAAAAAAAACs/1H4YERa2Oog/s1600/Untitled.png" style="margin-left: 1em; margin-right: 1em;"><img height="320" src="https://2.bp.blogspot.com/-Alclf1SbpwM/T5Lwu6_WkbI/AAAAAAAAACs/1H4YERa2Oog/s320/Untitled.png" width="278" alt="jar" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://4.bp.blogspot.com/-fVrwOGnklzk/T5ufvjbb6zI/AAAAAAAAAC0/pk8Q0vEZPgc/s1600/Cat+in+a+JAR.jpg" style="margin-left: 1em; margin-right: 1em;"><img height="212" src="https://4.bp.blogspot.com/-fVrwOGnklzk/T5ufvjbb6zI/AAAAAAAAAC0/pk8Q0vEZPgc/s320/Cat+in+a+JAR.jpg" width="320" alt="jar ready" /></a></div>
ur jar is ready!!<br />
<h3>
<a href="" name="N10380"></a>Step 2 – Upload the WordCount JAR and Input Files to Amazon S3</h3>
<p>Now we are going to upload the <code>WordCount</code> jar to Amazon S3.
First, visit the following URL:
<a href="https://console.aws.amazon.com/s3/home">https://console.aws.amazon.com/s3/home</a>
Next, click “Create Bucket”, give your bucket a name, and click the “Create” button. Select your new <code>S3 bucket</code> in the left-hand pane. Upload the <code>WordCount JAR</code> and sample input file for counting the words.</p>
<h3>
<a href="" name="N10481">Step 3 – Running an Amazon Elastic MapReduce Hadoop job</a></h3>
<h4>Running Hadoop WordCount example</h4>
<p>Now that the <code>JAR</code> is uploaded into <code>S3</code>, all we need to do is to create a new <code>Job flow</code>. let's execute the below steps.
(I encourage reader to check out the following link for details regarding each step,
<a href="https://docs.amazonwebservices.com/ElasticMapReduce/latest/DeveloperGuide/CLI_JobFlowUsingCustomJAR.html">How to Create a Job Flow Using a Custom JAR</a>
)
<ul>
<li>1. Sign in to the AWS Management Console and open the Amazon Elastic MapReduce console at <a href="https://console.aws.amazon.com/elasticmapreduce/">https://console.aws.amazon.com/elasticmapreduce/</a></li>
<li>2. Click Create New Job Flow.</li>
<li>3. In the DEFINE JOB FLOW page, enter the following details:
<br />
<br />
a. Job Flow Name = WordCountJob
<br />
b. Select Run your own application
<br />
c. Select Custom JAR in the drop-down list
<br />
d. Click Continue
<br />
<br />
</li>
<li>4. In the SPECIFY PARAMETERS page, enter values in the boxes using the following table as a guide, and then click Continue.
<br />
JAR Location = bucketName/jarFileLocation
<br />
JAR Arguments = <br />s3n://bucketName/inputFileLocation
<br />s3n://bucketName/outputpath
<br />
<br />
Please note that the output path must be unique each time we execute the job. The <code>Hadoop</code> always create a folder with the same name specify here.
</li>
</ul>
</p>
<p>After executing a job, just wait and monitor your job that runs through the <code>Hadoop</code> flow. You can also look for errors by using the <code>Debug</code> button. The job should be complete within 10 to 15 minutes (can also depend on the size of the input). After completing a job, You can view results in the <code>S3</code> Browser panel. You can also download the files from <code>S3</code> and can analyse the outcome of the job.</p>
<h3><a href="" name="N10582"></a>Amazon Elastic MapReduce Resources</h3>
<ul>
<li>Amazon Elastic MapReduce Documentation,<a href="https://aws.amazon.com/documentation/elasticmapreduce/">https://aws.amazon.com/documentation/elasticmapreduce/</a></li>
<li>Amazon Elastic MapReduce Getting Started Guide,<a href="https://aws.amazon.com/elasticmapreduce/">https://aws.amazon.com/elasticmapreduce/</a></li>
<li>Amazon Elastic MapReduce Developer Guide,<a href="https://docs.aws.amazon.com/ElasticMapReduce/latest/DeveloperGuide/emr-what-is-emr.html">https://docs.aws.amazon.com/ElasticMapReduce/latest/DeveloperGuide/emr-what-is-emr.html</a></li>
<li>Apache Hadoop,<a href="https://hadoop.apache.org/">https://hadoop.apache.org/</a></li>
</ul>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com9tag:blogger.com,1999:blog-3234207576654915154.post-87410893817253036502011-03-22T14:41:00.000-07:002016-10-08T11:24:48.535-07:00Free Open Source CRM and Helpdesk SoftwareLast week, I was surfing on web to search for an free <em>open source</em> <em>CRM</em> and <em>help desk</em> solution. This post will share the experience and recommend some free <em>open source</em> <em>CRM</em> and <em>Help Desk</em> solution.<br />
<br />
<em>Help desk</em> and <em>CRM</em> software's are always essential for any company to provide best customer support. This tools not only helps companies in increasing the customer satisfaction but also customer retention as well. In this post, we'll examine and recommend some free and open source <em>CRM</em> and <em>Help desk</em> solution. <br />
<br />
<h3>
<a href="" name="N66078">SugarCRM and vtiger</a></h3>
In my opinion, <em>vtiger</em> is the best option as free <em>CRM</em> and <em>helpdesk</em> software. It will work both as an <em>Help desk</em> and <em>CRM</em>. <br />
<br />
Comparing <em>SugarCRM</em> and <em>vtiger</em>, both are providing the following major functionalities,<br />
<br />
<table border="1" cellspacing="0" cellpadding="0" width="200"><tbody>
<tr>
<td ><strong>SugarCRM</strong></td>
<td>Marketing</td>
<td>Sales</td>
<td>Support</td>
<td>Activities</td>
<td>Collaboration</td>
<td>Reports</td>
</tr>
<tr>
<td><strong>Vtiger</strong></td>
<td>Marketing</td>
<td>Sales</td>
<td>Support</td>
<td>Quick Create</td>
<td>Tools</td>
<td>Analytics</td>
</tr>
</tbody>
</table>
<br />
There are many different sub actions defined within these categories which include Accounts, Contracts, Leads, Documents etc. Therefore, after getting some picture of <em>CRM</em>, the overall interface of <em>vtiger</em> seems to be good for me now.<br />
<br />
There are also many positive feedbacks available for <em>vtiger</em> on the web. You can find the links in 'more information' section.<br />
<br />
There is also community version available for <em>SugarCRM</em> [6] however, it does not contain reporting feature. We might able to add some plug-ins for that [5] but it might need to explore more regarding how much work would need for this.
<br/>
<br />
<h3>
<a href="" name="N66178">Kayako and SugarCRM</a></h3>
These are both awesome and renowned tools, however they are commercial and not free.Also for registered charities and open-source projects, <a href="https://www.kayako.com/products/fusion/">Kayako Fusion</a>, <a href="https://www.kayako.com/products/resolve/">Kayako Resolve</a> and <a href="https://www.kayako.com/products/live-chat-software/">Kayako Engage</a> licenses are available free of cost.<br />
<blockquote>
Kayako Download licenses for <em>Kayako Fusion</em>, <em>Kayako Resolve</em> and <em>Kayako Engage</em> are available free of charge to registered charities and open-source projects. Free, perpetual licenses with unlimited users and no strings attached. Finally; some viable, business-class, free <em>help desk</em> software!</blockquote>
<br/>
<h3>
<a href="" name="N66278">Other CRM and helpdesk option</a></h3>
Since <em>vtiger</em> will fulfill the requirement for both <em>help desk</em> and <em>CRM</em> feature, therefore you might not require any free separate <em>help desk</em> software. However, if you still would like to explore, I will highly recommend the below two tools.<br />
<br />
<ul>
<li>Trellis Desk, <a href="http://www.accord5.com/trellis">http://www.accord5.com/trellis</a></li>
<li>osTicket, <a href="https://osticket.com/">https://osticket.com/</a></li>
</ul>
<br />
Both software are available free and source code can also be downloadable. The source code is in PHP.<br />
<br />
I find <em>Trellis Desk</em> awesome as its interface is good and it also provide good functionalities for <em>help desk</em> management systems.<br />
<br />
Other tools include (not in PHP)<br />
<br />
<ul>
<li>RT: Request Tracker, <a href="https://www.bestpractical.com/rt/">https://www.bestpractical.com/rt/</a></li>
<li>CiviCRM, <a href="https://civicrm.org/">https://civicrm.org/</a></li>
<li>Liberum <em>Help Desk</em>, <a href="https://www.liberum.org/">https://www.liberum.org/</a></li>
</ul>
<h3>
<a href="" name="N66378">References and More Information</a></h3>
<ul>
<li>1. vtiger demo,<a href="https://demo.vtiger.com/">https://demo.vtiger.com/</a></li>
<li>2. vtiger download, <a href="https://www.vtiger.com/index.php?option=com_content&task=view&id=30&Itemid=57">https://www.vtiger.com/index.php?option=com_content&task=view&id=30&Itemid=57</a></li>
<li>3. Vtiger CRM 5.0.4 - Installation Manual for Windows<br />
<a href="https://wiki.vtiger.com/archives/index.php/Vtiger_CRM_5.0.4_-_Installation_Manual_for_Windows">https://wiki.vtiger.com/archives/index.php/Vtiger_CRM_5.0.4_-_Installation_Manual_for_Windows</a></li>
<li>4. SugarCRM VS Vtiger<br />
<a href="https://stackoverflow.com/questions/3271656/sugarcrm-or-vtiger">https://stackoverflow.com/questions/3271656/sugarcrm-or-vtiger</a><br />
<a href="http://ostatic.com/question/how-does-vtiger-stack-up-against-sugarcrm">http://ostatic.com/question/how-does-vtiger-stack-up-against-sugarcrm</a><br />
<a href="https://www.siteground.com/sugarcrm_vtiger.htm">https://www.siteground.com/sugarcrm_vtiger.htm</a></li>
<li>5. Sugar CRM reporting plugin, <a href="https://stackoverflow.com/questions/3271656/sugarcrm-or-vtiger">https://stackoverflow.com/questions/3271656/sugarcrm-or-vtiger</a></li>
<li>6. Sugar Editions comparison, <a href="https://www.sugarcrm.com/crm/products/editions.html">https://www.sugarcrm.com/crm/products/editions.html</a></li>
<li>7. osTicket download, <a href="http://osticket.com/editions">http://osticket.com/editions</a></li>
<li>8. osTicket forum, <a href="http://osticket.com/forums/">http://osticket.com/forums/</a></li>
<li>9. osTicket demo, <a href="http://www.ostickethacks.com/demo/demo_info.php">http://www.ostickethacks.com/demo/demo_info.php</a></li>
<li>10. Trellis Desk download, <a href="http://www.accord5.com/trellis/download">http://www.accord5.com/trellis/download</a></li>
<li>11. Trellis Desk demo, <a href="http://www.accord5.com/trellis/demo">http://www.accord5.com/trellis/demo</a></li>
<li>12. Trellis Desk forum, <a href="http://forums.accord5.com/">http://forums.accord5.com/</a></li>
<li>13. Trellis Desk Single Sign on Integration,<br />
<a href="http://forums.accord5.com/topic/link-user-table-to-cubecart-user-table?replies=3#post-4997">http://forums.accord5.com/link-user-table-to-cubecart-user-table</a></li>
<li>14. Kayako editions comparision, <a href="https://www.kayako.com/signup/">https://www.kayako.com/signup/</a></li>
<li>15. Kayako free for Charity organization, <a href="https://www.kayako.com/free-help-desk-software/">https://www.kayako.com/free-help-desk-software/ </a></li>
</ul>
Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com7tag:blogger.com,1999:blog-3234207576654915154.post-66358200796830507152010-10-18T11:49:00.000-07:002017-02-19T03:03:00.686-08:00Java Getter Setter: From Encapsulation to Object Oriented Design<h3><a name="N21999">Overriding Getters Setters vs. Public Fields</a></h3>
<blockquote><p>Why do we keep instance variables <code>private</code>? We don’t want other classes to depend on them. Moreover it gives the flexibility to change a variable’s type or implementation on a whim or an impulse. Why, then programmers automatically add or <code>override</code> <em>Getters</em> and <em>Setters</em> to their objects, exposing their <code>private</code> variables as if they were <code>public</code>?</p></blockquote>
<h3><a name="N11078"><span>Accessor methods</span></a></h3>
<p><code>Accessors</code> (also known as <em>Getters</em> and <em>Setters</em>) are methods that let you read and write the value of an instance variable of an object.</p>
<pre class="brush: java">
public class AccessorExample {
private String attribute;
public String getAttribute() {
return attribute;
}
public void setAttribute(String attribute) {
this.attribute = attribute;
}
}
</pre>
<h3><a name="N21079">Why Accessors?</a></h3>
<p>There are actually many good reasons to consider using <code>accessors</code> rather than directly exposing fields of a <code>class</code></p>
<p><em>Getter</em> and <code>Setter</code> make API more stable. Consider a field <code>public</code> in a <code>class</code> which is accessed by other <code>classes</code>. Later on, we want to add any extra logic while <em>getting</em> and <em>setting</em> the variable. This will impact the existing client that uses the <code>API</code>. Any changes to this <code>public</code> field will require changes to each <code>class</code> that refers it. On the contrary, with <code>accessor</code> methods, one can easily add some logic like cache some data or lazily initialization etc.</p>
<p><code>Accessor</code> method also allows us to fire a property changed event if the new value is different from the previous value.</p>
<p>Another advantage of using <code>setters</code> to set values is that we can use the method to preserve an <em>invariant</em> or perform some special processing when setting values.</p>
<p>All this will be seamless to the <code>class</code> that <em>gets</em> a value using the <em>accessor</em> method.</p>
<h3><a name="N10080"><span>Should I have Accessor Methods for all my fields?</span></a></h3>
<p>Fields can be declared public for <code>package-private</code> or <code>private nested class</code>. Exposing <em>fields</em> in these <code>classes</code> produces less visual clutter compare to <em>accessor-method</em> approach, both in the <code>class</code> definition and in the client code that uses it.</p>
<p>If a <code>class</code> is <code>package-private</code> or is a <code>private nested class</code>, there is nothing inherently wrong with exposing its data fields—assuming they do an adequate job of describing the abstraction provided by the class.</p>
<p>Such code is restricted to the <code>package</code> where the <code>class</code> is declared, while the client code is tied to <code>class</code> internal representation. We can change it without modifying any code outside that package. Moreover, in the case of a <code>private nested class</code>, the scope of the change is further restricted to the enclosing <code>class</code>.</p>
<p>Another example of a design that uses <code>public</code> fields is <em>JavaSpace</em> entry <code>objects</code>. Ken Arnold described the process they went through to decide to make those fields <code>public</code> instead of <code>private</code> with <em>gets</em> and <em>sets</em> methods <a href="http://www.artima.com/intv/sway2.html">here</a></p>
<p><blockquote>Now this sometimes makes people uncomfortable because they've been told not to have public fields; that public fields are bad. And often, people interpret those things religiously. But we're not a very religious bunch. Rules have reasons. And the reason for the private data rule doesn't apply in this particular case. It is a rare exception to the rule. I also tell people not to put public fields in their objects, but exceptions exist. This is an exception to the rule because it is simpler and safer to just say it is a field. We sat back and asked: Why is the rule thus? Does it apply? In this case, it doesn't.
</blockquote></p>
<h3><a name="N11079"><span>Private fields + Public accessors == encapsulation</span></a></h3>
<p>Consider the example below</p>
<pre class="brush: java">
public class A {
public int a;
}
</pre>
<p>Generally, this is considered bad coding practice as it violates <em>encapsulation</em>. The alternate approach is</p>
<pre class="brush: java">
public class A {
private int a;
public void setA(int a) {
this.a =a;
}
public int getA() {
return this.a;
}
}
</pre>
<p>It is argued that this will <em>encapsulate</em> the attribute. Now is this really an <em>encapsulation</em>?</p>
<p>The Fact is, <em>Getters</em> and <em>Setters</em> have nothing to do with <em>encapsulation</em>. Here the data isn't more hidden or <em>encapsulated</em> than it was in a <code>public</code> field. Other objects still have intimate knowledge of the internals of the <code>class</code>. Changes made to the <code>class</code> might ripple out and enforce changes in the dependent <code>classes</code>. <em>Getter</em> and <em>setter</em> in this way are generally breaking <em>encapsulation</em>. A truly <em>well-encapsulated</em> <code>class</code> has no <em>Setters</em> and preferably no <em>Getters</em> either. Rather than asking a <code>class</code> for some data and then compute something with it, the <code>class</code> should be responsible for computing something with its data and then return the result.</p>
<p>Consider an example below,</p>
<pre class="brush: java">
public class Screens {
private Map screens = new HashMap();
public Map getScreens() {
return screens;
}
public void setScreens(Map screens) {
this.screens = screens;
}
// remaining code here
}
</pre>
<p>If we need to get a particular screen, we do code like below,</p>
<pre class="brush: java">
Screen s = (Screen)screens.get(screenId);
</pre>
<p>There are things worth noticing here....</p>
<p>The client needs to get an <code>Object</code> from the <code>Map</code> and casting it to the right type. Moreover, the worst is that any client of the Map has the power to clear it which may not be the case we usually want.</p>
<p>Alternative implementation of the same logic is:</p>
<pre class="brush: java">
public class Screens {
private Map screens = new HashMap();
public Screen getById(String id) {
return (Screen) screens.get(id);
}
// remaining code here
}
</pre>
<p>Here the Map instance and the interface at the boundary (Map) are hidden.</p>
<h3><a name="N11080"><span>Getters and Setters are highly Overused</span></a></h3>
<p>Creating <em>private</em> fields and then using the IDE to automatically generate <em>Getters</em> and <em>Setters</em> for all these fields is almost as bad as using <code>public</code> fields.</p>
<p>One reason for the overuse is that in an IDE it’s just now a matter of few clicks to create these <em>accessors</em>. The completely meaningless <em>Getters</em> and <em>Setters</em> code is at times longer than the real logic in a <code>class</code> and you will read these functions many times even if you don't want to.</p>
<p>All fields should be kept <code>private</code>, but with <em>Setters</em> only when they make sense which makes object <code>Immutable</code>. Adding an unnecessary <em>Getters</em> reveals internal structure, which is an opportunity for increased <em>coupling</em>. To avoid this, every time before adding the <em>Accessors</em>, we should analyse if we can <em>encapsulate</em> the behaviour instead.</p>
<p>Let’s take another example,</p>
<pre class="brush: java">
public class Money {
private double amount;
public double getAmount() {
return amount;
}
public void setAmount(double amount) {
this.amount = amount;
}
//client
Money pocketMoney = new Money();
pocketMoney.setAmount(15d);
double amount = pocketMoney.getAmount(); // we know its double
pocketMoney.setAmount(amount + 10d);
}
</pre>
<p>With the above logic, later on, if we assume that double is not a right type to use and should use <code>BigDecimal</code> instead, then the existing client that uses this <code>class</code> also breaks.</p>
<p>Let’s restructure the above example,</p>
<pre class="brush: java">public class Money {
private BigDecimal amount;
public Money(String amount) {
this.amount = new BigDecimal(amount);
}
public void add(Money toAdd) {
amount = amount.add(toAdd.amount);
}
// client
Money balance1 = new Money("10.0");
Money balance2 = new Money("6.0");
balance1.add(balance2);
}
</pre>
<p>Now instead of asking for a value, the <code>class</code> has the responsibility to increase its own value. With this approach, the change request for any other datatype in future requires no change in the client code. Here not only the data is <em>encapsulated</em> but also the data which is stored or even the fact that it exists at all.</p>
<h3><a name="N11081"><span>Conclusions</span></a></h3>
<p>Use of <em>Accessors</em> to restrict direct access to field variable is preferred over the use of <code>public</code> fields, however, making <em>Getters</em> and <em>Setters</em> for each and every field is overkill. It also depends on the situation, though, sometimes you just want a dumb data object. Accessors should be added to the field where they're really required. A <code>class</code> should expose larger behaviour which happens to use its state, rather than a repository of state to be manipulated by other <code>classes</code>.</p>
<h3><a name="N11082"><span>More Reading</span></a></h3><a href="https://c2.com/cgi/wiki?TellDontAsk">
https://c2.com/cgi/wiki?TellDontAsk</a><br />
<br />
<a href="https://c2.com/cgi/wiki?AccessorsAreEvil">https://c2.com/cgi/wiki?AccessorsAreEvil</a><br />
<br />
<a href="https://www.oracle.com/technetwork/java/effectivejava-136174.html">Effective Java</a>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-3925988825600987172010-08-29T10:54:00.000-07:002016-10-04T15:14:10.263-07:00Java 7 Automatic Resource ManagementOne of the features in Java 7 is <a href="https://docs.google.com/Doc?id=ddv8ts74_0vnstdfdh">Automatic Resource Management</a>. The idea was presented by <a href="http://mail.openjdk.java.net/pipermail/coin-dev/2009-February/000011.html">Josh Bloch</a>. The IO resources in <code>Java</code> need to close manually like <code>FileInputStream</code>, <code>java.io.InputStream</code>, <code>OutputStream</code>, <code>Reader</code>, <code>Writer</code> etc. The idea with this proposal is that it should not be the responsibility of the developer for disposing out these resources much like automatic garbage collection concept.<br />
<br />
We usually write this kind of code for IO resources as below. <br />
<br />
<pre class="brush: java">FileInputStream input = null;
try {
input = new FileInputStream(configResource);
wfConfiguration = wfConfiguration.parseInputStream(input);
} catch (IOException ioe) {
throw new RuntimeException(ioe);
} finally {
if (input != null) {
try {
input.close();
} catch (IOException ioe2) {
throw new RuntimeException(ioe2);
}
}
}
</pre><br />
The same code can be written in Java 7 as<br />
<pre class="brush: java">FileInputStream input = null;
try (input = new FileInputStream(configResource)) {
wfConfiguration = wfConfiguration.parseInputStream(input);
} catch (IOException ioe) {
throw new RuntimeException(ioe);
}
</pre><br />
Hope you like the new syntax.<br />
<br />
<a href="https://blogs.oracle.com/darcy/entry/project_coin_updated_arm_spec">Project Coin: Updated ARM Spec<br />
</a>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com3tag:blogger.com,1999:blog-3234207576654915154.post-35687373541085226932010-07-23T04:04:00.000-07:002016-10-04T15:14:26.169-07:00Java pass by reference or pass by value?<h3>
<a href="" name="N30079">Does Java pass by reference or pass by value?</a></h3>
In <code>Java</code> everything is <code>passed by value</code>. Sometime this is confusing but the point to understand is that in <code>Java</code>, when we pass an <code>parameter</code> to the method, a copy of the <code>parameter</code> is made.<br />
<br />
If the <code>argument</code> is the <code>primitive</code> type, then a copy of the value of the <code>primitive</code> is passed. If the <code>argument</code> being passed is an <code>object reference</code>, then a copy of the value of the <code>reference</code> is passed. i.e., the object <code>reference</code> is <code>passed by value</code>.<br />
<br />
Consider the example below,<br />
<br />
<pre class="brush: java">public static void main(String[] args) {
A a = new A();
A b = new A();
a.attribute = 5;
b.attribute = 7;
System.out.println(a.attribute);
System.out.println(b.attribute);
changeAttribute(a,b);
System.out.println(a.attribute);
System.out.println(b.attribute);
}
public static void changeAttribute(A a, A b) {
a = b;
System.out.println(a.attribute);
}
</pre><br />
Since Java is <code>pass by value</code>, the caller still does not see the change, even after calling the method.<br />
<br />
In short, Java is <code>pass by value</code> for all data types. Non-primitive type variables are <code>references</code> to objects. They are not the <code>objects</code> themselves. Because variables are not the objects themselves, the <code>objects</code> never passed to a method; only a <code>reference</code> to the object is passed.<br />
<br />
<h3><a name="N33078"><span>More Readings<br />
</span></a></h3><ul><li><a href="https://www.coderanch.com/how-to/java/CallByReferenceVsCallByValue">Call By Reference Vs Call By Value </a></li>
<li><a href="https://stackoverflow.com/questions/40480/is-java-pass-by-reference">Is Java pass by reference?</a></li>
</ul>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com2tag:blogger.com,1999:blog-3234207576654915154.post-70525820182443633932010-06-26T00:54:00.000-07:002018-03-26T11:09:41.546-07:00Find java application bugs with findbugs<h3>Java Bugs with Static Analysis Tool findbugs Help Improve Software Code Quality</h3>
<p>This post is regarding the <em>static analysis tool</em> that finds real <em>bugs</em> in <code>Java</code> programs that help to <em>improve software code quality</em>. <em>Static analysis tools</em> can find real <em>defects</em> and issues in the code. We can effectively incorporate <em>static analysis</em> into our <em>software development process</em>.</p>
<h3><a name="M11078"></a>FindBugs - Static analysis Tool</h3>
<p><em>FindBugs</em> is an <code>open source</code> <em>static analysis tool</em> that analyzes <code>Java</code> <code>class</code> files, looking for <em>programming defects</em>. The analysis engine reports nearly 300 different <em>bug patterns</em>. Each <em>bug pattern</em> is grouped into a category example,
<ul>
<li>correctness</li>
<li>bad practice</li>
<li>performance</li>
<li>internationalization</li>
</ul>
and each report of a <em>bug pattern</em> is assigned a
<ul>
<li>priority</li>
<li>high</li>
<li>medium</li>
<li>low</li>
</ul>
</p>
<p>Let’s start with some of the selected <em>bug</em> categories with some examples.</p>
<h3><a name="M21078"></a>Correctness</h3>
<h4><a name="M31078"></a>Comparing incompatable types for equality</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
if ((!value.equals(null)) && (!value.equals(""))) {
Map spaces = (Map) vm.get(SpaceConstants.AVAILABLESPACEMAP);
}
</pre>
<p>One would expect that the condition would <code>true</code>, when value is not <code>null</code> and is not empty. However, <code>value.equals(null)</code> according to the <a href="https://java.sun.com/javase/6/docs/api/java/lang/Object.html#equals%28java.lang.Object%29">contract of the equals()</a> method, would always return <code>false</code>.</p>
<p>Consider the another similar example,</p>
<pre class="brush: java">
if ((bean.getNoteRate() != null) &&
!bean.getNoteRate().equals("") &&
(bean.getNoteRate() > 0)) {
item.setNoteRate(bean.getNoteRate());
}
</pre>
<p>We might expect that the condition would <code>true</code>, when noteRate is <code>not null</code>, not empty and is greater than 0. However, the condition would never be <code>true</code>.</p>
<p>The reason is that <code>bean.getNoteRate().equals("")</code> would always return <code>false</code> regardless of being <code>equal</code> value. </p>
<p>According to the <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Object.html#equals%28java.lang.Object%29">contract of equals()</a>, <code>objects</code> of different <code>classes</code> should always compare as unequal; therefore, according to the <a href="https://java.sun.com/javase/6/docs/api/java/lang/Object.html#equals%28java.lang.Object%29">contract defined by java.lang.Object.equals(Object)</a>, the result of this comparison will always be <code>false</code> at runtime.</p>
<h4><a name="M41078"></a>Null pointer dereference</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
if ((list == null) && (list.size() == 0)) {
return null;
}
</pre>
<p>This will lead to a <a href="https://java.sun.com/javase/6/docs/api/java/lang/NullPointerException.html">Null Pointer Exception </a>when the code is executed while <code>list</code> is <code>null</code>.</p>
<h4><a name="M51078"></a>Suspicious reference comparison</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
if (bean.getPaymentAmount() != null &&
bean.getPaymentAmount() != currBean.getPrincipalPaid()) {
// code to execute
}
</pre>
<p>This code compares two reference values (<code>Double</code> paymentAmount) using the <code>!= operator</code>, where the correct way to compare <code>instances</code> of this type is generally with the
<a href="https://java.sun.com/javase/6/docs/api/java/lang/Object.html#equals%28java.lang.Object%29">equals() method</a>. It is possible to create distinct <code>instances</code> that are <code>equal</code> but do not compare as <code>==</code> since they are different <code>objects</code>.</p>
<h4><a name="M61078"></a>Doomed test for equality to NaN</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
if ((newValue == Double.NaN) || (newValue < 0d)) {
// the code to execute
}
</pre>
<p>This code checks to see if a <code>floating point</code> value is equal to the special <strong>Not A Number</strong> value. However, because of the special semantics of <strong>NaN</strong>, no value is equal to <code>Nan</code>, including <strong>NaN</strong>. Thus, <code>x == Double.NaN</code> always evaluates to <code>false</code>. To check if a value contained in 'x' is the special <strong>Not A Number</strong> value, use <strong>Double.isNaN(x) </strong>(or <strong>Float.isNaN(x)</strong> if x is floating point precision). </p>
<p>Also see <a href="https://faq.javaranch.com/java/ScjpFaq#nanComparisons"><b>How can you compare NaN values?</b></a> <a name="nanComparisons"></a>.</p>
<h4><a name="M71078"></a>Method whose return value should not ignore</h4>
<p>string is <code>immutable object</code>. So ignoring the return value of the method would consider as bug.</p>
<pre class="brush: java">
String name = "Muhammad";
name.toUpper();
if (name.equals("MUHAMMAD"))
</pre>
<h3><a name="M81078"></a>Performance</h3>
<h4><a name="M91078"></a>Method invokes inefficient Boolean constructor;use Boolean.valueOf(...) instead</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
if ((record.getAmount() != null) &&
!record.getAmount().equals(new Boolean(bean.isCapitalizing()))) {
// code to execute
}
</pre>
<p>Creating new <code>instances</code> of <a href="https://java.sun.com/javase/6/docs/api/java/lang/Boolean.html"><code>java.lang.Boolean</code></a> wastes memory, since <code>Boolean</code> objects are <code>immutable</code> and there are only two useful values of this type. Use the <a href="https://java.sun.com/javase/6/docs/api/java/lang/Boolean.html#valueOf%28boolean%29"><code>Boolean.valueOf()</code> </a>method (or Java 1.5 autoboxing) to create <code>Boolean objects</code> instead.</p>
<h4><a name="M10078"></a>Inefficient use of keySet iterator instead of entrySet iterator</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
Iterator iter = balances.keySet().iterator();
while (iter.hasNext()) {
// code to execute
}
</pre>
<p>This method accesses the value of a <code>Map</code> entry, using a <code>key</code> that was retrieved from a
<a href="https://java.sun.com/javase/6/docs/api/java/util/Map.html#keySet%28%29"><code>keySet </code></a>iterator. It is more efficient to use an <code>iterator</code> on the <a href="https://java.sun.com/javase/6/docs/api/java/util/Map.html#entrySet%28%29"><code>entrySet </code></a>of the <code>map</code>, to avoid the <code>Map.get(key)</code> lookup.</p>
<h4><a name="M11178"></a>Method invokes inefficient Number constructor; use static valueOf instead</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
Integer number1 = new Integer(123);
Integer number2 = Integer.valueOf(123);
System.out.println("number1 = " + number1);
System.out.println("number2 = " + number2);
</pre>
<p>Using new <code>Integer(int)</code> is guaranteed to always result in a new object whereas <code>Integer.valueOf(int)</code> allows caching of values to be done by the <code>class library</code>, or JVM. Using of cached values avoids object allocation and the code will be faster.</p>
<p>Also see: <a href="https://faq.javaranch.com/java/JavaIntermediateFaq#integerAutoBoxing">Integer Auto Boxing</a></p>
<h4><a name="M99078"></a>Method concatenates strings using + in a loop</h4>
<pre class="brush: java">
for (int x = 0; x < exceptions.size(); x++) {
errorMessage += getStackTrace(
exceptions.get(x) + "\n");
}
</pre>
<p>In each <code>iteration</code>, the <code>String</code> is converted to a <code>StringBuffer/StringBuilder</code>, appended to, and converted back to a <code>String</code>. This can lead to a cost quadratic in the number of <code>iterations</code>, as the growing <code>string</code> is recopied in each <code>iteration</code>.</p>
<p>Better performance can be obtained by using a
<a href="https://java.sun.com/javase/6/docs/api/java/lang/StringBuilder.html">StringBuilder</a>explicitly.</p>
<h3><a name="M12078"></a>Dodgy</h3>
<p>Code that is confusing, anomalous, or written in a way that leads itself to errors. Examples include dead local stores, switch fall through, unconfirmed casts, and redundant <code>null</code> check of value known to be <code>null</code>.<br /></p>
<h4><a name="M13078"></a>instanceof will always return true</h4></p>
<p>The instanceof test will always return true (unless the value being tested is null)</p>
<pre class="brush: java">
NodeList nodeList = root.getElementsByTagName("node");
int nodeListLength = nodeList.getLength();
for (int i = 0; i < nodeListLength; i++) {
Node node = nodeList.item(i);
if (node instanceof Node &&
node.getParentNode() == root) {
//do code
}
}
</pre>
<h4><a name="M14078"></a>Test for floating point equality</h4>
<p>Consider the following code,</p>
<pre class="brush: java">
private double value = 0d;
if (value > diff) {
// code to excute
} else if (value == diff) {
// code to excute
}
</pre>
<p>The above code compares two <code>floating point</code> values for equality. Because floating point calculations may involve rounding, calculated <code>float</code> and <code>double</code> values may not be accurate. For values that must be precise, such as monetary values,
<a href="https://java.sun.com/javase/6/docs/api/java/math/BigDecimal.html">BigDecimal</a> would be more appropriate.</p>
<p>See <a href="https://java.sun.com/docs/books/jls/third_edition/html/typesValues.html#4.2.4">Floating-Point Operations</a><br /></p>
<p>Also see Effective Java 2nd Ed, <I>Item 48:Avoid float and double if exact answers are required</I></p>
<h4><a name="M15078"></a>Integral division result cast to double or float</h4>
<p>Consider the code,</p>
<pre class="brush: java">
int x = 2;
int y = 5;
// Wrong: yields result 0.0
double value1 = x / y;
</pre>
<p>This code casts the result of an integral division operation to <code>double</code> or <code>float</code>. Doing division on <code>integers</code> truncates the result to the <code>integer</code> value closest to zero. The fact that the result was cast to <code>double</code> suggests that this precision should have been retained. We should cast one or both of the operands to double before performing the division like</p>
<pre class="brush: java">
// Right: yields result 0.4
double value2 = x / (double) y;
</pre>
<h3><a name="M16078"></a>References:</h3>
<ul>
<li>Download the latest version of <a class="jive-link-external-small" href="https://findbugs.sourceforge.net/">FindBugs</a></li>
<li>Visit the <a class="jive-link-external-small" href="https://findbugs.blogspot.com/">blog</a></li>
<li>Using the <a class="jive-link-external-small" href="https://findbugs.sourceforge.net/manual/anttask.html">FindBugs Ant task</a></li>
<li>Using the <a class="jive-link-external-small" href="https://findbugs.sourceforge.net/manual/eclipse.html">FindBugs Eclipse plugin</a></li>
<li>Using the <a class="jive-link-external-small" href="http://pmd.sourceforge.net/rules/design.html">PMD</a></li>
<li>Visit the <a class="jive-link-external-small" href="https://findbugs.blogspot.com/">blog</a></li>
</ul>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-48100610608916628942010-05-13T23:16:00.000-07:002017-02-03T03:48:34.579-08:00Phantom References in JavaMemory management is done automatically in Java. The programmer doesn't need to worry about reference objects that have been released. One downside to this approach is that the programmer cannot know when a particular object will be collected. Moreover, the programmer has no control over memory management. However, the <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/package-summary.html">java.lang.ref</a> package defines classes that provide a limited degree of interaction with the garbage collector. The concrete classes <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/SoftReference.html">SoftReference</a>, <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/WeakReference.html">WeakReference</a> and <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/PhantomReference.html">PhantomReference</a> are subclasses of Reference that interact with the garbage collector in different ways. In this article we will discuss the functionality and behavior of the PhantomReference classes and see how it can be used.<br /><br /><span style="font-weight:bold;">Problem with Finalization</span><br /><br />To perform some postmortem cleanup on objects that garbage collector consider as unreachable, one can use finalization. This feature can be utilized to reclaim native resources associated with an object. However, finalizers have many problems associated.<br /><br />Firstly, we can’t foresee the call of <span style="font-style:italic;">finalize()</span>. Since the Garbage Collection is unpredictable, the calling of <span style="font-style:italic;">finalize()</span> cannot be predicted. There is no guarantee that the object will be garbage collected. The object might never become eligible for GC because it could be reachable through the entire lifetime of the JVM. It is also possible that no garbage collection actually runs from the time the object became eligible and before JVM stops.<br /><br />Secondly, Finalization can slowdown an application. Managing objects with a <span style="font-style:italic;">finalize()</span> method takes more resources from the JVM than normal objects.<br /><br />As per doc,<br /><br /><blockquote><p>You should also use finalization only when it is absolutely necessary. Finalization is a nondeterministic -- and sometimes unpredictable -- process. The less you rely on it, the smaller the impact it will have on the JVM and your application</p></blockquote><br />In Effective Java, 2nd ed., Joshua Bloch says,<br /><br /><blockquote><p>there is a severe performance penalty for using finalizers... So what should you do instead of writing a finalizer for a class whose objects encapsulate resources that require termination, such as files or threads? Just provide an explicit termination method, and require clients of the class to invoke this method on each instance when it is no longer needed.</p></blockquote><br />In short, <span style="font-style:italic;">Finalize()</span> isn't used often, and also there is no much reason to use it. If we have a class with methods like <span style="font-style:italic;">close()</span> or <span style="font-style:italic;">cleanup()</span> and that should be called once user done with the object then placing these methods call in <span style="font-style:italic;">finalize()</span> can be used as a safety measure, but not necessary.<br /><br /><span style="font-weight:bold;">Phantom Reference<br />phantom reachable, phantomly reachable</span><br /><br />An object is phantom reachable if it is neither strongly nor softly nor weakly reachable and has been finalized and there is a path from the roots to it that contains at least one phantom reference.<br /><br />The <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/PhantomReference.html">PhantomReference</a> constructor accepts two arguments:<br /><br /><span style="font-style:italic;">referent</span> - the object the new phantom reference will refer to<br /><span style="font-style:italic;">q</span> - the reference is registered with the given queue.<br /><br />The argument q represents the instance of the <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/ReferenceQueue.html">ReferenceQueue</a> class. If the garbage collector determines that the referent of a phantom reference is phantom reachable, then the PhantomReference will be added to this ReferenceQueue. You can then retrieve the PhantomReference by using the <span style="font-style:italic;">remove()</span> methods of the ReferenceQueue class.<br /><br />Consider the following example,<br /><pre class="brush: java"><br />ReferenceQueue q = new ReferenceQueue();<br />PhantomReference pr = new PhantomReference(object, referenceQueue);<br /><br />// Later on another point<br />Reference r = q.remove();<br /><br />// Now, clear up any thing you want<br /></pre><br /><span style="font-weight:bold;">PhantomReference, when to use?</span><br />Phantom Reference can be used in situations, where sometime using <span style="font-style:italic;">finalize()</span> is not sensible thing to do.This reference type differs from the other types defined in <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/package-summary.html">java.lang.ref</a> Package because it isn't meant to be used to access the object, but as a signal that the object has already been finalized, and the garbage collector is ready to reclaim its memory.<br /><br />As per API doc,<br /><blockquote><p>Phantom reference objects, which are enqueued after the collector determines that their referents may otherwise be reclaimed. Phantom references are most often used for scheduling pre-mortem cleanup actions in a more flexible way than is possible with the Java finalization mechanism.</p></blockquote><br />People usually attempt to use <span style="font-style:italic;">finalize()</span> method to perform postmortem cleanup on objects which usually not advisable. As mentioned earlier, Finalizers have an impact on the performance of the garbage collector since Objects with finalizers are slow to garbage collect.<br /><br />Phantom references are safe way to know an object has been removed from memory. For instance, consider an application that deals with large images. Suppose that we want to load a big image in to memory when large image is already in memory which is ready for garbage collected. In such case, we want to wait until the old image is collected before loading a new one. Here, the phantom reference is flexible and safely option to choose. The reference of the old image will be enqueued in the <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/ReferenceQueue.html">ReferenceQueue</a> once the old image object is finalized. After receiving that reference, we can load the new image in to memory.<br /><br />Similarly we can use Phantom References to implement a Connection Pool. We can easily gain control over the number of open connections, and can block until one becomes available.<br /><br /><span style="font-weight:bold;">Reference Objects and Garbage Collection</span><br /><br />Soft Reference can be garbage collected after there are no strong references to the referent. However, it typically retained until memory is low. All softly reachable objects will be reclaimed before an OutOfMemoryException is thrown. Therefore, it can be used to implement caches of objects that can be recreated if needed. <br /><br />Weak Reference can be garbage collected when there are no strong or soft references to the referent. However, unlike Soft Reference, they are garbage collected on a gc even when memory is abundant. They often can be used for “canonical mappings” where each object has a unique identifier (one-to-one), and in collections of “listeners”<br /><br />On the other hand, Phantom Reference, can be garbage collected once there are no strong, soft or weak references to the referent. When object is phantomly reachable, it means the object is already finalized but not yet reclaimed, so the GC enqueues it in a ReferenceQueue for post-finalization processing.<br /><br />As per Java Doc,<br /><blockquote><p> Unlike soft and weak references, phantom references are not automatically cleared by the garbage collector as they are enqueued. An object that is reachable via phantom references will remain so until all such references are cleared or themselves become unreachable.</p></blockquote><br />A PhantomReference is not automatically cleared when it is enqueued, so when we remove a PhantomReference from a ReferenceQueue, we must call its <span style="font-style:italic;">clear()</span> method or allow the PhantomReference object itself to be garbage-collected. <br /><br /><span style="font-weight:bold;">Summary</span><br /><br />In short, we should avoid <span style="font-style:italic;">finalize()</span> as much as possible. There is no guarantee if the <span style="font-style:italic;">finalize()</span> method will be called promptly following garbage collection, or even it will be called. If the finalize method runs for a long time, it can delay execution of finalize methods of other objects. Instead of relying on <span style="font-style:italic;">finalize()</span>, we can use reference types define in <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/package-summary.html">java.lang.ref</a> package.<br /><br />Beside <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/package-summary.html">java.lang.ref</a> package, Google collection library also provide some alternatives. For example, <a href="https://google-collections.googlecode.com/svn/trunk/javadoc/com/google/common/base/FinalizablePhantomReference.html">FinalizablePhantomReference</a> extends <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/PhantomReference.html">java.lang.ref.PhantomReference</a>, deals with processing the <a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/ReferenceQueue.html">ReferenceQueue</a> and call back a convenient method <span style="font-style:italic;">finalizeReferent()</span>. So if we want to do some cleanup operation when an object is claimed by the garbage collector (GC) then we just need to override the <span style="font-style:italic;">finalizeReferent()</span> method. <br /><br /><span style="font-weight:bold;">Resources</span><br /><br /><a href="https://www.artima.com/insidejvm/ed2/gcP.html">Garbage Collection</a><br /><a href="https://java.sun.com/javase/6/docs/api/java/lang/ref/PhantomReference.html">PhantomReference</a><br /><a href="https://docstore.mik.ua/orelly/java-ent/jnut/ch13_01.htm">The java.lang.ref Package (Java in a Nutshell)</a><br /><a href="https://weblogs.java.net/blog/enicholas/archive/2006/05/understanding_w.html">Understanding Weak References</a>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-16353557564959822262010-03-14T13:24:00.000-07:002016-10-04T15:20:06.212-07:00Playing with Java Executor - Tasks ExecutorService Parallel LoopIf the <code>iterations</code> of the <code>loop</code> are independent and we don’t need to wait for all <em>tasks</em> to complete before proceeding, we can use an
<a href="http://java.sun.com/javase/6/docs/api/java/util/concurrent/Executor.html">Executor </a>to transform a sequential loop into a parallel <em>tasks</em> <em>execution</em>.
<br />
<br />
<h3><a href="" name="N10078">Transform sequential loop into a parallel using ExecutorService and CompletionService</a></h3>
First consider an example which process all <em>task</em> using sequential <code>loop</code>.
<br />
<br />
<pre class="brush: java">
Public void SequentialLoop(List elements) {
for (Element e : elements)
process(e);
}</pre>
<br />
Let's modify our code and use an <code>ExecutorService</code> to execute <code>task</code> in parallel.
<br />
<pre class="brush: java">
public void processLoopInParallel(Executor exec, List elements) {
for (final Element e : elements)
exec.execute(new Runnable() {
public void run() { process(e); }
});
}</pre>
<br />The second <em>loop</em> will return more quickly, since all the <em>task</em> are <code>queued</code> to the <a href="https://java.sun.com/javase/6/docs/api/java/util/concurrent/Executor.html">Executor</a>, rather than waiting for each <em>tasks</em> to complete.
<br />
<br />If you want to submit a set of <em>tasks</em> and you want to retrieve the results as they become available, we can use <a href="https://java.sun.com/javase/6/docs/api/java/util/concurrent/CompletionService.html">CompletionService</a>
<br />
<br />
<pre class="brush: java">
void solve(Executor e, Collection<callable<result>> solvers)
throws InterruptedException, ExecutionException {
CompletionService<result> ecs
= new ExecutorCompletionService<result>(e);
for (Callable<result> s : solvers)
ecs.submit(s);
//retrieve completed task results and use them
int n = solvers.size();
for (int i = 0; i < n; ++i) {
Result r = ecs.take().get();
if (r != null)
use(r);
}
}</pre>
<br />The advantage of using <a href="https://java.sun.com/javase/6/docs/api/java/util/concurrent/CompletionService.html">CompletionService </a>is that it always returns the first completed <em>task</em> result. In this way, we can ensure that we are not waiting for <em>tasks</em> to complete while uncompleted <em>tasks</em> are running in the background.
<br />
<br />
If you want to submit a set of <em>tasks</em> and wait for them all to complete, you can use <a href="https://download.oracle.com/docs/cd/E17409_01/javase/6/docs/api/java/util/concurrent/ExecutorService.html">ExecutorService.invokeAll</a>
<br />Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-82215225384853526332010-03-07T11:09:00.000-08:002016-10-06T16:07:58.881-07:00XSLT Processing with Java JDK 1.6 and Xalan 2.7.1<p>This small post describes the process for upgrading <code>xalan</code>-<code>java</code> version to <em>2.7.1</em> to work compatible with <code>Java 1.6</code>.</p><p><code>Xalan</code>-<code>Java</code> is an <code>XSLT</code> processor for transforming <code>XML</code> documents into HTML, text, or other <code>XML</code> document types.<br /><br />The issues that needs to fix while upgrade <code>XSL</code> to work with <code>Java</code> <code>JDK</code> 1.6 and <code>Xalan</code> 2.7.1 will be discussed here and in this post we will look in to sample examples that help us to create <code>XSL</code>’s to work compatible with these new version.<br /> <br />Please note that the problems identified here work well with <code>Java</code> <code>JDK</code> 1.5. Therefore, these changes require only, if we want our <code>XSL</code> to parse successfully with <code>Java</code> <code>JDK</code> 1.6.</p>
<h3><a href="" name="N10078">xsl:import</a></h3>
<p>This element must appear as the first child node of <code>xsl:stylesheet</code> or <code>xsl:transform</code>. It should not appear in the end or middle of the <code>stylesheet</code>. Otherwise it throws <code>exception</code><br /><br /><em>“Error! xsl:import is not allowed in this position in the stylesheet!” </em></p>
<h3><a href="" name="N10079">xsl:template</a></h3>
<p><code>xsl:template</code> must either have name or match attribute. If the name attribute is omitted then there must be a match attribute. For example, the code
<pre class="brush: xml">
<xsl:template >
<xsl:text>
-- </xsl:text>
</xsl:template>
</pre>
<code>throw</code> <code>exceptions</code><br /><br /><em>“Fatal Error! java.lang.RuntimeException: ElemTemplateElement error: xsl:template requires either a name or a match attribute.”</em></p>
<br />
<br />
The below code will execute successfully.
<br />
<pre class="brush: xml">
<xsl:template name="main">
<xsl:text>
-- </xsl:text>
</xsl:template>
</pre><br />
<h3><a href="" name="N10080">xsl:value-of</a></h3>
xsl:value-of cannot be enclosed under xsl:text.<br /><br />For example, the code<br />
<pre class="brush: xml">
<xsl:text>
<xsl:value-of select="@name"/>
</xsl:text>
</pre><br />will throw exception<br /><br /><em>“Error! xsl:value-of is not allowed in this position in the stylesheet!”</em><br /><br />The code <xsl:value-of select="@name"/> can directly used to extract the value to output <code>stream</code>.<br /><br />
<h3><a href="" name="N10081">Use StringBuffer/StringBuilder in XSL</a></h3>
<code>XSL</code> Code such as
<br />
<pre class="brush: xml">
<xsl:variable name="allTableNames" select="java:java.lang.StringBuffer.new()" />
<xsl:variable name="void0" select="java:append($allTableNames, concat('', $toAppend))" />
</pre>
<br />
throw exception
<br />
<br />
<em>java.lang.IllegalArgumentException: argument type mismatch</em><br/><br/> and <em>java.lang.NullPointerException</em><br /><br />
The reason is that the <code>org.apache.xalan.extensions.MethodResolver</code> picks a method whose argument types are not converted properly. This was noticed in the new versions of <code>JVM</code> due to the order at which they return all methods available for a given class and the issue is still not resolved yet.
<br />
Further information can be refer to
<br />
<br />
<a href="https://issues.apache.org/jira/browse/XALANJ-2374">https://issues.apache.org/jira/browse/XALANJ-2374</a>
<br />
<a href="https://issues.apache.org/jira/browse/XALANJ-2315">https://issues.apache.org/jira/browse/XALANJ-2315</a>
<br />
<br />
I have replaced <code>StringBuilder</code> with Map to correctly transform the XSL.
<br />
<br />
<h3><a href="" name="N10082">XSL DTMNodeIterator</a></h3>
Consider the following XSL.
<br />
<pre class="brush: xml">
<xsl:variable name="temp_core_alias_value">
<xsl:choose>
<xsl:when test="'true'">
<xsl:text>, CASE WHEN </xsl:text><xsl:text>.
</xsl:text>
<xsl:text> IS NULL THEN </xsl:text>
</xsl:when>
<xsl:otherwise>
<xsl:text>,</xsl:text>
<xsl:text>.</xsl:text>
</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:variable name="temp_core_alias" select="java:put($processedMap,
$temp_core_alias_value, 'Test Value')"/>
<xsl:variable name="hasValue"
select="java:containsKey($processedMap, $temp_core_alias_value)"/>
<xsl:if test="$hasValue = 'true'">
<xsl:text>Value exist in Map = </xsl:text>
<xsl:value-of select="java:get($processedMap, $temp_core_alias_value)"/>
</xsl:if>
</xsl:variable>
</xsl:variable>
</pre>
At this point, we might expect <code>java:containsKey($processedMap,$temp_core_alias_value)</code> to return true and the output of the above as <em>“Value exist in Map = Test Value”</em> But when transform using <code>Xalan</code>-<code>Java</code> 2.7.1, the <code>Map</code> return <code>false</code> and therefore no output appear.
<br />
<br />
The reason is that the evaluating expression for the <em>temp_core_alias_value</em> variable would return
<br />
<a href="https://xml.apache.org/xalan-j/apidocs/org/apache/xml/dtm/ref/DTMNodeIterator.html">org.apache.xml.dtm.ref.DTMNodeIterator@e020c9</a> and therefore, the <code>contains</code> method of the <code>Map</code> would always return <code>false</code> regardless of the <code>key</code> present.
<br />
<br />
We can transform <code>DTMNodeIterator</code> to normal <code>String</code> form by concatenate an empty <code>string</code> with <em>temp_core_alias_value</em> variable like the following
<br />
<pre class="brush: xml">
<xsl:variable name="temp_core_alias_value" select="concat('', $temp_core_alias_value)" />
</pre>
<br />
Adding this line right before put in to the Map would result in the normal expected output.Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-88128438372089046722010-02-25T02:29:00.000-08:002017-02-02T16:24:32.487-08:00Java Remote Debugging with Eclipse<h3>How remote debugging an java application server using eclipse</h3>
Start <code>java</code> application and tell the <code>JVM</code> that it will be <em>debugged</em> <em>remotely</em>
<br />
For this, add the following options to the <code>JVM</code> arguments for <em>remote debugging</em>:
<br />
<br />
<blockquote><p>
<em>java -Xdebug -Xrunjdwp:transport=dt_socket,address=8998,server=y,suspend=n</em></p></blockquote>
<br />
And then just start <code>IDE's</code> <em>remote debugger</em> to <em>listening</em> on <strong>port 8998</strong>
<br />
<br />
<strong>transport=dt_socket</strong> tells that the <code>debugger</code> connections will be made through a <code>socket</code> while the <strong>address=8998</strong> parameter informs it that the <em>port number</em> will be <strong>8998</strong>. For <strong>suspend=y</strong> , the <code>JVM</code> starts in <em>suspended mode</em> and stays suspended until a <code>debugger</code> is <em>attached</em> to it.
<br />
<br />
<h3>
Configuring Eclipse to Debug a Remotely Running Application</h3>
<ul>
<li>Start Eclipse</li>
<li>Navigate to Run -> Debug Configurations</li>
<li>Create a new Remote Java Application configuration</li>
<li>Configure the remote application's details</li>
<li>click Apply</li>
</ul>
See Also
<br />
<a href="https://docs.oracle.com/javase/8/docs/technotes/guides/jpda/">JPDA</a>
<br />
<a href="https://docs.oracle.com/cd/E19253-01/817-6087/dgdebug.html">Debugging J2EE Applications</a>
<br />
<a href="https://www.ibm.com/developerworks/opensource/library/os-ecbug/">Debugging with the Eclipse Platform</a>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-67515736385676443062010-02-15T23:03:00.000-08:002016-10-04T15:24:35.296-07:00Ant 1.8 with Enhancements and Bug fixes<div class="jive-rendered-content"><p>Some key points include</p><p style="padding: 0px; min-height: 8pt; height: 8pt;"> </p><ul><li>Ant 1.8 has improved directory scanning performance and better symbolic link cycle handling</li><li>Brings enhancements and bug fixes to many tasks and types (a strong point for Ant) as well as some core changes.</li><li>With more than <a class="jive-link-external-small" href="https://issues.apache.org/bugzilla/buglist.cgi?query_format=advanced&bug_status=RESOLVED&bug_status=CLOSED&component=Build%20Process&component=Core&component=Core%20tasks&component=Documentation&component=Optional%20SCM%20tasks&component=Optional%20Tasks&component=Other&component=Wrapper%20scripts&resolution=FIXED&target_milestone=1.8.0&product=Ant">275 fixed Bugzilla issues</a>, Ant 1.8 flaunts some new performance improvements. A large directory scan, which would have taken 14 minutes in Ant 1.7.1, now takes as little as 22 seconds with Ant 1.8.</li><li>Ant 1.8 includes a handful of new elements including <extension-point>, a new top-level element that assists in writing reusable build files that are meant to be imported.Its name and dependency-list are similar to <target> and it can be used like a <target> from the command line or a dependency-list but in addition, the importing build file can add targets to the <extension-point>'s depends list.</extension-point></target></target></extension-point></li></ul><p style="padding: 0px; min-height: 8pt; height: 8pt;"> </p>Other additions include:<ul><li>New lexically scoped local properties.</li><li>An enhanced <import> that can import from any file or URL resource.</import></li><li>An easier mechanism for extending Ant's property expansion.</li><li>A new task called <em>include</em> that provides a preferred alternative to <import> when you don't want to override any targets.</import></li><li>Rewritten<em> if </em>and <em>unless</em> attributes that do what is expected when applied to a property expansion (i.e. if="${foo}" means "yes, do it" if ${foo} expands to true. In Ant 1.7.1 it would mean "no" unless a property named "true" existed). This adds "testing conditions" to property expansion as a new use-case.</li></ul><br />Ant 1.8 now requires at least Java 1.4 or later.<br /><br />Other References<br /><br /><p><a class="jive-link-external-small" href="https://ant.apache.org/bindownload.cgi">https://ant.apache.org/bindownload.cgi</a></p><p><a class="jive-link-external-small" href="https://apache.mirror.rbftpnetworks.com/ant/README.html">Release notes</a></p><p><a class="jive-link-external-small" href="https://dzone.com/articles/ant-18-scanning-leaves-171">https://dzone.com/articles/ant-18-scanning-leaves-171</a></p></div><input id="gwProxy" type="hidden"><!--Session data--><input onclick="jsCall();" id="jsProxy" type="hidden"><div id="refHTML"></div><input id="gwProxy" type="hidden"><!--Session data--><input onclick="jsCall();" id="jsProxy" type="hidden"><div id="refHTML"></div><input id="gwProxy" type="hidden"><!--Session data--><input onclick="jsCall();" id="jsProxy" type="hidden"><div id="refHTML"></div><input id="gwProxy" type="hidden"><!--Session data--><input onclick="jsCall();" id="jsProxy" type="hidden"><div id="refHTML"></div><input id="gwProxy" type="hidden"><!--Session data--><input onclick="jsCall();" id="jsProxy" type="hidden"><div id="refHTML"></div>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com0tag:blogger.com,1999:blog-3234207576654915154.post-23571918128198014972010-02-05T20:20:00.000-08:002019-06-22T14:43:54.374-07:00Java Hashing - Overriding hashcode and equals<h3>Why Overriding hashCode() and Equal() method contract?</h3>
Every <code>Java</code> <code>object</code> has two very important methods i.e. <code>hashCode()</code> and <code>equals()</code> method. These methods are designed to be overridden according to their specific general contract. This article describes why and how to override the <code>hashCode()</code> method that preserves the contract of HashCode. <br />
<br />
<h3>
<a href="" name="N10078">Contract For HashCode Method</a></h3>
The contract for hashCode says<br />
<blockquote>
“If two objects are equal, then calling hashCode() on both objects must return the same value”.</blockquote>
Now the question that will come into your mind is that; is it necessary that the above statement should always be true?<br />
<br />
Consider the fact that we have provided a correct implementation of an <code>equal</code> method for our <code>class</code>, then what would happen if we do not obey the above contract. <br />
To answer the above question, let us consider the two situations,<br />
<ol>
<li><code>Objects</code> that are equal but return different <code>hashCodes</code></li>
<li><code>Objects</code> that are not equal but return the same <code>hashCode</code></li>
</ol>
<em><b>Objects that are equal but return different hashCodes</b></em><br />
What would happen if the two objects are <code>equal</code> but return different <code>hashCodes</code>? Your code would run perfectly fine. You will never come in trouble unless and until you have not stored your object in a collection like <code>HashSet</code> or <code>HashMap</code>. But when you do that, you might get strange problems at runtime. <br />
To understand this better, you have to first understand how collection classes such as <code>HashMap</code> and <code>HashSet</code> work. These collections classes depend on the fact that the objects that you put as a key in them must obey the above contract. You will get strange and unpredictable results at runtime if you do not obey the contract and try to store them in a collection.<br />
<br />
Consider an example of <code>HashMap</code>. When you store the values in <code>HashMap</code>, the values are actually stored in a set of <em>buckets</em>. Each of those buckets has been assigned a number which is use to identify it. When you put a value in the <code>HashMap</code>, it stores the data in one of those buckets. Which bucket is used depends on the <code>hashCode</code> that will return by your object. Let’s say, if the <code>hashCode()</code> method returns <b>49</b> for an object, then it gets stored in the <em>bucket</em> <b>49</b> of the <code>HashMap</code>.<br />
Later when you try to check whether that collection contains an element or not by invoking the <b><code>Contains(element)</code></b> method, the <code>HashMap</code> first gets the <code>hashCode</code> of that “element “. Afterwards, it will look into the bucket that corresponds with the <code>hashCode</code>. If the bucket is empty, then it means we are done and it's return false which means the <code>HashMap</code> does not contain the element.<br />
If there are one or more objects in the bucket, then it will compare “element” with all other elements in that bucket using your defined <b><code>equal()</code></b> function.<br />
<br />
<em><b>Objects that are not equal but return the same hashCode</b></em><br />
The <code>hashCode</code> contract does not say anything about the above statement. Therefore different objects might return the same <code>hashCode</code> value, but collections like <code>HashMap</code> will work inefficiently if different objects return the same <code>hashCode</code> value.<br />
<br />
<h3>
<a href="" name="N10079">Why Buckets</a></h3>
The reason why bucket mechanism is used is its efficiency. You can imagine that if all the objects you put in the <code>HashMap</code> would be stored into one big list, then you have to compare your input with all the objects in the list when you want to check if a particular element is in the <code>Map</code>. With the use of buckets, you will now compare only the elements of the specific bucket and any bucket usually holds only a small portion of all the elements in the <code>HashMap</code>.<br />
<br />
<h3>
<a href="" name="N10080">Overriding hashCode Method</a></h3>
<h4>How to calculate hashCode?</h4>
Writing a good <code>hashCode()</code> method is always a tricky task for a new class.<br />
<br />
<em><b>Return Fixed Value </b></em><br />
You can implement your <code>hashCode()</code> method that always returns fix value, for example like this:<br />
<br />
<pre class="brush: java">//bad performance
@Override
public int hashCode() {
return 1;
}
</pre>
The above method satisfies all the requirements and is considered legal according to the <code>hash code</code> contract but it would not be very efficient. If this method is used, all objects will be stored in the same bucket i.e. bucket 1 and when you try to ensure whether the specific object is present in the collection, then it will always have to check the entire content of the collection. <br />
<br />
On the other hand, if you override the <code>hashCode()</code> method for your class and if the method breaks the contract then calling <code>contains()</code> method may return false for the element which is present in the <code>Collection</code> but in a different bucket.<br />
<br />
<em><b>Method From Effective Java </b></em><br />
Joshua Bloch in Effective Java provides good guidelines for generating a <code>hashCode()</code> value<br />
<ul>
<li>1. Store some constant nonzero value; say <b>17</b>, in an int variable called <b>result</b>.</li>
<li>2. For each significant field f in your object (each field taken into account by the <code>equals()</code>), do the following</li>
<li>a. Compute an int <code>hashCode</code> c for the field:</li>
<li>i. If the field is a <code>boolean</code>, compute <b>c = (f ? 1 : 0).</b></li>
<li>ii. If the field is a <code>byte</code>, <code>char</code>, <code>short</code>, or <code>int</code>, compute <b>c = (int) f</b>.</li>
<li>iii. If the field is a <code>long</code>, compute <b>c = (int) (f ^ (f >>> 32))</b>.</li>
<li>iv. If the field is a <code>float</code>, compute <b>c = Float.floatToIntBits(f)</b>.</li>
<li>v. If the field is a <code>double</code>,compute <b>long l = Double.doubleToLongBits(f)</b>,<br />
<b>c = (int)(l ^ (l >>> 32))</b></li>
<li>vi. If the field is an object reference then <code>equals( )</code> calls <code>equals( )</code> for this field. compute<br />
<b>c = f.hashCode() </b></li>
<li>vii. If the field is an <code>array</code>, treat it as if each element were a separate field.<br />
That is, compute a <code>hashCode</code> for each significant element by applying above rules to each<br />
element</li>
<li>b. Combine the <code>hashCode</code> c computed in step 2.a into result as follows:<b>result = 37 * result + c;</b></li>
<li>3. Return result.</li>
<li>4. Look at the resulting <code>hashCode()</code> and make sure that <code>equal</code> instances have equal hash codes.</li>
</ul>
Here is an example of a class that follows the above guidelines<br />
<br />
<pre class="brush: java">public class HashTest {
private String field1;
private short field2;
----
@Override
public int hashCode() {
int result = 17;
result = 37*result + field1.hashCode();
result = 37*result + (int)field2;
return result;
}
}
</pre>
You can see that a constant <b>37 </b>is chosen. The purpose of choosing a <em>prime number</em> is that it is a <em>prime number</em>. We can choose any other <em>prime number</em>. Using <em>prime number</em> the objects will be distributed better over the buckets. I encourage the user to explore the topic further by checking out other resources.<br />
<br />
<em><b>Using java.util.Objects.hash</b></em><br />
<code>java.util.Objects</code> class contains a utility method <code>hash(Object... values)</code> that can be used to calculate hash for sequence of objects. With this method, we can implement hashcode for our example HashTest class as follows:
<pre class="brush: java">public class HashTest {
private String field1;
private short field2;
----
@Override
public int hashCode() {
return java.util.Objects.hash(field1, field2);
}
}
</pre>
<em><b>Apache HashCodeBuilder </b></em><br />
Writing a good <code>hashCode()</code> method is not always easy. Since it can be difficult to implement <code>hashCode()</code> correctly, it would be helpful if we have some reusable implementations of these. <br />
<br />
The <b><em>Jakarta-Commons</em></b> <code>org.apache.commons.lang.builder</code> package is providing a class named <code>HashCodeBuilder</code> which is designed to help implement a <code>hashCode()</code> method. Usually, developers struggle hard with implementing a <code>hashCode()</code> method and this class aims to simplify the process.<br />
Here is how you would implement <code>hashCode</code> algorithm for our above class<br />
<br />
<pre class="brush: java">public class HashTest {
private String field1;
private short field2;
----
@Override
public int hashCode() {
return new HashCodeBuilder(83, 7)
.append(field1)
.append(field2)
.toHashCode();
}
}
</pre>
Note that the two numbers for the constructor are simply two different, non-zero, odd numbers - these numbers help to avoid collisions in the <code>hashCode</code> value across objects.<br />
<br />
If required, the superclass <code>hashCode()</code> can be added using <b><code>appendSuper(int)</code></b>.<br />
You can see how easy it is to override <code>HashCode()</code> using Apache <code>HashCodeBuilder</code>.<br />
<br />
<h3>
<a href="" name="N10081">Mutable Object As Collection Key</a></h3>
It is a general advice that you should use <code>immutable object</code> as a key in a Collection. <code>HashCode</code> work best when calculated from immutable data. If you use <code>Mutable object</code> as key and change the state of the object so that the <code>hashCode</code> changes, then the store object will be in the wrong bucket in the Collection <br />
<br />
The most important thing you should consider while implementing <code>hashCode()</code> is that regardless of when this method is called, it should produce the same value for a particular object every time when it is called. If you have a scenario like an object produces one <code>hashCode()</code> value when it is <b><code>put()</code></b> into a <code>HaspMap</code> and produces another value during a <b><code>get()</code></b>, in that case, you would not be able to retrieve that object. Therefore, if you <code>hashCode()</code> depends on mutable data in the object, then made changing those data will surely produce a different key by generating a different <code>hashCode()</code>.<br />
Look at the example below<br />
<pre class="brush: java">public class Employee {
private String name;
private int age;
public Employee() {
}
public Employee(String name, int age) {
this.name = name;
this.age = age;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public int getAge() {
return age;
}
public void setAge(int age) {
this.age = age;
}
@Override
public boolean equals(Object obj) {
//Remember: Some Java gurus recommend you avoid using instanceof
if (obj instanceof Employee) {
Employee emp = (Employee)obj;
return (emp.name == name && emp.age == age);
}
return false;
}
@Override
public int hashCode() {
return name.length() + age;
}
public static void main(String[] args) {
Employee e = new Employee("muhammad", 24);
Map<Object,Object> m = new HashMap<Object,Object>();
m.put(e, "Muhammad Ali Khojaye");
// getting output
System.out.println(m.get(e));
e.name = "abid";
// it fails to get System.out.println(m.get(e));
e.name = "amirrana";
// it fails again
System.out.println(m.get(new Employee("muhammad", 24)));
}
</pre>
So we can see in the above examples that how are we getting some unpredictable results after modifying the object state.<br />
<br />
<h3>
<a href="" name="N10082">Another Example of Mutable Field as Key</a></h3>
Let consider an another example below:<br />
<pre class="brush: java">public class HashTest {
private int mutableField;
private final int immutableField;
public HashTest(int mutableField, int immutableField) {
this.mutableField = mutableField;
this.immutableField = immutableField;
}
public void setMutableField(int mutableField) {
this.mutableField = mutableField;
}
@Override
public boolean equals(Object o) {
if(o instanceof HashTest) {
return (mutableField == ((HashTest)o).mutableField)
&& (immutableField == ((HashTest)o).immutableField);
}else {
return false;
}
}
@Override
public int hashCode() {
int result = 17;
result = 37 * result + this.mutableField;
result = 37 * result + this.immutableField;
return result;
}
public static void main(String[] args) {
Set<HashTest> set = new HashSet<HashTest>();
HashTest obj = new HashTest(6622458, 626304);
set.add(obj);
System.out.println(set.contains(obj));
obj.setMutableField(3867602);
System.out.println(set.contains(obj));
}
}
</pre>
After changing mutableField, the computed <code>hashCode</code> value is no longer pointing to the old bucket and the <code>contains()</code> returns false.<br />
We can tackle such situation using either of these methods<br />
<ul>
<li><code>Hashcode</code> is best when calculated from <code>immutable data</code>; therefore ensure that only <code>immutable</code> object would be used as key with Collections.</li>
<li>If you need <code>mutable</code> fields included in the <code>hashCode</code> method then you need to ensure that object state is not changing after they've been used as <code>Key</code> in a hash-based collection. If for any reason it changed, you can calculate and store the <code>hash value</code> when the object updates <code>mutable</code> field. To do this, you must first remove it from the <code>collection(set/map)</code> and then add it back to the <code>collection</code> after updating it.</li>
</ul>
<h3>
<a href="" name="N10088">Memory leaks with HashCode and Equal</a></h3>
It is possible that a memory leak can occur in the <code>Java</code> application if <code>equals()</code> and <code>hashcode()</code> are not implemented. Consider a small code example below in which <code>HashMap</code> keeping references active if <code>equals()</code> and <code>hashcode()</code> are not implemented. As a results the <code>HashMap</code> grows continuously by adding the same key repeatedly and finally throw an <code>OutOfMemoryError</code>
<pre class="brush: java">
/**
* Example demonstrating a Hashcode leak.
*/
public class HashcodeLeakExample {
private String id;
public HashcodeLeakExample(String id) {
this.id = id;
}
public static void main(String args[]) {
try {
Map<HashcodeLeakExample, String> map =
new HashMap<HashcodeLeakExample, String>();
while (true) {
map.put(new HashcodeLeakExample("id"), "any value");
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
</pre>
<h3>
<a href="" name="N10085">References and More Information</a></h3>
<ul>
<li><a href="https://www.oracle.com/technetwork/java/effectivejava-136174.html">Effective Java</a></li>
<li><a href="https://docs.oracle.com/javase/7/docs/api/java/lang/Object.html">Object Class</a></li>
<li><a href="https://commons.apache.org/proper/commons-lang/apidocs/org/apache/commons/lang3/builder/HashCodeBuilder.html" title="HashCodeBuilder API">HashCodeBuilder</a></li>
<li><a href="https://www.javaranch.com/">https://www.javaranch.com/</a></li>
</ul>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com29tag:blogger.com,1999:blog-3234207576654915154.post-90937812972424277862010-02-04T22:51:00.000-08:002017-02-20T00:01:00.721-08:00Are Java Marker Interfaces Dead?<p>In earlier versions of <em>Java</em>, <a href="https://en.wikipedia.org/wiki/Marker_interface_pattern">Marker Interfaces</a> were the only way to declare metadata about a <code>class</code>. With the advent of <a href="https://docs.oracle.com/javase/1.5.0/docs/guide/language/annotations.html">annotation</a> in <code>Java 5</code>, it is considered that <em>marker interfaces</em> have now no place. They can be completely replaced by <code>Annotations</code>, which allow for a very flexible <em>metadata</em> capability. Everything that can be done with <code>marker interfaces</code> can be done instead with <code>annotations</code>. In fact, it's now recommended that the <em>marker interface pattern</em> should not be used anymore. <code>Annotations</code> can have parameters of various kinds, and they're much more flexible. We can also see that the examples used in <code>Sun API’s</code> are rather old and that no new ones have been added since after introduce of <code>Annotation</code>. In this post, we will see whether <em>Marker Interfaces</em> can still be used for any reasons.
<h3>Purpose of Marker Interfaces in Java</h3>
<p>A <em>marker interface</em> is an <em>interface</em> with no <code>method</code> declarations. They just tell the <code>compiler</code> that the <code>objects</code> of the <code>classes</code> implementing the <code>interfaces</code> with no defined methods need to be treated differently. These <em>Marker interfaces</em> are used by other code to test for permission to do something.</p>
<h3>marker interfaces list in java</h3>
<p>Some well-known examples are
<ul>
<li><em>java.io.Serializable</em> - object implement it can be serialized using ObjectOutputStream.</li>
<li><em>java.lang.Clonable</em> - <code>objects</code> <code>clone</code> <code>method</code> may be called</li>
<li><em>java.util.RandomAccess</em>- support fast (generally constant time) random access</li>
</ul></p>
<p>They are also known as <em>tag interfaces</em> since they tag all the <code>derived classes</code> into a category based on their purpose</p>
<h3>Difference between Interface and Marker Interface</h3>
<p>Interface in general defines a contract. They represent a <code>public</code> commitment and when <code>implement</code> form a contract between the <code>class</code> and the outside world. On the other hand, an empty <code>interface</code> does not define any members, and as such, does not define a contract that can be implemented.</p><p>Normally, when a class implements an <code>interface</code>, it tells something about the instances of the <code>class</code>. It represent an <em>"is a"</em> relationship that exist in <code>inheritance</code>. For example, when a <code>class</code> implements <code>List</code>, then <code>object</code> <strong>is a</strong> List.</p><p>With <em>marker interfaces</em>, this <code>inheritance</code> mechanism usually does not obey. For example, if <code>class</code> implements the <em>marker interface</em> <em>Serializable</em>, then instead of saying that the <code>object</code> is a <code>Serializable</code>, we say that the <code>object</code> has a property i.e. it is <code>Serializable</code>.</p>
<h3>Should Avoid Marker Interfaces?</h3>
<p>One common problem occurs while using <em>marker interfaces</em> is that when a <code>class</code> implements them, each <code>subclasses inherit</code> them as well. Since you cannot <code>unimplemented</code> an <code>interface</code> in <code>Java</code>, therefore a <code>subclass</code> that does not want to treat differently will still be marked as <em>Marker</em>. For example, Foo implements <em>Serializable</em>, any <code>subclass</code> Bar etc does too as well.</p>
<p>Moreover, there are places in the <code>Sun API’s</code> where such <code>interfaces</code> have been used for messy and varying purposes. Consider <a href="https://docs.oracle.com/javase/6/docs/api/java/lang/Cloneable.html">Cloneable</a> <em>Marker Interface</em>. If the operation is not supported by an <code>object</code>, it can throw an exception when such operation is attempted, like <em>Collection.remove</em> does when the collection does not support the remove operation (eg, unmodifiable collection) but a <code>class</code> claiming to implement <em>Cloneable</em> and throwing <em>CloneNotSupportedException</em> from the <em>clone()</em> method wouldn't be a very friendly thing to do.</p>
<p>Many developers consider it as broken <code>interface</code>. Ken Arnold and Bill Venners also discussed it in <a href="https://www.artima.com/intv/issues3.html">Java Design Issues.</a> As Ken Arnold said,</p>
<blockquote><p>If I were to be God at this point, and many people are probably glad I am not, I would say <code>deprecate</code> <code>Cloneable</code> and have a <code>Copyable</code>, because <code>Cloneable</code> has problems. Besides the fact that it's misspelled, <code>Cloneable</code> doesn't contain the <code>clone</code> method. That means you can't test if something is an <code>instance</code> of <code>Cloneable</code>, cast it to <code>Cloneable</code>, and invoke <code>clone</code>. You have to use reflection again, which is awful. That is only one problem, but one I'd certainly solve.</p></blockquote>
<p>Oracle has also reported it as Bug which can refer at <a href="https://bugs.openjdk.java.net/browse/JDK-4098033">https://bugs.openjdk.java.net/browse/JDK-4098033</a></p>
<h3>Are Marker Interfaces end?</h3>
<h4>Appropriate Use of Marker Interfaces vs Annotation</h4>
<p>We usually hear that <em>Marker Interface</em> is now obsolete and it has no place. But, there are situations where they can be handy over using <em>annotations</em>.</p>
<p><code>Annotations</code> have to be checked at <code>runtime</code> using <code>reflection</code>. <code>Empty interfaces</code> can be checked at <code>compile-time</code> using the type system in the <code>compiler</code>. <code>Compile-time</code> checking can be one of the convincing reason to use such <code>interfaces</code>.</p>
<p>Consider the example below:
<pre class="brush: java">
@interface
HasTag {
}
@HasTag
public class ClasswithTag {
}
public void performAction(Object obj){
if (!obj.getClass().isAnnotationPresent(HasTag.class)) {
throw new IllegalArgumentException("cannot perform action...");
} else {
//do stuff as require
}
}
</pre></p>
<p>One problem with this approach is that the check for the custom attribute can occur only at runtime. Sometimes, it is very important that the check for the <em>marker</em> be done at <code>compile-time</code>. Let me refine the above example to use <em>Marker</em>.
<pre class="brush: java">
interface HasTag {
}
public class ClassWithTag implements HasTag {
}
public void performAction(HasTag ct){
//do stuff as require
}
</pre></p>
<p>Similarly, in the case of the <em>Serializable</em> <em>marker interface</em>, the <em>ObjectOutputStream.write(Object) </em>method would fail at runtime if its argument does not implement the <code>Interface</code> which would not be the case, if <code>ObjectOutputStream</code> had a <code>writeObject(Serializable)</code> method instead.</p>
<p>Marker Interfaces can also be well-integrated in <code>Javadoc</code> where one can promptly see who implements <em>marker interfaces</em> or not by just look it up and see the list of implementing <code>classes</code>.</p>
<p>Moreover, <i>Joshua</i> in <em>Effective Java</em> also recommends using <em>Marker interface</em> to define the type which can result in the very real benefit of <code>compile-time</code> type checking.</p>Muhammad Ali Khojaye - Java, Cloud and Big Datahttp://www.blogger.com/profile/00894488663979159734noreply@blogger.com1