tag:blogger.com,1999:blog-70342146781894370532024-03-13T02:41:01.745-07:00Learning Technologies and Everythinguyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.comBlogger18125tag:blogger.com,1999:blog-7034214678189437053.post-5747131858530942582018-04-04T23:22:00.002-07:002018-08-25T09:46:09.813-07:00Information Security Basis in Simple terms.<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="graf graf--p graf-after--h4" id="edf9" name="edf9" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 6px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;"><span style="color: rgba(0 , 0 , 0 , 0.83921568627451); font-family: , "georgia" , "cambria" , "times new roman" , "times" , serif; font-size: small; font-weight: 400; letter-spacing: normal;"><span style="letter-spacing: -0.063px;">Cross Post : </span></span><span style="color: #a00027; font-family: , "georgia" , "cambria" , "times new roman" , "times" , serif; font-size: small; font-weight: 400; letter-spacing: normal;"><span style="letter-spacing: -0.063px;">https://medium.com/@gokulraj/information-security-basis-in-simple-terms-81c2814730b2</span></span></span></div>
<div class="graf graf--p graf-after--h4" id="edf9" name="edf9" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 6px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;"><br /></span></div>
<div class="graf graf--p graf-after--h4" id="edf9" name="edf9" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 6px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">What is Data?</span></div>
<div class="graf graf--p graf-after--p" id="738a" name="738a" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
Data is collection of facts, numbers, text and etc.</div>
<div class="graf graf--p graf-after--p" id="7aa4" name="7aa4" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">What is information?</span></div>
<div class="graf graf--p graf-after--p" id="419a" name="419a" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
Data when arrange in a convenient form. Credit Card Number, password and so on.</div>
<div class="graf graf--p graf-after--p" id="bac5" name="bac5" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">Types of Data</span></div>
<iframe frameborder="0" marginheight="0" marginwidth="0" scrolling="no" src="//ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=uyirmei-21&language=en_IN&marketplace=amazon&region=IN&placement=B0787WZXDT&asins=B0787WZXDT&linkId=898a57f79d41a8c1f907d42dbc0f183a&show_border=true&link_opens_in_new_window=true" style="height: 240px; width: 120px;"></iframe>
<ul class="postList" style="background-color: white; color: rgba(0, 0, 0, 0.84); counter-reset: post 0; font-family: medium-content-sans-serif-font, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell, "Open Sans", "Helvetica Neue", sans-serif; font-size: 20px; list-style: none none; margin: 29px 0px 0px; padding: 0px;">
<li class="graf graf--li graf-after--p" id="6611" name="6611" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 14px; margin-left: 30px;">Public available data.</li>
<li class="graf graf--li graf-after--li" id="0905" name="0905" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 14px; margin-left: 30px;">Job Notice, Insurance Policy details.</li>
<li class="graf graf--li graf-after--li" id="6381" name="6381" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 14px; margin-left: 30px;">Confidential Data</li>
<li class="graf graf--li graf-after--li" id="0bc0" name="0bc0" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 14px; margin-left: 30px;">Organisational data, companies forecast data, Bank customer details.</li>
<li class="graf graf--li graf-after--li" id="111c" name="111c" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 14px; margin-left: 30px;">Restricted Data.</li>
<li class="graf graf--li graf-after--li" id="d605" name="d605" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 0px; margin-left: 30px;">Company System Design, PIN number, password, medical reports of a permission.</li>
</ul>
<div class="graf graf--p graf-after--li" id="736d" name="736d" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">What is Information Security?</span></div>
<div class="graf graf--p graf-after--p" id="303c" name="303c" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
Information Security is the means of defending Information or Data stored either physically or digitally.</div>
<div class="graf graf--p graf-after--p" id="f5ad" name="f5ad" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">Vulnerability</span></div>
<div class="graf graf--p graf-after--p" id="d5ef" name="d5ef" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
When Information is not guarded and available to everyone, this weakness is allows intruder or attacker to gain access the system and information. This is known as vulnerability.</div>
<div class="graf graf--p graf-after--p" id="b09a" name="b09a" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
In another terms it is flaw in the system.</div>
<div class="graf graf--p graf-after--p" id="901f" name="901f" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">Exploits</span></div>
<div class="graf graf--p graf-after--p" id="44a8" name="44a8" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
When the intruder uses a vulnerability to get sensitive data from system is known as exploits.</div>
<div class="graf graf--p graf-after--p" id="1c7a" name="1c7a" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">Threat</span></div>
<div class="graf graf--p graf-after--p" id="1f55" name="1f55" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
Threat is harm to a system and it has no control over it.</div>
<div class="graf graf--p graf-after--p" id="1121" name="1121" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
Threat can be <span class="markup--strong markup--p-strong" style="font-weight: 700;">intentional(man made threats), accidental or natural disaster.</span></div>
<div class="graf graf--p graf-after--p" id="08d3" name="08d3" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;">Reasons for Intentional threat or Attack</span></div>
<div class="graf graf--p graf-after--p" id="c486" name="c486" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;"><em class="markup--em markup--p-em" style="font-feature-settings: 'liga' 1, 'salt' 1;">Political</em></span></div>
<ul class="postList" style="background-color: white; color: rgba(0, 0, 0, 0.84); counter-reset: post 0; font-family: medium-content-sans-serif-font, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell, "Open Sans", "Helvetica Neue", sans-serif; font-size: 20px; list-style: none none; margin: 29px 0px 0px; padding: 0px;">
<li class="graf graf--li graf-after--p" id="4c23" name="4c23" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 0px; margin-left: 30px;">Destroying target system by posting wrong information. People doing this will call hacktivist. E.g. cybercrime.</li>
</ul>
<div class="graf graf--p graf-after--li" id="2670" name="2670" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;"><em class="markup--em markup--p-em" style="font-feature-settings: 'liga' 1, 'salt' 1;">Economical</em></span></div>
<ul class="postList" style="background-color: white; color: rgba(0, 0, 0, 0.84); counter-reset: post 0; font-family: medium-content-sans-serif-font, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell, "Open Sans", "Helvetica Neue", sans-serif; font-size: 20px; list-style: none none; margin: 29px 0px 0px; padding: 0px;">
<li class="graf graf--li graf-after--p" id="ab50" name="ab50" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 0px; margin-left: 30px;">Aim to earning money by stealing information or to make that information inaccessible. E.g. Ransomware.</li>
</ul>
<div class="graf graf--p graf-after--li" id="8c0b" name="8c0b" style="--baseline-multiplier: 0.17; background-color: white; color: rgba(0, 0, 0, 0.84); font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-top: 29px;">
<span class="markup--strong markup--p-strong" style="font-weight: 700;"><em class="markup--em markup--p-em" style="font-feature-settings: 'liga' 1, 'salt' 1;">Social-Culture</em></span></div>
<ul class="postList" style="background-color: white; color: rgba(0, 0, 0, 0.84); counter-reset: post 0; font-family: medium-content-sans-serif-font, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen, Ubuntu, Cantarell, "Open Sans", "Helvetica Neue", sans-serif; font-size: 20px; list-style: none none; margin: 29px 0px 0px; padding: 0px;">
<li class="graf graf--li graf-after--p graf--trailing" id="5b25" name="5b25" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 0px; margin-left: 30px;">Personal motivation to attack an individual.</li>
<li class="graf graf--li graf-after--p graf--trailing" id="5b25" name="5b25" style="--baseline-multiplier: 0.17; font-family: medium-content-serif-font, Georgia, Cambria, "Times New Roman", Times, serif; font-size: 21px; letter-spacing: -0.003em; line-height: 1.58; margin-bottom: 0px; margin-left: 30px;"><br /></li>
</ul>
<div>
<br /></div>
</div>
uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-953100542639872582016-12-15T08:48:00.000-08:002018-02-27T01:52:15.783-08:00Yahoo Data Breach<div dir="ltr" style="text-align: left;" trbidi="on"><div><span style="font-family: Verdana, sans-serif;"><br /></span></div><div><span style="font-family: Verdana, sans-serif;">Yahoo disclosed that data breach on their User Accounts. This data breach contains several users personal information. </span></div><div><span style="font-family: Verdana, sans-serif;"><br /></span></div><div><span style="font-family: Verdana, sans-serif;">Yahoo's Chief Information Security officer Bob Lard says</span></div><div><span style="font-family: Verdana, sans-serif;"><br /></span></div><blockquote class="tr_bq"><span style="background-color: white; color: #444444; font-size: 16px;"><span style="font-family: Verdana, sans-serif;">The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers. The investigation indicates that the stolen information did not include passwords in clear text, payment card data, or bank account information. Payment card data and bank account information are not stored in the system the company believes was affected</span></span></blockquote><span style="font-family: Verdana, sans-serif;"><br /></span><span style="font-family: Verdana, sans-serif;">The affected user should change their passwords and security question. </span><br /><span style="font-family: Verdana, sans-serif;"><br /></span><span style="font-family: Verdana, sans-serif;">More Details : <a href="https://yahoo.tumblr.com/post/154479236569/important-security-information-for-yahoo-users">https://yahoo.tumblr.com/post/154479236569/important-security-information-for-yahoo-users</a></span><br /><span style="font-family: Verdana, sans-serif;"><br /></span><span style="font-family: Verdana, sans-serif;"><br /></span></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-77770920972197004132016-12-14T20:44:00.000-08:002018-02-27T01:52:16.196-08:00Security Testing and/or Reviewing Techniques<div dir="ltr" style="text-align: left;" trbidi="on"><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Testing Techniques</strong></div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><br />The following techniques are used in security testing. No single technique can be covered most of the security issue. The balanced approach, that include several testing from manual to penetration will help to find most of the security issue.These techniques are suggested from OWSAP. We security team following balanced approach for security testing/reviewing.</div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Manual Inspections & Reviews</li><li>Threat Modeling</li><li>Code Review</li><li>Penetration Testing</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Manual Inspections & Reviews<br /></strong></div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;">The concept of manual inspections and human reviews is simple and it is powerful and effective technique. By asking someone how something works and why it was implemented in a specific way, the tester can quickly determine if any security concerns are likely to be evident. Manual inspections and reviews are one of the few ways to test the software development life-cycle process itself and to ensure that there is an adequate policy or skill set in place. Manual reviews helps to understand the security process. </div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><br />Advantages</em></strong> </div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Requires no supporting technology </li><li>Can be applied to a variety of situations </li><li>Flexible </li><li>Promotes teamwork </li><li>Early in the SDLC</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Disadvantages</em></strong> </div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Can be time consuming </li><li>Supporting material not always available </li><li>Requires significant human thought and skill to be effective </li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Threat Modeling<br /></strong></div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;">Threat modeling is an approach for analyzing the security of an application. It is a structured approach to identify, quantify and address the security risks associated with an application. Modern threat modeling looks at a system from attacker's perspective.</div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;">The threat modeling process can be decomposed into few high level steps.</div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Decomposing the application – use a process of manual inspection to understand how the application works, its assets, functionality, and connectivity.</li><li>Defining and classifying the assets – classify the assets into tangible and intangible assets and rank them according to business importance.</li><li>Exploring potential vulnerabilities - whether technical, operational,or management.</li><li>Exploring potential threats – develop a realistic view of potential attack vectors from an attacker’s perspective, by using threat scenarios or attack trees.</li><li>Creating mitigation strategies – develop mitigating controls for each of the threats deemed to be realistic.</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Advantages</em></strong> </div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Practical attacker’s view of the system</li><li>Flexible</li><li>Early in the SDLC </li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Disadvantages</em></strong> </div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Relatively new technique</li><li>Good threat models don’t automatically mean good software</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><br />Source Code Review</strong></div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><br />Source code review is the process of manually checking the source code of a web application for security issues. Many serious security vulnerabilities cannot be detected with any other form of analysis or testing. As the popular saying goes “if you want to know what’s really going on, go straight to the source.” Almost all security experts agree that there is no substitute for actually looking at the code. All the information for identifying security problems is there in the code somewhere. Unlike testing third party closed software such as operating systems, when testing web applications especially if they have been developed in-house) the source code should be made available for testing purposes.</div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;">Examples of issues that are particularly conducive to being found through source code reviews include concurrency problems, flawed business logic, access control problems, and cryptographic weaknesses as well as backdoors, Trojans, Easter eggs, time bombs, logic bombs, and other forms of malicious code.</div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><br />Advantages</em></strong></div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Completeness and effectiveness</li><li>Accuracy</li><li>Fast (for competent reviewers)</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Disadvantages</em></strong></div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Requires highly skilled security developers</li><li>Can miss issues in compiled libraries</li><li>Cannot detect run-time errors easily</li><li>The source code actually deployed might differ from the one being analyzed</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Penetration Testing</em></strong></div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><br />Penetration testing is also know as black box testing or ethical hacking. In penetration testing we can find security vulnerabilities without knowing the inner working of application.<br />Penetration tester would have access to an application as if they were users. The tester act like an attacker and attempts to find vulnerabilities. Many people's primary testing technique is web application penetration testing.</div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><br />Advantages</em></strong></div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Can be fast (and therefore cheap)</li><li>Requires a relatively lower skill-set than source code review</li><li>Tests the code that is actually being exposed</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><strong style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><em style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Disadvantages</em></strong></div><ul style="background-color: white; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><li>Too late in the SDLC</li><li>Front impact testing only.</li></ul><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><br /></div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;">- Gokul</div><div style="background-color: white; clear: both; font-family: arial, verdana, Helvetica, sans-serif; font-size: 13px;"><br />P.S Some of contents are taken from OWSAP guide.</div></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-23039416732580945752014-04-22T19:00:00.000-07:002018-02-27T01:52:16.535-08:00Optimize a website few Points <div dir="ltr" style="text-align: left;" trbidi="on"><div class="ennote" style="-webkit-line-break: after-white-space; -webkit-nbsp-mode: space; word-wrap: break-word;"><div><ol><li><span style="font-family: "segoe ui";">Minimize/Reduce HTTP Request.</span></li><li><span style="font-family: "segoe ui";">Minify/Merge JS and CSS files to reduce file size to be downloaded. </span></li><li><span style="font-family: "segoe ui";">Use Content Delivery Network. </span></li><li><span style="font-family: "segoe ui";">Put <script> tags at the bottom of the HTML.</span></li><li><span style="font-family: "segoe ui";">put CSS link on top of the HTML.</span></li><li><span style="font-family: "segoe ui";">JavaScript and CSS should be external.</span></li><li><span style="font-family: "segoe ui";">Reduce DOM elements</span></li><li><span style="font-family: "segoe ui";">Enable gzip compression.</span></li><li><span style="font-family: "segoe ui";">Use SVG sprite instead of separate images for icons to reduce HTTP requests </span></li><li><span style="font-family: "segoe ui";">Remove unused scripts and CSS styles.</span></li></ol></div></div><table cellpadding="0" cellspacing="0" style="border-top: 1px solid #d3d3d3; margin-bottom: 16px; margin-top: 32px; padding-top: 16px; width: 100%px;"> <tbody><tr> <td style="color: #747474; font-family: Helvetica, Arial, sans-serif; font-size: 13px; line-height: 18px; text-align: left;">Evernote helps you remember everything and get organized effortlessly. <a href="https://www.evernote.com/getit?email_name=emailNote&email_guid=cdd6e506-1d84-49a3-bd3e-c2ed84bb3165&email_link=download_app" style="color: #5fb336; text-decoration: none;" target="_blank">Download Evernote</a>. </td> </tr></tbody></table></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-85886275216335497442014-01-27T20:11:00.000-08:002018-02-27T01:52:17.924-08:00IE 11<div dir="ltr" style="text-align: left;" trbidi="on"><div class="ennote" style="-webkit-line-break: after-white-space; -webkit-nbsp-mode: space; word-wrap: break-word;"><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span><span style="color: #2d4fc9; font-family: Segoe UI;">In HTML 5 era, our product also starts supports HTML 5. While start supporting HTML 5, few items, that doesn't work with IE 11. </span><br /><div><ol><li><span style="color: #2d4fc9; font-family: Segoe UI;">IE Detection. </span></li><li><span style="color: #2d4fc9; font-family: Segoe UI;">Plug-in Detection.</span></li></ol><div><span style="color: #2d4fc9; font-family: Segoe UI;"><b>IE Detection</b></span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;"><b><br /></b></span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;">In our code, we detect IE, by obtaining "MSIE" string from user-agent. In IE 11, this will not work. IE 11 has been removed the MSIE string, instead of it added the "rv" and "like Gecko" strings. Using with that we changed our code to detect IE 11.</span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;">Sample UA : </span><span style="color: #2d4fc9; font-family: Segoe UI;">"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; rv:11.0) like Gecko"</span><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></div><div><b><span style="color: #2d4fc9; font-family: Segoe UI;">Plug-in Detection</span></b></div></div><div><span style="color: #2d4fc9; font-family: Segoe UI;"><b><br /></b></span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;">We were using <b>window.ActiveXObject </b>property to detect the IE plug-in for our Mail Merge feature. But it no longer supports in IE 11. This causes the problem in Mail Merge. Problem is </span><span style="color: #2d4fc9; font-family: Segoe UI;"><b>window.</b></span><b style="color: #2d4fc9; font-family: 'Segoe UI';">ActiveXObject </b><span style="color: #2d4fc9; font-family: 'Segoe UI';">property </span><span style="color: #2d4fc9; font-family: Segoe UI;">is no longer supports in IE 11 but it still supports the <b>ActiveXObject</b>.</span></div><div><span style="color: #2d4fc9; font-family: 'Segoe UI';"><br /></span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;">Code Before</span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></div><blockquote style="border: none; margin: 0 0 0 40px; padding: 0px;"><span style="color: #2d4fc9; font-family: Segoe UI;">if (window.ActiveXObject){</span></blockquote><blockquote style="border: none; margin: 0 0 0 40px; padding: 0px;"><span style="color: #2d4fc9; font-family: Segoe UI;"> plugin = new ActiveXObject("pluginname")</span></blockquote><blockquote style="border: none; margin: 0 0 0 40px; padding: 0px;"><span style="color: #2d4fc9; font-family: Segoe UI;">}</span></blockquote><div><span style="color: #2d4fc9; font-family: 'Segoe UI';"><br /></span></div><div><span style="color: #2d4fc9; font-family: 'Segoe UI';">Code After</span></div><div><span style="color: #2d4fc9; font-family: 'Segoe UI';"><br /></span></div><blockquote style="border: none; margin: 0 0 0 40px; padding: 0px;"><span style="color: #2d4fc9; font-family: Segoe UI;">var plugin = navigator.plugins["pluginname"];</span></blockquote><blockquote style="border: none; margin: 0 0 0 40px; padding: 0px;"><span style="color: #2d4fc9; font-family: Segoe UI;">if(!plugin){</span></blockquote><blockquote style="border: none; margin: 0 0 0 40px; padding: 0px;"><span style="color: #2d4fc9; font-family: Segoe UI;"> plugin = new plugin("pluginname");</span></blockquote><blockquote style="border: none; margin: 0 0 0 40px; padding: 0px;"><span style="color: #2d4fc9; font-family: Segoe UI;">}</span></blockquote><div><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></div><div style="font-size: 11px;"><span style="color: #2d4fc9; font-family: Segoe UI;">Ref : </span><a href="http://msdn.microsoft.com/en-us/library/ie/bg182625(v=vs.85).aspx">http://msdn.microsoft.com/en-us/library/ie/bg182625(v=vs.85).aspx</a><br /><a href="http://blogs.msdn.com/b/ieinternals/archive/2013/09/21/internet-explorer-11-user-agent-string-ua-string-sniffing-compatibility-with-gecko-webkit.aspx">http://blogs.msdn.com/b/ieinternals/archive/2013/09/21/internet-explorer-11-user-agent-string-ua-string-sniffing-compatibility-with-gecko-webkit.aspx</a><br /><a href="http://msdn.microsoft.com/en-us/library/ie/dn423948(v=vs.85).aspx">http://msdn.microsoft.com/en-us/library/ie/dn423948(v=vs.85).aspx</a></div><div><br /></div><div><span style="color: #2d4fc9; font-family: 'Segoe UI';"><br /></span></div><div><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></div><div><b><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></b></div><div><b><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></b></div><div><b><span style="color: #2d4fc9; font-family: Segoe UI;"><br /></span></b></div><div><b><span style="font-family: Segoe UI;"><br /></span></b></div></div><table cellpadding="0" cellspacing="0" style="border-top: 1px solid #d3d3d3; margin-bottom: 16px; margin-top: 32px; padding-top: 16px; width: 100%px;"> <tbody><tr> <td style="color: #747474; font-family: Helvetica, Arial, sans-serif; font-size: 13px; line-height: 18px; text-align: left;">Evernote helps you remember everything and get organized effortlessly. <a href="https://www.evernote.com/getit?email_name=emailNote&email_guid=4c8bf16d-8035-4bf8-b5da-06e7d9e020a9&email_link=download_app" style="color: #5fb336; text-decoration: none;" target="_blank">Download Evernote</a>. </td> </tr></tbody></table></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-28791297392228632812013-07-19T02:43:00.000-07:002018-02-27T01:52:18.263-08:00Back to Traditional Software Installation from SaaS<div dir="ltr" style="text-align: left;" trbidi="on"><span style="color: blue; font-family: Verdana, sans-serif; font-size: xx-small;">cross posted from http://bygokul.blogspot.in</span><br /><br /><div class="article-header" style="display: table; font-size: 14px; margin: 0px; outline: none; padding: 0px; text-align: center; width: 750px;"><h2><span style="color: blue; font-family: Verdana, sans-serif;">Back to Traditional Software Installation from SaaS </span></h2></div><div class="article-content entry-content" itemprop="articleBody" style="clear: both; margin: 10px auto 5px; outline: none; padding: 0px; text-align: justify;"><div style="font-size: 14px; line-height: 1.4; text-align: left;"><span style="color: blue; font-size: 10pt; line-height: 1.4;"><span style="font-family: Verdana, sans-serif;">I am wondering the traditional Installation is back with use of Smart Phone.</span></span></div><span style="color: blue; font-family: Verdana, sans-serif;"><div style="text-align: left;"><span style="font-size: 14px; line-height: 19px;"><br /></span></div><div style="text-align: left;"><br /></div><span style="font-size: 10pt; line-height: 1.4;"><div style="text-align: left;"><span style="font-size: 10pt; line-height: 1.4;">In old days (not too much old), we used installable and it makes the hardest part to install the patch for a fix or install new version. When someone discovered the cloud computing, we got relief from the new installation and/or a patch fix.</span></div></span><div style="text-align: left;"><br /></div><div style="text-align: left;"><br /></div><span style="font-size: 10pt; line-height: 1.4;"><div style="text-align: left;"><span style="font-size: 10pt; line-height: 1.4;">Hmm, Now again, I have the same problem in a different way. Yes, it is from the smart phone. I am using smart phone very recently. I faced two main problems. </span></div></span><div style="text-align: left;"><br /></div><div style="text-align: left;"><br /></div><span style="font-size: 10pt; line-height: 1.4;"><div style="text-align: left;"><span style="font-size: 10pt; line-height: 1.4;">First, when I faced a touch problem on my phone, I did a factory reset. I knew that, I will lose all of my data and apps. But I had no choice. Anyhow, I have my backup for all apps and data. After fixing the touch problem. I reset it with the backup. But It took much time reset the apps and data. One of the apps didn't pick the data from the backup. I restored it from my cloud backup. But I lost a small amount offline data. That is not affected me, but I am worrying about the future. </span></div></span><div style="text-align: left;"><br /></div><div style="text-align: left;"><br /></div><span style="font-size: 10pt; line-height: 1.4;"><div style="text-align: left;"><span style="font-size: 10pt; line-height: 1.4;">Second, I got an issue with an app (I am really don't want to tell which app it was). When I contact the support for that app, they said, they will fix and update. So, now I am waiting for the update. It reminds me the traditional software.</span></div></span><div style="text-align: left;"><br /></div><div style="text-align: left;"><br /></div><span style="font-size: 10pt; line-height: 1.4;"><div style="text-align: left;"><span style="font-size: 10pt; line-height: 1.4;">But one advantage of a smart phone app update is, I am really no need to download and install it manually. It will automatically download and install the new version. I think I am back to the traditional installation with use of a smart phone.</span></div></span><div style="text-align: left;"><br /></div><div style="text-align: left;">-Gokul</div></span></div></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-73685461140570895332013-07-12T03:33:00.000-07:002018-02-27T01:52:18.600-08:00How to get complete exception trace as a String ?<div dir="ltr" style="text-align: left;" trbidi="on"><i style="background-color: white; color: #333333; font-family: Verdana, sans-serif; font-size: xx-small; line-height: 12px;"><span style="color: blue;">Cross posted from </span><a href="http://santoshsarmajv.blogspot.in/" style="-webkit-transition: color 0.3s; color: #009eb8; display: inline; font-family: 'Helvetica Neue Light', HelveticaNeue-Light, 'Helvetica Neue', Helvetica, Arial, sans-serif; outline: none; text-decoration: none; transition: color 0.3s;">http://santoshsarmajv.blogspot.in/</a></i><br /><br /><span style="color: blue; font-family: Verdana, sans-serif;">By using below method you can get complete exception stack trace as a String.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">public static String stackTraceToString(Throwable e) </span><br /><span style="color: blue; font-family: Verdana, sans-serif;">{</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> String retValue = null;</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> StringWriter sw = null;</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> PrintWriter pw = null;</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> try {</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> sw = new StringWriter();</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> pw = new PrintWriter(sw);</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> e.printStackTrace(pw);</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> retValue = sw.toString();</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> } </span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> finally </span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> {</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> try {</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> if(pw != null) { pw.close();}</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> if(sw != null) { sw.close();}</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> } </span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> catch (IOException ignore) {</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> ignore.printStackTrace();</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> }</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> }</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> return retValue+" \n ";</span><br /><span style="color: blue; font-family: Verdana, sans-serif;">}</span></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-42865125467118499252013-07-10T01:02:00.000-07:002018-02-27T01:52:18.938-08:00Version Unknown / Unhandled Exception Occurs in<div dir="ltr" style="text-align: left;" trbidi="on"><div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">It is an usual strange story with developers those who are working on windows application. The application will always work perfectly(in any situation) in my machine. But in a customer's/deployment machines, It will act strange.</span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">The above situation is not only with apps, also it will happen while working with Visual Studio(any version). If It will work properly in your machine, sure you may face some problems with build machine.</span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><br /></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">I am sure the following problem will face by VS developers.</span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">The problem was, a project is compiling without problem in my machine but not in a build machine. The error from the build machine was "An unhandled win32 exception occurred in regcap.exe[processid]".</span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">Figure 1 : Exception snap from Windows XP.</span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br />Figure 2 : Exception snap from Window 7.</span></div></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: center; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: center; widows: 2;"><div style="text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;">Figure 1</span></div></div><div class="separator" style="clear: both; text-align: center;"><a href="http://2.bp.blogspot.com/-cOWFhga0_a8/UdwGxg6Q0NI/AAAAAAAASn8/GB-75qxfbHQ/s1600/psot1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: blue; font-family: Verdana, sans-serif;"><img border="0" height="320" src="http://2.bp.blogspot.com/-cOWFhga0_a8/UdwGxg6Q0NI/AAAAAAAASn8/GB-75qxfbHQ/s320/psot1.png" width="297" /></span></a></div><div style="orphans: 2; text-align: center; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: center; widows: 2;"><div style="text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;">Figure 2</span></div></div><div class="separator" style="clear: both; text-align: center;"><a href="http://4.bp.blogspot.com/-RTjjnYRUQbQ/UdwGwxs4-7I/AAAAAAAASns/Pk-yY2uW0cU/s1600/2.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: blue; font-family: Verdana, sans-serif;"><img border="0" height="179" src="http://4.bp.blogspot.com/-RTjjnYRUQbQ/UdwGwxs4-7I/AAAAAAAASns/Pk-yY2uW0cU/s320/2.PNG" width="320" /></span></a></div><div class="separator" style="clear: both; text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">What I did wrong, I don't know. So Googled with search term An unhandled win32 exception occurred in regcap.exe[processid]. </span><span style="color: blue; font-family: Verdana, sans-serif;">The search results ask me to do 2 things.</span></div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">1. Disable to Just-In-Time Debugger. </span></div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">2. regcap.exe file is not compatible and make it compatible. </span></div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">I tried to disable JIT debugger and I got the same exception in a different dialog window(figure 3).</span></div></div><div style="font-family: Tahoma; orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;">Figure 3</span></div><div style="text-align: center;"><a href="http://1.bp.blogspot.com/-vVOAo4IF8bY/UdwGw4qm9nI/AAAAAAAASnk/NTSw5W8vPuM/s1600/post.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: blue; font-family: Verdana, sans-serif;"><img border="0" height="56" src="http://1.bp.blogspot.com/-vVOAo4IF8bY/UdwGw4qm9nI/AAAAAAAASnk/NTSw5W8vPuM/s320/post.png" width="320" /></span></a></div><div class="separator" style="clear: both; text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">OK, let's make regcap.exe file to compatible. And how to do that. </span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><span style="background-color: white; line-height: 18.15625px;">1. Right click on that file select Compatibility-->R</span><span style="background-color: white; line-height: 18px;">un as Administrator</span><span style="background-color: white; line-height: 18.15625px;"><br /></span><span style="background-color: white; line-height: 18.15625px;">2. </span><span style="background-color: white; line-height: 18px;">Right click on that file</span><span style="background-color: white; line-height: 18px;"> </span><span style="background-color: white; line-height: 18px;">select Compatibility-->Compatibility Mode--></span><span style="background-color: white; line-height: 18.15625px;">Windows Vista SP2 or Windows XP SP3.(Figure 4).</span></span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="background-color: white; line-height: 18.15625px;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">Anyway either steps are not worked.</span></div></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><span style="color: blue; font-family: Verdana, sans-serif;"><br />Figure 4<br /><a href="http://3.bp.blogspot.com/-u5_etaMpx88/UdwGw-0kmwI/AAAAAAAASno/8mxEjoBr_JQ/s1600/3.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="http://3.bp.blogspot.com/-u5_etaMpx88/UdwGw-0kmwI/AAAAAAAASno/8mxEjoBr_JQ/s320/3.PNG" width="261" /></a></span></div><span style="color: blue; font-family: Verdana, sans-serif;"><br /><br /></span><br /><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; text-align: -webkit-auto; widows: 2;"><div><div style="orphans: 2; widows: 2;"><div><span style="color: blue; font-family: Verdana, sans-serif;">I started feel that, the problem is neither with Visual studio settings nor Windows compatibility. It might be with some file(s) in the solution. I have three projects and each project has countable amount of files and which one causes this ?</span></div><div><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div></div><div style="orphans: 2; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">I forgot to tell something, yes, the application which I am working. I should give an intro for my application. It is Microsoft Outlook Plug-in using Add-in Express. As I already told, I have three projects in that solution. One of the project is some pre-installation settings. The another one is the main project, It is "Extensibility Add-In Express" project. Third one is MSI setup project.</span></div><div style="orphans: 2; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">The compilation of the whole solution breaks somewhere at middle. Instead of compiling whole solution, I want to try individual project. That may take me to exact place of the issue. Yes it does.</span></div><div style="orphans: 2; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="orphans: 2; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">First two project do not have any problem in compiling. But the setup project has ! Now I exclude all files in the setup project and tried compilation, it works. So I include files one by one and tried the compilation. It breaks at including the file <span style="background-color: #f5f6f6;"><i><span style="font-size: x-small;"><b>AddinExpress.mso.2005.tlb</b></span></i>. When I check with my machine, the file is not present in my setup project. This is because of different versions of </span><span style="background-color: #f5f6f6;">Add-in Express. The build machine has higher version(6.6). It automatically includes the file </span><span style="background-color: #f5f6f6;"><b><i><span style="font-size: x-small;">AddinExpress.mso.2005.tlb</span></i></b>. But in my machine it does not include that file(Add-in Express 6.4). And there is no problem with compilation after exclude the file( We can exclude that file : from Add-In Express ).</span></span></div><div style="orphans: 2; widows: 2;"><span style="background-color: #f5f6f6;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></span></div><div style="orphans: 2; widows: 2;"><span style="background-color: #f5f6f6;"><span style="color: blue; font-family: Verdana, sans-serif;">The lesson I have learned from this debugging is, Versions compatibility check is one of high priority in debugging.</span></span></div><div style="orphans: 2; widows: 2;"><span style="background-color: #f5f6f6;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></span></div><div style="orphans: 2; widows: 2;"><span style="color: blue; font-family: Verdana, sans-serif;">The lesson I need to know is, why the file <span style="background-color: #f5f6f6;"><b><i><span style="font-size: x-small;">AddinExpress.mso.2005.tlb</span></i></b> is not present in lower version(6.4).</span></span></div></div></div></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-58464966723579454992013-06-25T03:03:00.000-07:002018-02-27T01:52:19.281-08:00Primitive Data Type<div dir="ltr" style="text-align: left;" trbidi="on"><h4 style="text-align: left;"><span style="color: blue;">Intro</span></h4><div><span style="color: blue; font-family: Calibri;"><span style="font-size: 15px;">The amount of value that can hold by a variable is know as data types. There are two main types in programming language. </span></span></div><div><span style="color: blue; font-family: Calibri;"><span style="font-size: 15px;"><br /></span></span></div><div><span style="color: blue; font-family: Calibri;"><span style="font-size: 15px;">1. Primitive Data Type.</span></span></div><div><span style="color: blue; font-family: Calibri;"><span style="font-size: 15px;">2. User Defined Data Type.</span></span></div><div><span style="color: blue; font-family: Calibri;"><span style="font-size: 15px;"><br /></span></span></div><div><span style="color: blue; font-family: Calibri; font-size: 11pt;">Here some introduction about Java language primitive data type. </span><span style="color: blue; font-family: Calibri; font-size: 11pt;">Java programming language supports 8 primitive data types. </span><span style="color: blue; font-family: Calibri; font-size: 11pt;">A primitive type is named by a reserved keyword. </span><span style="color: blue; font-family: Calibri; font-size: 11pt;">Primitive values do not share state with other primitive values.</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><br /></div><h4 style="text-align: left;"><span style="color: blue;">byte</span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">The byte data type is an 8-bit signed two’s complement </span><span style="color: blue; font-size: 11pt;">(</span><a href="http://en.wikipedia.org/wiki/Two's_complement" style="font-size: 11pt;">http://en.wikipedia.org/wiki/Two's_complement</a><span style="color: blue; font-size: 11pt;">) integer. </span><span style="color: blue; font-size: 11pt;">The byte data type can be useful for saving memory in large arrays.</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue; font-size: 11pt;"><br /></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">byte Range ::: minimum value : -128 , maximum value : 127</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : 0</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><br /></div><h4 style="text-align: left;"><span style="color: blue;">short </span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">The short data type is a 16-bit signed two’s complement </span><span style="color: blue; font-size: 11pt;">(</span><a href="http://en.wikipedia.org/wiki/Two's_complement" style="font-size: 11pt;">http://en.wikipedia.org/wiki/Two's_complement</a><span style="color: blue; font-size: 11pt;">) integer. </span><span style="color: blue; font-size: 11pt;">You can use a short to save memory in large arrays. </span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue; font-size: 11pt;"><br /></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue; font-size: 11pt;">short Range ::: minimum value : -32,768, maximum value : 32,767</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : 0</span></div><h4 style="text-align: left;"><span style="color: blue;">int </span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">The int data type is a 32-bit signed two’s complement integer. It has a minimum value of</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">-2,147,483,648 and a maximum value of 2,147,483,647.</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;"><br />int Range ::: minimum value : -2,147,483,648, maximum value : 2,147,483,647</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : 0</span></div><h4 style="text-align: left;"><span style="color: blue;">long</span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">The long data type is a 64-bit signed two’s complement </span><span style="color: blue; font-size: 11pt;">(</span><a href="http://en.wikipedia.org/wiki/Two's_complement" style="font-size: 11pt;">http://en.wikipedia.org/wiki/Two's_complement</a><span style="color: blue; font-size: 11pt;">) integer.</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;"><br /></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">long Range ::: minimum value : -9,223,372,036,854,775,808, maximum value :</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">9,223,372,036,854,775,807</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : 0L</span></div><h4 style="text-align: left;"><span style="color: blue;">float </span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue; font-size: 11pt;">The float data type is a single-precision (</span><a href="http://en.wikipedia.org/wiki/Single_precision_floatingpoint_" style="font-size: 11pt;">http://en.wikipedia.org/wiki/Single_precision_floatingpoint_</a></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">format) 32-bit IEEE 754 (http://en.wikipedia.org/wiki/IEEE_754-2008) floating point.</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;"><br /></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : 0.0f</span></div><h4 style="text-align: left;"><span style="color: blue;">double</span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">The double data type is a double-precision (<a href="http://en.wikipedia.org/wiki/Double_precision_floatingpoint_">http://en.wikipedia.org/wiki/Double_precision_floatingpoint_</a></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">format) 64-bit IEEE 754 (http://en.wikipedia.org/wiki/IEEE_754-2008) floating point</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;"><br /></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : 0.0f</span></div><h4 style="text-align: left;"><span style="color: blue;">boolean</span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">The boolean data type has only two possible values: true and false.</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;"><br /></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : 0.0d</span></div><h4 style="text-align: left;"><span style="color: blue;">char</span></h4><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">The char data type is a single 16-bit Unicode character (<a href="http://en.wikipedia.org/wiki/Unicode">http://en.wikipedia.org/wiki/Unicode</a>).</span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">char Range ::: minimum value : ‘\u0000', maximum value : ‘\uffff’</span></div><div style="text-align: left;"> </div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;"><br /></span></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in; text-align: left;"><span style="color: blue;">Default Value : ‘\u0000’</span></div></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-82363155594264503872013-06-21T03:35:00.000-07:002018-02-27T01:52:19.624-08:00Java Class Loader<div dir="ltr" style="text-align: left;" trbidi="on"><h4 style="text-align: left;"><span style="color: blue; font-family: Calibri; font-size: 15px; font-style: italic;">Intro</span></h4><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Java class loader is part of Java Runtime Environment(JRE) that dynamically loads java class into Java Virtual Memory(JVM).</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">JRE doesn't need to know about files and file system, because classloader take care of this.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">Java platform uses </span><span style="font-family: Calibri; font-size: 11.0pt; font-weight: bold;">Delegation</span><span style="font-family: Calibri; font-size: 11.0pt;"> model for loading class.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The classloader is responsible for locating libraries, reading their content and loading the classes contained within the libraries.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Each Java Class must be loaded by class loader.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">When JVM started three class loaders are used.</span></span></li><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Bootstrap Class Loader.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Extension Class Loader.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">System Class Loader.</span></span></li></ul></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><br /></div><h4><span style="font-style: italic; font-weight: bold;"><span style="color: blue;">Bootstrap Class Loader</span></span></h4><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The bootstrap classloader loads the runtime classes from rt.jar files and others.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">Runtime classes can be located in the </span><span style="font-family: Calibri; font-size: 11.0pt; font-weight: bold;"><JAVA_HOME>/jre/lib</span><span style="font-family: Calibri; font-size: 11.0pt;"> folder.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">It is virtual machine built in class loader.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">It doesn't have parent class loader, but it may server as parent of class loader.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-style: italic; font-weight: bold;"><span style="color: blue;">Extension Class Loader.</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The extension class loader loads the libraries in the extension folder.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">Extension folder located in </span><span style="font-family: Calibri; font-size: 11.0pt; font-weight: bold;"><JAVA_HOME>/lib/ext </span><span style="font-family: Calibri; font-size: 11.0pt;">or any other directory specified in the </span><span style="font-family: Calibri; font-size: 11.0pt; font-weight: bold;">java.ext.dirs </span><span style="font-family: Calibri; font-size: 11.0pt;">System Property.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">It is implemented by the </span><span style="font-family: Calibri; font-size: 11.0pt; font-weight: bold;">sun.misc.Launcher$ExtClassLoader</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><h4 style="text-align: left;"><span style="font-style: italic; font-weight: bold;"><span style="color: blue;">System Class Loader</span></span><span style="color: blue; font-family: Calibri; font-size: 11pt;"> </span></h4><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Loads the class include the JAR files specified by the system property java.class.path.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">If a JAR file on the class path has a manifest with attribute Class-Path, JAR files specified by the Class-Path attribute will be also searched.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">By default java.class.path property's values is </span><span style="font-family: Calibri; font-size: 11.0pt; font-weight: bold;">.(dot)</span><span style="font-family: Calibri; font-size: 11.0pt;"> the current directory.</span></span></li></ul><br /><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">It can be changed using command line option </span><span style="font-family: Calibri; font-size: 11.0pt; font-style: italic;">-classpath</span><span style="font-family: Calibri; font-size: 11.0pt;"> or </span><span style="font-family: Calibri; font-size: 11.0pt; font-style: italic;">-cp </span><span style="font-family: Calibri; font-size: 11.0pt;">or setting CLASSPATH environment variable .</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The command line option overrides setting of the CLASSPATH environment variable.</span></span></li></ul></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-51356102668709875162013-06-21T01:09:00.000-07:002018-02-27T01:52:19.962-08:00XSS - Cross Site Scripting<div dir="ltr" style="text-align: left;" trbidi="on"><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">Cross Site Scripting, better know as XSS, a subset of HTML injection.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">XSS is most prevalent and pernicious security issue. </span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span lang="en-US" style="font-family: Calibri; font-size: 11.0pt;">XSS flaws occur whenever on web application takes data that originated from user and sends it to browser without validating</span><span lang="ta" style="font-family: Calibri; font-size: 11.0pt;">.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span lang="en-US" style="font-family: Calibri; font-size: 11.0pt;">XSS allows attackers to execute script in the victim's browser, which can hijack user sessions, deface website, insert hostile content</span><span lang="ta" style="font-family: Calibri; font-size: 11.0pt;">, </span><span lang="en-US" style="font-family: Calibri; font-size: 11.0pt;">conduct phishing attacks, and take over the user's browser using scripting malware.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">The malicious script is usually JavaScript, but any scripting language the supported by victim's browser is potential target for this attack.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">There are three types in XSS.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin: 0in;"><span style="font-weight: bold;">Three types of XSS</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">Reflected.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">Stored.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">DOM Injection.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin: 0in;"><span style="font-weight: bold;">Reflected ???</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">Reflected XSS is easiest to exploit.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">A page will be reflect user supplied data directly back to the user.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin: 0in;"><span style="font-weight: bold;">Stored</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">Stored XSS takes hostile data and store it in a file, a database, or other backend system and then at a later stage displays the data to user , unfiltered.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">This is extremely dangerous in systems such as CMS, blogs, or forums where a large numbers users will sees input from other individuals.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin: 0in;"><span style="font-weight: bold;">DOM Injection</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">With DOM based XSS attacks, the site's JavaScript code and variables are manipulated rather then HTML element.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">XSS attack can be blend or hybrid of all three types. </span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">Non standard or un expected browser behaviors can introduce subtle attack vectors.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;">XSS also potentially reachable through any components that the browser uses.</span></li></ul><br /><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-48342820854535151582013-06-20T20:58:00.000-07:002018-02-27T01:52:20.299-08:00Web.xml or Deployment Descriptor<div dir="ltr" style="text-align: left;" trbidi="on"><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Central configuration file of all web applications.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Defines servlets, servlet filters.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">From Servlet Spec</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The DD conveys the elements and configuration information of a web application between Application Developers, Application assemblers and Deployers.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The following type of configuration and deployment information are required to be supported by a web application DD for all servlet container.</span></span></li><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">ServletContext Init Parameters</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Session configuration</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Servlet declaration</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Servlet mappings.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Application LifeCycle Listener class.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Filter definition and filter mappings</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">MIME type mappings</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Welcome file list</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Error page</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Locale and Encoding mappings </span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Security Configurations, including login-config, security-constraint, security-role, security-role-ref, run-as.</span></span></li></ul></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">web-app Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Web-app is the root deployment descriptor for a web application.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">The element has a required attribute </span><span style="font-family: Calibri; font-size: 11.0pt; font-style: italic;">version </span><span style="font-family: Calibri; font-size: 11.0pt;">to specify to which version of the schema the deployment descriptor conforms.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">description Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">This element is to provide text describing the parent element.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">This element occurs under other multiple elements.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">This element has optional attribute xml:lang to indicate which language is used in description. </span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">The default value of the attribute is English(</span><span style="font-family: Calibri; font-size: 11.0pt; font-style: italic;">"en"</span><span style="font-family: Calibri; font-size: 11.0pt;">)</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">display-name Element </span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">This element contains short name that intended to be displayed by tools.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The element has optional attribute xml:lang to indicate language.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">icon Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The icon contains small-icon and large-icon element that specifies the filename for small and large GIF and JPEG images used to represent the parent element in GUI tool.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">distributable Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The distributable element indicates that this Web application is programmed appropriately to deployed in distributed servlet container.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">context-param Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The context-param contains the declaration of the Web application's servlet context initialization parameters.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">filter Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">The </span><span style="font-family: Calibri; font-size: 11.0pt; font-style: italic;">filter </span><span style="font-family: Calibri; font-size: 11.0pt;">declares a filter in Web application.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The filter is either mapped to servlet or URL pattern in the filter-mapping element, using the filter-name value to reference.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Filter can access the initialization parameter declared in DD at runtime via FilterConfig Interface.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The filter-name is logical name for filter, it must be unique within the web application. It must not be empty.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The filter-class is fully qualified class name of the filter. </span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The init-param element contains name value pair as an initialization parameter of this filter.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The optional async-supported element, when specified, indicates that the filter supports asynchronous request processing.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">filter-mapping Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The filter-mapping is used by the container to decide which filter to apply to a request in what order.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The value of the filter-name must be one of the filter declaration in DD. </span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The matching request can be URL pattern or servlet-name.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">listener-class Element </span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The listener indicates the deployment properties for the application bean.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The sub element listener-class declares that a class in application must be registered as web application listener bean.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">servlet Element</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The servlet element is used to declare a servlet.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">It contains declarative data of servlet.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The servlet-name element contains canonical name of the servlet, each servlet name is unique within the application. The servlet-name must not be empty.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The servlet-class contains fully qualified class name.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The run-as element specifies the identity to be used for the execution of a command.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The element load-on-startup indicates that this servlet should be loaded on startup of the web application. The element content must be integer indicating the order in which servlet should be load. If the value is negative , or the element is not present, the container is free to load servlet whenever to choose. If the value is positive or 0, the container must load and initialize servlet as the application is deployed. The container must guarantee the servlet marked lower integers are loaded before servlet marked as higher integers. The container may choose the order of loading of servlet with load-on-startup value.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">mulitpart-config </span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">If the servlet supports file upload and processing of mime-multipart request, the configuration for the same can be provided by multipart-config element, this element can be used to specify location where the file can be stored, maximum size of the file, maximum request size and size threshold.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;"> </span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">servelet-mapping </span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Defines mapping between servlet and URL pattern.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">session-config </span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The element defines session configuration for this web application. </span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The session-timeout sub element specifies timeout interval for all session created in this web application.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The specified timeout can be whole number of minutes. </span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">If the timeout is 0 or less, the default behavior of session never time out. </span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">mime-mapping</span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">It defines mapping between extension and mime type. The extension element contains a string description an extension, such as txt.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">welcome-file-list </span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Contains ordered list of welcome files. The sub element welcome-file contains name of the file. Default welcome is index.html</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><span style="font-weight: bold;"><span style="color: blue;">error-page Element </span></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;"><br /></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Error page element contains mapping between error code or an extension type to the path of resource in the web application. The sup element extension type contains fully qualified class name of a Java extension type. The sub element location element contains the location of the resource in the web application relative of the web application.</span></span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><br /></div><br /></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-33195131293477233872013-06-20T12:25:00.000-07:002018-02-27T01:52:20.637-08:00What is Servlet ?<div dir="ltr" style="text-align: left;" trbidi="on"><h4 style="text-align: left;"><span style="color: blue;">What is Servlet ?</span></h4><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Servlet is Java technology based web component, managed by web container, that generates dynamic content.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">It is platform-independent component.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Java classes that are compiled to platform-neutral byte code that can be loaded into and run by java technology enabled web server.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Containers, sometime called servlet engines, are Web Server extensions that provide servlet functionality.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Servlet interact with web client via request/response paradigm implemented by the servlet container.</span></span></li></ul><h4 style="text-align: left;"><span style="color: blue;">What is a Servlet Container ?</span></h4><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Servlet container is part of Web Server or Application Server that provides network services over which request/response are sent.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Decodes MIME based requests.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Formats MIME based responses.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">A Servlet Container also contain and manages servlet through their lifecycle.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">A servlet container can be built into Web server or installed as an add-on component to web server via that Server's native extension API</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">SC can also be built into or possible installed into web based application server.</span></span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">All SC must support HTTP as a protocol for request and response. <br /></span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Also addition request/response based protocol such as HTTPS can be supported.<br /></span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The require version of the HTTP specification that container must implement HTTP 1.0 and HTTP 1.1.</span></span></li></ul></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-67645710509714492282013-06-20T12:04:00.000-07:002018-02-27T01:52:20.973-08:00HTTP<div dir="ltr" style="text-align: left;" trbidi="on"><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><br /></div><div style="font-family: Calibri; font-size: 11pt; margin: 0in;"><h4 style="text-align: left;"><span style="font-weight: bold;"><span style="color: blue;">HTTP</span></span></h4></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Most web application run on HTTP. </span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">HTTP is a stateless series of client/server message exchange protocol.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Normally client is web browser, server is web server/application server.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The client initiates communication by requesting a specific resource.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The resource may be a HTML file, or dynamically generated output.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">HTTP originally designed for requesting and serving static HTML documents.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue;"><span style="font-family: Calibri; font-size: 11.0pt;">HTTP is an application layer protocol</span><span style="font-family: Calibri; font-size: 11pt;"> </span></span></li></ul><br /><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Calibri;"><span style="font-size: 11pt;">One of cons of HTTP is, it is stateless protocol. It </span><span style="font-size: 15px;">doesn't</span><span style="font-size: 11pt;"> maintain the state between multiple request from same client. Server don't know whether the next request is come from same user/client.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">The server has the client's address, but it will only be used to return current requested document.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">If we try to build a web application with complicated use case, the above won't help.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">Simple example is a secure web application must authenticate it users. To do this, the request in which client send username and password must associate with all other request coming from that client during the user session.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: Calibri; font-size: 11.0pt;"><span style="color: blue;">HTTP is also a text based. Mating text based technology to a strongly type based such as Java creates significant amount of data-binding work.</span></span></li></ul></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-23165654406526967362013-06-15T10:53:00.000-07:002018-02-27T01:52:21.309-08:00Annotation<div dir="ltr" style="text-align: left;" trbidi="on"><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Annotation, a form of metadata, provide data about program that is not part of the code. Or an annotation is simply to associate information with the annotated program element.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">They have no direct effect on the operation of the code they annotate.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;"> </span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-weight: bold;">Uses of Annotations</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;"><span style="font-weight: bold;">Information for the compiler</span> : Annotation can be used by the compiler to detect errors and suppress warnings.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;"><span style="font-weight: bold;">Compile-time and deployment time processing : </span>Software tools can process annotation information to generate code, XML files and so forth.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;"><span style="font-weight: bold;">Runtime Processing</span> : some annotation are available to be examined at runtime.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Annotation will look like the following.</span></li></ul><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">@Annoteexample</span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">'@' indicates to the compiler what follows is an annotation.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Annotation can contains <span style="font-style: italic;">element</span>-value pair.</span></li></ul><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">@Author{</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Name="B";</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Date="5/20/2013"</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">}</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Class my class{...}</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">@SuppresWarnings(value="unchecked" )</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Void myMethod(){}</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">@SuppresWarnings("unchecked" )</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Void myMethod(){}</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;"> If the annotation has no element, then parentheses cab be omitted.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">It is possible multiple annotation on the same declarations.</span></li></ul><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">@Author(name ="B")</span><br /><span style="color: blue; font-family: Verdana, sans-serif;">@Ebook</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Class myclass {...}</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">The annotation can be one of the type defined in the <span style="font-style: italic;">java.lang</span> or <span style="font-style: italic;">java.lang.annotation </span>packages.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">There are three kind of annotations, normal annotation, marker annotation and single-element annotation.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-weight: bold;">Where Annotation can be used </span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Annotation can be applied to declaration : declaration of classes, method, fields, enums, interface, annotation types, formal parameters, constructors, local variables and other program elements.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Annotation can be used in enum constants, such annotation placed immediately before the enum constant.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">It is compile-time error if a declaration is annotated with more than one annotation for a given annotation type. </span></li></ul><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-weight: bold;">Declaring a Annotation Type</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">The Annotation Type definition looks similar to an interface definition where the keyword <span style="font-style: italic;">interface</span> is preceded by the sign <span style="font-style: italic; font-weight: bold;">@.</span></span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Annotation Type is form of interface.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">They can define default value.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">Syntax </span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">@interface ClassPreamble{</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">String Author();</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">String date();</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Int currentRevision() default 1;</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">String lastModified() default "N/A";</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">String lastModifiedBy default "N/A";</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">String[] reviwers();</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">}</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">Usage</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">@ClassPremble(</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Author = "A";</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Date = "5/21/2013",</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">currentRevision = 6;</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">lastModified ="5/15/2013",</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">lastModifiedBy ="G",</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Reviwers = {"F","A","E"}</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">)</span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">To make this information in @ClassPreamble appears in Javadoc-generated documentation, you must annotate @ClassPreamble with the @Documented annotation.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">// import this to use @Documented</span><br /><span style="color: blue; font-family: Verdana, sans-serif;">import java.lang.annotation.*;</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">@Documented</span><br /><span style="color: blue; font-family: Verdana, sans-serif;">@interface ClassPreamble {</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">// Annotation element definitions</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"> </span><br /><span style="color: blue; font-family: Verdana, sans-serif;">}</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-weight: bold;">Predefined Annotation Types</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">The predefined annotation type defined in java.lang are @Deprecated, @Override, and @SuppressWarnings</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">@Deprecated</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">The above annotation indicates that the marked element is deprecated and no longer be used.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">The generates a warning whenever the program uses a method, class, or field with deprecated annotation.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">When an element is deprecated it should be documented using java-docs.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">@Override</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">This annotation informs compiler that the element is meant to override an element declared in superclass. </span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">While it is not require to use when overriding a method, it helps prevent errors.</span></li></ul><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><span style="font-style: italic;">@SuppressWarnings<br /></span> </span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">It tells the compiler suppress specific warnings that it would otherwise generate.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">e.g.</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">@SuppressWarning("<span style="font-weight: bold;">deprecation</span>")</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">Void decreatedMethod(){..}</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">In above example, we use deprecated method, but compile omits the warning.</span></li><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">To suppress multiple warning we can use like below.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">@SupressWarnings( {"unchecked", "deprecated"})</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">@SafeVarargs</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">This annotation when applied to method or constructor, assert that the code doesn't perform any un-safe operation on varargs params.</span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">When this annotation is used the unchecked warning relate to varargs are suppressed </span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">@Functionalnterface (Java 8.0)</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Indicates that the type of declaration is intended to functional interface. </span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-weight: bold;">Annotation that apply to other Annotations </span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">Annotation that apply to other annotations are meta-annotations. </span></li></ul><ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">There are several meta-annotation defined in java.lang.annoation.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><span style="font-style: italic;">@Retention <br /></span> </span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">This annotation specifies how the marked annotation is stored.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">RetentionPolicy.SOURCE : retained only at source level and ignored by compiler.</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;">RetentionPolicy.CLASS : retained by compiler at compile time and ignore by JVM</span><br /><span style="color: blue; font-family: Verdana, sans-serif;">RetentionPolicy.RUNTIME : retained by JVM.</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">@Documented</span></div><div style="margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">This annotation indicates that type are to be documented by javadoc or other tools.</span></li></ul><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .75in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><div style="color: #366092; font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif; font-style: italic;">@Target</span></div><div style="font-family: Calibri; font-size: 11.0pt; margin-left: .375in; margin: 0in;"><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span></div><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><ul style="direction: ltr; margin-bottom: 0in; margin-left: .75in; margin-top: 0in; unicode-bidi: embed;" type="circle"><li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="color: blue; font-family: Verdana, sans-serif;">It marks another annotation to restrict what kind Java elements the annotation that can be applied to.</span></li></ul></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-40807008698155173982013-04-01T03:35:00.000-07:002018-02-27T01:52:21.650-08:00Singleton Design Pattern <div dir="ltr" style="text-align: left;" trbidi="on"><h4 style="text-align: left;"><span style="color: blue; font-family: Verdana, sans-serif;">Intro</span></h4><div><ul style="text-align: left;"><li><span style="color: blue; font-family: Verdana, sans-serif;">The singleton design pattern restricts the instantiation of class to one object.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">This is useful when one object is needed across system.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">System that operates efficient when only one object exists.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">System restricts the instantiation to certain number of objects.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">The singleton object is available in global state, even if the object/class is not used. Using static method it can be avoid.</span></li></ul></div><h4 style="text-align: left;"><span style="color: blue; font-family: Verdana, sans-serif;">Implementation </span></h4><div><ul style="text-align: left;"><li><span style="color: blue; font-family: Verdana, sans-serif;">Implementation of singleton must statisfy single instance and global access principles.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">It requires a mechanism accessing singleton class without re-creating a class object .<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">And mechanism to persist values of class members among class objects.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">The singleton pattern is implemented by creating a class with method that creates new instance if one does not exist. If an instance already exist, it returns a reference to that object.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">Singleton class construct should be private, so that object cannot be instantiate in other ways.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">Singleton must be carefully implemented in multi-thread programming, 'cause if two threads are execute the creation method at same time when singleton doesn't exist, they both must check the availability of instance and only one should create new.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">Singleton can be implemented as a static instance.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">Singleton can be lazily constructed.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">Requiring no memory or resource until needed.</span></li></ul></div><h4 style="text-align: left;"><span style="color: blue; font-family: Verdana, sans-serif;">Eager Initialization</span></h4><div><ul style="text-align: left;"><li><span style="color: blue; font-family: Verdana, sans-serif;">If the program always need an instance or if the cost of creating instance is not too large in terms of time/resources.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">The instance is not constructed/create until the class is used.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">There is no need to synchronize the method, meaning that all thread will see the same instance and no locking required.<br /></span></li><li><span style="color: blue; font-family: Verdana, sans-serif;">The final keyword means that the instance cannot be redefined ensuring only one instance is exists. </span></li></ul></div><div><br /></div></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-45652538508635519072013-03-22T11:36:00.000-07:002018-02-27T01:52:21.986-08:00Insecure Direct Object Reference <div dir="ltr" style="text-align: left;" trbidi="on"><h2></h2><div class="MsoNormal"></div><div class="MsoNormal"></div><div style="text-align: left;"><span style="color: blue; font-size: x-small;"><span style="font-family: Verdana, sans-serif;"><br /></span></span></div><h4 style="text-align: left;"><span style="color: blue; font-size: x-small;"><span style="font-family: Verdana, sans-serif;">Insecure Direct Object Reference</span></span></h4><ul style="text-align: left;"><li><span style="font-family: Verdana, sans-serif;"><span style="color: blue; font-size: x-small;">Insecure Direct Object Reference occurs when developer expose reference to an internal implementation object.</span></span></li></ul><ul style="text-align: left;"><li><span style="font-family: Verdana, sans-serif;"><span style="color: blue; font-size: x-small;">Attacker or hacker manipulate direct object reference to access other object without Authorization </span></span></li></ul><ul style="text-align: left;"><li><span style="font-family: Verdana, sans-serif; line-height: 115%;"><span style="color: blue; font-size: x-small;">User can change any of the red marked value and can see other’s contact’s information.</span></span></li></ul><ul style="text-align: left;"><li><span style="color: blue; font-family: Verdana, sans-serif; font-size: x-small;"><span style="line-height: 115%;">This type of attack occurred to the Australian Taxation Office’s </span><i style="line-height: 115%;">GST Start Up Assistance</i><span style="line-height: 115%;"> site in 2000, where a legitimate but hostile user simply changed the ABN (a company tax id) present in the URL.</span></span></li></ul><ul style="text-align: left;"><li><span style="font-family: Verdana, sans-serif; line-height: 115%;"><span style="color: blue; font-size: x-small;">The goal is to verify that the application does not allow direct object references to be manipulated by an attacker.</span></span></li></ul><ul style="text-align: left;"><li><span style="font-family: Verdana, sans-serif; line-height: 115%;"><span style="color: blue; font-size: x-small;">Verify authorization to all referenced objects.</span></span></li></ul><ul style="text-align: left;"><li><span style="color: blue; font-size: x-small;"><span style="font-family: Verdana, sans-serif; line-height: 115%;">Avoid exposing your private object references to users whenever possible, </span><span style="font-family: Verdana, sans-serif; line-height: 115%;">such as primary keys or filenames.</span></span></li></ul><ul style="text-align: left;"><li><span style="font-family: Verdana, sans-serif; line-height: 115%;"><span style="color: blue; font-size: x-small;">Validate any private object references extensively with an "accept known good" approach.</span></span></li></ul><blockquote class="tr_bq" style="text-align: left;"><span style="color: blue; font-family: Verdana, sans-serif; font-size: x-small;"><span style="line-height: 115%;">http://example.com/userid=</span><span style="line-height: 115%;">100 </span></span></blockquote><div class="MsoNormal" style="text-align: left;"></div><div style="text-align: left;"><span style="color: blue; font-family: Verdana, sans-serif; font-size: x-small;"><br /></span></div><div class="MsoNormal" style="text-align: left;"><br /></div><br /></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0tag:blogger.com,1999:blog-7034214678189437053.post-7422396546270447062013-03-20T00:55:00.000-07:002018-02-27T01:52:22.321-08:00Exception Notes<div dir="ltr" style="text-align: left;" trbidi="on"><h4 style="text-align: left;"><span style="color: blue; font-family: Verdana, sans-serif;">Exception Notes</span></h4><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Exception means, exceptional condition that occurs and alters in normal program flow.<br /></span><br /><span style="color: blue; font-family: Verdana, sans-serif;">• Say an example, the program trying to read a file, but the file is not present or it’s locked with some </span><span style="color: blue; font-family: Verdana, sans-serif;">other resource, and then it will affect the program flow.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• When exceptional event occurs, the exception said to be thrown. The code that is responsible for </span><span style="color: blue; font-family: Verdana, sans-serif;">doing something about the exception is called an exception handler and it catches the thrown </span><span style="color: blue; font-family: Verdana, sans-serif;">exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Exception handling works by transferring the execution of a program to an appropriate exception </span><span style="color: blue; font-family: Verdana, sans-serif;">handler when an exception occurs. Try catch is used to do this.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Try is the block of code in which exception may occur.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Catch clause used to handle that exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Finally block is used to clean up the codes. Such closing the file, release the network sockets.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• A Finally block encloses code that is always execute at some point of after the try blocks, whether an </span><span style="color: blue; font-family: Verdana, sans-serif;">exception was throw or not.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• If there is return statement is try block, the finally block execute right after return statement </span><span style="color: blue; font-family: Verdana, sans-serif;">encountered, and before returns executes.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Try must follow catch or finally.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Try without catch and with finally is legal.</span><br /><br /><span style="color: blue; font-family: Verdana, sans-serif;">• In java Exception is an object. Derived from Throwable class.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Error and Exception are two main sub classes of Throwable class.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Error means, unusual situation that not caused by program errors.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Error would not normally happen during program execution. Such as the JVM running out of </span><span style="color: blue; font-family: Verdana, sans-serif;">memory exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• We can’t handle the Errors. If the error occurs it will stop the program execution.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• You can use more than one catch clause. You can specify exact matching Exception in catch or you </span><span style="color: blue; font-family: Verdana, sans-serif;">can use super class of the </span><span style="color: blue; font-family: Verdana, sans-serif;">exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• So, how do we know that some method throws an exception that we have to catch? The exception </span><span style="color: blue; font-family: Verdana, sans-serif;">that a method can throw must be declared in the method’s public interface.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• The list of thrown exception is part of the declared in the method’s public interface.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• The throws keyword is used as follows the list of exceptions that a method can throw.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Exception are in two types, checked and unchecked.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Checked exception includes all subtypes of exception, excluding class that extends RunTimeExcetpion </span><span style="color: blue; font-family: Verdana, sans-serif;">and Error.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Checked exceptions are subject to handle or declare.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Any method that might throw checked exception should declare the exception using throws, or </span><span style="color: blue; font-family: Verdana, sans-serif;">handle the exception with an </span><span style="color: blue; font-family: Verdana, sans-serif;">appropriate try/catch.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Subtypes of Error and RunTimeExcetpion are unchecked. Compile won’t enforce the handle or </span><span style="color: blue; font-family: Verdana, sans-serif;">handle.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Finally block could itself raise an exception </span><span style="color: blue; font-family: Verdana, sans-serif;">Exception some points</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Exception means, exceptional condition that occurs and alters in normal program flow.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Say an example, the program trying to read a file, but the file is not present or it’s locked with some </span><span style="color: blue; font-family: Verdana, sans-serif;">other resource, and then it will affect the program flow.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• When exceptional event occurs, the exception said to be thrown. The code that is responsible for </span><span style="color: blue; font-family: Verdana, sans-serif;">doing something about the exception is called an exception handler and it catches the thrown </span><span style="color: blue; font-family: Verdana, sans-serif;">exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Exception handling works by transferring the execution of a program to an appropriate exception </span><span style="color: blue; font-family: Verdana, sans-serif;">handler when an exception occurs. Try catch is used to do this.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Try is the block of code in which exception may occur.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Catch clause used to handle that exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Finally block is used to clean up the codes. Such closing the file, release the network sockets.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• A Finally block encloses code that is always execute at some point of after the try blocks, whether an </span><span style="color: blue; font-family: Verdana, sans-serif;">exception was throw or not.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• If there is return statement is try block, the finally block execute right after return statement </span><span style="color: blue; font-family: Verdana, sans-serif;">encountered, and before returns executes.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Try must follow catch or finally.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Try without catch and with finally is legal.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• In java Exception is an object. Derived from Throwable class.</span><br /><br /><span style="color: blue; font-family: Verdana, sans-serif;">• Error and Exception are two main sub classes of Throwable class.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Error means, unusual situation that not caused by program errors.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Error would not normally happen during program execution. Such as the JVM running out of </span><span style="color: blue; font-family: Verdana, sans-serif;">memory exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• We can’t handle the Errors. If the error occurs it will stop the program execution.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• You can use more than one catch clause. You can specify exact matching Exception in catch or you </span><span style="color: blue; font-family: Verdana, sans-serif;">can use super class of the</span><br /><span style="color: blue; font-family: Verdana, sans-serif;">exception.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• So, how do we know that some method throws an exception that we have to catch? The exception </span><span style="color: blue; font-family: Verdana, sans-serif;">that a method can throw must be declared in the method’s public interface.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• The list of thrown exception is part of the declared in the method’s public interface.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• The throws keyword is used as follows the list of exceptions that a method can throw.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Exception are in two types, checked and unchecked.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Checked exception includes all subtypes of exception, excluding class that extends RunTimeExcetpion </span><span style="color: blue; font-family: Verdana, sans-serif;">and Error.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Checked exceptions are subject to handle or declare.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Any method that might throw checked exception should declare the exception using throws, or </span><span style="color: blue; font-family: Verdana, sans-serif;">handle the exception with an</span><br /><span style="color: blue; font-family: Verdana, sans-serif;">appropriate try/catch.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Subtypes of Error and RunTimeExcetpion are unchecked. Compile won’t enforce the handle or </span><span style="color: blue; font-family: Verdana, sans-serif;">handle.</span><br /><span style="color: blue; font-family: Verdana, sans-serif;"><br /></span><span style="color: blue; font-family: Verdana, sans-serif;">• Finally block could itself raise an exception</span><br /><div style="text-align: left;"></div></div>uyirmeihttp://www.blogger.com/profile/03286809458505354079noreply@blogger.com0