I've had a play with Google Web Toolkit now. Although I was impressed when I first found out about it, I'm a bit more skeptical now.

My test 'application' was a simple page with a single RPC call to a server function that just returned a random string. Not much, but enough to look at some of the features. I found that the server-side part of their RPC library included hooks to look at the serialized messages, so I tried it, and was surprised to see something that looked nothing like any common formats in use these days (XML, JSON, YAML...). It seems that while GWT provides a RPC mechanism, it's a proprietary and opaque one that means client code developed with the toolkit will not play nicely with existing applications.¹

Next I decided to have a look at the generated JavaScript which was 'compiled' from my Java code. No surprises for guessing it was a horrible mess of obfuscated code, with functions starting at a(), b() etc. I'd say if your app doesn't work, there's little hope of doing much debugging at the JavaScript level. I don't really know what level the Java to JavaScript conversion works at, but all I can see from the generated JS is that there are Java classnames in literal strings in there, which scares me.

It doesn't have to be that way. Rails has had 'RJS' for a while now, which relies on a base JavaScript library (Prototype) having a lot of more Ruby-like functions defined, so conversion is done at a much higher level. This results in simpler conversion, and generated JavaScript that is understandable because it is fairly similar to the original code.

---

¹The toolkit does come with a sample using JSON, but since it has to fall back to a chunk of hand-written JavaScript, it seems to be missing the point.

(2 comments | Leave a comment)

I'm getting over-excited today:
First this. Nice.
Then this. Woah!

(1 comment | Leave a comment)

AKA first impressions of .NET and Ruby-on-Rails
This week I've started on (self-) training in Microsoft Visual Studio .NET, since the company is moving in that direction. Meanwhile I've also been trying to learn about Ruby On Rails, since it's more the direction I'm moving in.

I've followed an online training course which was an introduction to .NET, outlining the various technical features it is made up of. Then followed a walkthrough in Visual Studio .NET to build a simple web page.

It doesn't seem that long since I was convinced of the advantages of "Better, Faster, Lighter Java" - the idea that you don't need a big pile of "Enterprise technology" for most web development. This Microsoft .NET stuff looks an awful lot like Enterprise Java, only taken to another level in the Microsoft 'style'. Which makes it incredibly frustrating.

It's heavy stuff like Web Services using description and discovery to tie down all the details of the interface. Which may sound like a good idea, but the reality of the growing web is that lightweight, informally defined interfaces are just easier and quicker to use. (I read yesterday that of users of web services provided by Amazon.com, 5% were using SOAP, a heavyweight protocol, while the rest were using the simple XML-over-HTTP interface).

---

Ruby On Rails is getting a lot of buzz in the Java community, despite not actually being Java. It's caught on through taking the "Better, Faster, Lighter" principle a stage further. I ran through a tutorial which got me to install it on my server and put something together so I could see it working.

Rails does away with most of the configuration that plagues other environments, by using naming conventions instead. Which means your database table has to have the pluralised version of the class name that it relates to (though this can be overridden if necessary). Classes attributes are discovered from database column names. Aggregations and compositions rely on a simple statement in the class along with suitably named foreign key columns. A 'scaffold' command includes into a class default CRUD implementations. This includes standard web pages and forms for them.

The result is that just defining your data model gives you a complete working CRUD web application. It's quite impressive. Understandably it won't look that pretty, but it's a better starting point than having nothing working - you can easily override the default operations one at a time to improve the look and feel, or implement operations that deviate from the norm. Rails libraries also provide a lot of helper functions, such as ones to render standard elements in pages, which can include Javascript and AJAX functions in the browser side. Lets hope it catches on more.

(3 comments | Leave a comment)

I went along to the London Java Meetup last night. I seemed to be the first there, and failed dismally by not grabbing a big table. Oh well. I managed to recognise some fellow geeks despite not having met them before; it was nice to hear what some other developers have been up to.

There were a couple of developers from Spring (Interface 21) along, apparently since they are running a training course here. When I talked to them it was less about Spring and more anecdotes about some known people in the Java world though.

There was a reasonable turnout, around 15 people perhaps, but I didn't manage to talk to many. I wasn't very comfortable in the new venue: it was too loud for us quiet geeks, and they didn't have any real ale, and the beer they did have was expensive. Though they did have Anchor Steam, which was nice, but it worked out at roughly 1p per ml.

So I was slightly disappointed, and with it clashing with games club I'll have to ponder whether to go again.

(3 comments | Leave a comment)

Browsing through Javanicus yesterday, I noticed HenPlus, which sounded like a tool I've been looking for. So I was disappointed to find out that it depends on Java-Readline, which doesn't really work on Windows. But Jez also mentioned JLine, which does work on Windows (after a fashion).

So I spent this morning attempting to replace the former with the latter. The libraries have similar interfaces, but not quite the same, so there was a bit of fiddling to do. The hardest part was trying to get HenPlus's tab-completion working without rewriting the whole function, but I think it is there now. (Just don't mention the lack of saved history and password masking ;-)

(6 comments | Leave a comment)

Regular expressions are useful, but they do have a tendency to end up looking like a line of garbage. private static final Pattern _ENTITY_MATCH = Pattern.compile("&\\#?\\w+;.*");

(Leave a comment)

I've spent a couple of days poking around the internals of JBoss/Tomcat authentication code, trying to fix a problem on a customer site. They were seeing random logouts sooner than the session timeout settings.

The culprit turned out to be my misunderstanding of how a LoginModule would be used, since we have implemented a custom login module to fake a single-sign-on with another application they use. Our original intention was that the other application would use a temporary 'ticket' to log in to our application. After the user is logged in the ticket could be disposed of.

Unfortunately, while JBoss keeps a cache of authentication information, it is a timed cache where entries cannot be refreshed. It doesn't rely on it: when something is not found in the cache, JBoss checks with the LoginModule again. Since it reauthenticates for every (secured) page access, the effect is that the LoginModule gets asked to validate the same password every so often, even when there seems to be no corresponding user activity, since it's fallen out of the JBoss authenication cache.

This combined badly with a system where we were throwing away tickets after they had been used, making a later check with the LoginModule fail. Obviously the solution was to make tickets live long enough that people won't notice, but this has other implications.

In the end I'm left wishing that we hadn't chosen to use J2EE declarative security for our application. It seemed like a good idea at the time (3 years ago now), but I don't think it gained us much that we couldn't have done with a servlet Filter, and we've had to jump through hoops to make some alternate login methods work.

(Leave a comment)