Java's Servlet spec allows web applications to delegate authentication and authorization to the servlet container, a mechanism known as container-based security. A lot of people use it for in-house applications or web services because it's simple and containers like Tomcat already provide several authentication backends to choose from. There's one …

I think every Java application in production should enable JMX access. Without JMX, there's little chance to debug JVM-level problems, especially those related to out of memory errors. Even if your application doesn't export its own MBeans for monitoring, you can still take advantage of those that come out of …

It's quite common to deploy web applications from a nightly continuous integration job to a testing server. In my case, I want to deploy a Java web application to a remote Tomcat server from a Maven build. Enter Cargo, a collection of tools for controlling Java EE containers like Tomcat …

This week I attended Berlin Buzzwords Conference 2010, a two-day event aimed at software developers. The conference offered two tracks, one on search and the other one on NoSQL systems. Typical attendees seemed to be MacBook-wielding, twittering lifestyle geeks, often with SQL-induced childhood issues. The hype level was high - a …

Last week I ran into a nasty little problem while implementing an application with soft real-time requirements. I was aiming at 1 ms or less for a TCP-based request-response roundtrip on a local network. Should be trivial, but why did my tests indicate that I wasn't even getting close?

The …

A few weeks ago I wanted to enable digest authentication on an Apache 2.2 web server. I got basic authentication working within minutes, but I didn't want to send plain text passwords over the web, so how difficult could it be?

I followed some tutorial on the net but …

Configuring servers is tedious work if you operate a cluster of more than a few machines (if you're a regular reader, you've heard about it). I've created a simple deployment framework that helps with building deployment packages based on central configuration templates. It is ant-based, so people from the Java …

There are many ways to store session data in web applications. They all differ in scalability, failover capabilities, and complexity. I'll give you a quick rundown on the major themes.

There are millions of web applications on the Internet that are under constant development. Paying software developers to work on bug fixes and new features is quite expensive already, but what's often neglected is the cost for deployment and operation. Well-run organizations invest in their deployment and runtime infrastructure and …

Creating a good user interface is no trivial task, no matter if it's running as a desktop application or inside a browser. When it comes to accessing server-side resources (a common thing in the corporate world) web applications seem to be the first choice nowadays. You have complete control over …