Java's Servlet spec allows web applications to delegate authentication and authorization to the servlet container, a mechanism known as container-based security. A lot of people use it for in-house applications or web services because it's simple and containers like Tomcat already provide several authentication backends to choose from. There's one …
read moreEnabling JMX Access on Tomcat
I think every Java application in production should enable JMX access. Without JMX, there's little chance to debug JVM-level problems, especially those related to out of memory errors. Even if your application doesn't export its own MBeans for monitoring, you can still take advantage of those that come out of …
read moreDeploying to Tomcat From Maven Builds
Berlin Buzzwords Conference 2010
This week I attended Berlin Buzzwords Conference 2010, a two-day event aimed at software developers. The conference offered two tracks, one on search and the other one on NoSQL systems. Typical attendees seemed to be MacBook-wielding, twittering lifestyle geeks, often with SQL-induced childhood issues. The hype level was high - a …
read moreUsing TCP for Low-Latency Applications
Last week I ran into a nasty little problem while implementing an application with soft real-time requirements. I was aiming at 1 ms or less for a TCP-based request-response roundtrip on a local network. Should be trivial, but why did my tests indicate that I wasn't even getting close?
The …
read moreApache 2.2 and Digest Authentication
A few weeks ago I wanted to enable digest authentication on an Apache 2.2 web server. I got basic authentication working within minutes, but I didn't want to send plain text passwords over the web, so how difficult could it be?
I followed some tutorial on the net but …
read moreSimplifying Server Deployment
Configuring servers is tedious work if you operate a cluster of more than a few machines (if you're a regular reader, you've heard about it). I've created a simple deployment framework that helps with building deployment packages based on central configuration templates. It is ant-based, so people from the Java …
read moreSaving Session Data in Web Applications
There are many ways to store session data in web applications. They all differ in scalability, failover capabilities, and complexity. I'll give you a quick rundown on the major themes.
Session Data on the Client
You can often implement simple personalization features or workflows by storing state on the client …
Professional Deployment and Operation of Web Applications
There are millions of web applications on the Internet that are under constant development. Paying software developers to work on bug fixes and new features is quite expensive already, but what's often neglected is the cost for deployment and operation. Well-run organizations invest in their deployment and runtime infrastructure and …
read moreWhy Do We Build Web Applications?
Creating a good user interface is no trivial task, no matter if it's running as a desktop application or inside a browser. When it comes to accessing server-side resources (a common thing in the corporate world) web applications seem to be the first choice nowadays. You have complete control over …
read more