java hosting


Title
Author
Publisher
ISBN
Reviewed by
Review text
Category

Your search returned 25 matching documents




Head First Servlets & JSP
by Kathy Sierra, Bert Bates, Bryan Basham, Kathy Sierra, Bert Bates, Bryan Basham


O'Reilly
second edition
March 2008
911 pages

Reviewed by Ulf Dittmer, May 2008
  (8 of 10)


The second edition of this classic book about the Java Servlet and JSP API continues the tradition of other Head First titles that liven up the text with pictures, hand-scribbled notes, questions&answers and other devices to engage the reader's brain. Never having read a Head First book before, this reviewer was pleasantly surprised by how well this works. Even though the book is much thicker than I consider healthy for a tech book (over 800 pages), it's an easy read thanks to the lively prose and varied content elements.

The book is billed as a preparation aid for the SCWCD exam, but it also serves as a general introduction to Servlets and JSP. I found it easy to read individual chapters (e.g. on the Expression Language, servlet filters or custom tags) by themselves to refresh knowledge on particular topics. It's made clear which exam objectives are covered in each chapter, and there are exam-style questions and answers that go with the text, plus a brand-new mock exam with as many questions as the actual exam has.

I recommend this book as a tutorial -- not as a reference -- to anyone needing to come up to speed with servlets/JSP, or in need of learning aspects of it he hasn't used before. (Disclaimer: The author of this review was one of the tech reviewers of the book.)

Discuss book in the Saloon More info at Amazon.com



O'Reilly
1 edition
July 2004
886 pages

Reviewed by Marc Peabody, February 2006
  (10 of 10)


Over at the JavaRanch Saloon's Web Component Certification (SCWCD) forum, Head First Servlets & JSP dominates as the book of choice. It appeals to both those with and those without Java EE experience and I'm constantly amazed at how quickly everyone learns using this book. The SCWCD testimonies that say "I passed!" are most often appended with "Thank you, Head First, for such a wonderful book!"

A couple points about what to expect:
* This is no crammer's book. You will get more than book smarts -- you will understand the significance of the questions and objectives to real world Java enterprise programming.
* Nor is this book a flowery tutorial. This is hardcore programming wisdom. It would take you at least two years of real-world, painful, trial-and-error experience to gain the equivalent knowledge on your own. That's just stupid.

I passed the SCWCD exam years ago (before Head First Servlets & JSP existed) but now I am going to upgrade my certification to the latest version. I have never been so confident for an exam before. I am soooo ready!

Discuss book in the Saloon More info at Amazon.com




Emergent Design: The Evolutionary Nature of Professional Software Development
by Scott L. Bain


Addison-Wesley
1 edition
March 2008
448 pages

Reviewed by Ulf Dittmer, May 2008
  (9 of 10)


The author states in the preface that he'd like to push software development as a profession forward by promoting a set of methodologies that are universally recognized as beneficial. This reviewer thinks he achieves this goal admirably and wishes he had had access to a book like this when he first started out with object-oriented software development professionally.

A number of what might be called best practices are examined as to why they're useful, how they might best be applied, and how they deliver value in conjunction with other best practices. Some of these are well-covered by now (e.g. coding style and patterns), others are somewhat newer (like refactoring, the open-closed principle, unit tests and test driven development). At each step the author uses a combination of concrete code (mostly in Java, but easily understandable to everyone) and abstract UML-style diagrams to illustrate what is happening, and what difference a particular technique makes.

One important recurring theme is that the waterfall model of software development is truly dead, and that change of all kind needs to be embraced in a project, especially including changing requirements. Every software professional will recognize the value of being able to cope with change, and in this book that's part of the core message at each step. I recommend the book to get fresh perspectives and new ideas about various parts of the development process, both for developers and managers.

Discuss book in the Saloon More info at Amazon.com




Java Server Side Programming: The Conceptual Foundation
by Mukesh Prasad


CreateSpace Independent Publishing Platform
1.0.1 edition
August 2013
186 pages

Reviewed by Ulf Dittmer, November 2013
  (8 of 10)



This book teaches the foundations of server-side web development in Java by creating a basic servlet/JSP container from scratch. This is a very different, and rather interesting, approach than is usually taken. It starts with a socket client and server communicating with one another, gets into the basics of HTTP, then adds serving static files, error handling, cookies and form processing. At each step the server is extended to handle the new features, and the author explains the necessary HTTP and web concepts. The server is then extended to handle a basic version of servlets and sessions, and finally to handle a basic version of JSPs, including auto-recompilation and reloading. (All code is downloadable from the net, so instead of programming along -which is nonetheless recommended-, the reader can run the ready-made code as is.) All this takes up about two thirds of the book; the remaining chapters talk about how the features introduced with the server relate to the actual servlet and JSP specifications, and what features those provide that go further than that.

This approach works pretty well, making the reader acquainted not just with the specifics of servlets and JSPs, but also provides some detail on why certain features of the web are as they are - useful knowledge that often gets short shrift in pure programming introductions.

The lack of an index is not as strange as it sounds at first, because the book is a tutorial, meant to be read from start to finish, rather than a reference. And since it's rather short -less than 180 pages, a nice change from the usual tech tomes- and has an extensive table of contents, this reviewer didn't miss the it.

The book could have done with more extensive editing and proofreading -it was apparently self-published, as no publisher is mentioned- but the issues are minor.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

Discuss book in the Saloon More info at Amazon.com




Application Security for the Android Platform: Processes, Permissions, and Other Safeguards
by Jeff Six


O'Reilly Media
1st edition
December 2011
112 pages

Reviewed by Ulf Dittmer, December 2011
  (8 of 10)



While it's tempting to think that a mobile phone is a safer environment than, say, a web app, the reality is that it's becoming less so, if it ever was that in the first place. Malware of various kinds is just as much of a threat to a mobile app as to a web app, particularly in an ecosystem as open as Android.

This book ties together the different aspects that an Android app developer needs to consider when releasing an app into the wild (like through Google's Android Market). It covers the underlying OS architecture, where many app privileges are based on Linux file permissions, and then proceeds to the application permissions that govern capabilities granted to an app, like access to GPS location, use of internet connectivity, and access to SD card data. The latter will be familiar to anyone who's written an Android app (since they need to be listed explicitly in each app's manifest file). The next chapter covers the interprocess communication that allows apps to make use of other apps capabilities and permissions - Intents, BroadcastReceivers and ContentProviders. While the "how" of those is generally covered extensively, the security aspects tend to get overlooked; but not here. The last couple of chapters deal with securing sensitive data stored on the device, and with the internet connectivity that most mobile apps do in some form, and to which the same network security principles apply as for web apps (SSL encryption and mutual authentication). Those chapters delve deeply into Java's JCE API.

Overall I found the book easy to follow along, with plenty of code examples to study. The chapters can be read largely independently of one another, but at a length of not much more than 100 pages one might as well read the book in whole. While parts of the book will be familiar to a seasoned Java developer, and some parts have been covered widely online, this reviewer thinks it's still useful to have it all in one place, so as better to start thinking about app security as a whole, not as individual pieces to be used as is convenient - the threats are multiple, and an app is only as strong as its weakest point. Once it's out there on a device, it's subject to much more extensive probing than would be possible for a web app. Better to get its security story straight.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

Discuss book in the Saloon More info at Amazon.com




Location-Aware Applications
by Richard Ferraro, Murat Aktihanoglu


Manning Publications
pap/psc edition
July 2011
320 pages

Reviewed by Ulf Dittmer, January 2012
  (7 of 10)



The book aims to provide a survey of the landscape of mobile applications that deal with location data (GPS data chiefly), covering technical points (like positioning technologies, mapping options and mobile platforms) as well as business and pragmatic issues (like privacy, monetization and distributing mobile applications). Putting so many topics into a shortish book (less than 300 pages) means each subject gets only comparatively short shrift; don't expect to find all the information you might need on any given subject.

The prose is readily comprehensible, though, and where different technologies or options exist, the author points out their comparative strengths and weaknesses, so the reader can make an informed decision about what to research more. Lost of screenshots from existing apps illustrate the various points, and code examples are peppered throughout the book (although they are too short to serve as starting point for actual apps).

The book has only been published in July 2011, but already feels dated in some spots, so fast is the mobile phone scene changing, especially regarding the merits and positioning of the various mobile OSes. Still, the book provides a useful overview for anyone who's interested in what makes location-based mobile apps tick (HTML5's location features are not covered), and what the issues are one might have to think about before creating such apps.

Discuss book in the Saloon More info at Amazon.com




100 SOA Questions: Asked and Answered
by Kerrie Holley, Ali Arsanjani


Prentice Hall
1 edition
November 2010
272 pages

Reviewed by Deepak Bala, December 2010
  (4 of 10)



Before we even dive into the review, I thought it would be useful to mention the target audience for this book. The authors recommend that technologists / business stakeholders / architects would benefit from this book. It is not a technology book.

The expectation I had when I started reading this book was that it would give me clear / concise answers to specific problems / scenarios that one encounters in the SOA world. Unfortunately I found the answers to be wayward and not to the point. So what did I dislike about this book ?

1. The authors are undecided about the technical mastery that is required to read this book. For example, a mini tutorial on REST is provided abruptly while answering a question. I would expect an architect or technologist to know what REST is.
2. The answers are very abstract. So abstract that their meaning could be interpreted in a myriad of ways.
3. Some assumptions that are made about the architecture of a target system (the presence of pre-packaged software for example) are not necessarily true for all enterprise systems.
4. The book recommends that you visit the web site www.100Questions.info to have any other questions that you have answered. At the time of this writing, the website is simply a blank page that has been parked by godaddy. Very disappointing.

As for what I liked about the book, you can traverse to any question you want and have it answered. The questions are not necessarily linked to each other in any way. So you can read a question about architecture and then jump to say governance without any problem.

Overall, I did not derive enough value from reading this book.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

Discuss book in the Saloon More info at Amazon.com



Prentice Hall
1 edition
November 2010
272 pages

Reviewed by Ulf Dittmer, January 2011
  (4 of 10)


"SOA is a paradigm shift." (Q60) that "will forever be entrenched as a best practice" (Q94), and which is an evolution beyond OOP and Agile methodologies (Q38). These are the basic premises of this book, and anyone not buying into them will have trouble getting value out of reading it. The book seems out of a time a few years back when the SOA and web service hypes were at their peak; now that the hype has subsided, and the world has, by and large, recognized SOA as not being a game-changer but just another tool of the trade, and moved beyond large parts of the SOAP ecosystem, it feels strangely out of place.

The authors work, respectively, for IBM -one of the largest pushers of SOA infrastructure software- and a consulting company that specializes in introducing SOA in companies (something that the book advocates, Q48), so maybe this is to be expected. The book emphasizes big enterprise topics and assumes that a remodeling of the software and IT infrastructure (like putting in place ESB and BPM) need to be part of the overall SOA effort. No effort is made to present or justify SOA in environments that are not prepared to make that effort.

The 100 questions and answers are bundled into related categories like architecture, governance, organization that can be read individually as needed. That's a nice touch, as not all material will be of interest to all readers, or at all times, so chapters can be read on an as-needed basis. The presentation itself is clear, and aided by numerous diagrams that help illustrate the main points.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

Discuss book in the Saloon More info at Amazon.com




Glitch: The Hidden Impact of Faulty Software
by Jeff Papows


Prentice Hall
1 edition
September 2010
208 pages

Reviewed by Ulf Dittmer, November 2010
  (3 of 10)


This book aims to describe how to institute a software development process (and the business environment in which it exists) that leads to higher-quality software exhibiting fewer bugs. According to the author, this is done through "better IT governance". Unfortunately, very little of the book is spent on discussing what that means for the actual development process. The most part is taken up by prescriptions so high level as to be either common sense or inactionable. As an example, among the "Ten Ways to Squander IT Governance Resources" are such items as "Enforce bureaucratic processes without explaining the context", "Lock developers out of the code" and "Create reports that nobody can understand". No kidding.

Much of the rest of the book covers a variety of topics demonstrating the importance of IT and software, and how having them exhibit problems can affect millions of people, up to and including posing a danger to their lives. Well, yes, but that's not exactly fresh insight. Someone who has never worked with IT/software topics may find this interesting and illuminating, but not industry insiders.

Reading was somewhat hard work, since there's no common strand along which the content is organized. Each chapter is more or less unconnected to the others, only the very last one tries to tie it all together. Kind of annoying is the author's habit of breaking down each subject into 3 bullet point, and then each of those in turn into 3 more points - it feels like a series of PowerPoint slides, with too little explanation for each bullet.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

Discuss book in the Saloon More info at Amazon.com



Prentice Hall
1 edition
September 2010
208 pages

Reviewed by David O'Meara, January 2011
  (2 of 10)



Glitch is an interesting book, but to be honest I didn't really enjoy it. The author is certainly an expert in the field and provides plenty of useful information, but at times I found it difficult to distinguish the stories from the proven content from the opinion.

Each chapter has a topic and conclusion but the coverage feels anecdotal and often a bit light, padded by the included stories. Maybe I was a little sensitive while reading it, but the book is fairly short to begin with and while the stories, figures and tables are important to the text it means there is much less content than the 208 official pages. To me it felt more like a collection of articles or presentations than a book.

The topics are wide ranging and touch many aspects of IT in business and the value of this book is in this breadth. The coverage can be used as a check list or refresher for your own IT reviews or provide suggestions on areas to focus in your own organisation, but you could possibly distil this into a one or two page list and move on.

In the end I just wasn't convinced that the book was worthwhile. It was light, padded and occasionally disjointed. Many of the stories weren't software related and I couldn't see how they served the book. It will look nice on the bookshelf but it didn't deliver the experience I was hoping for.

---
Disclosure: I received a copy of this book from the publisher in exchange for writing this review on behalf of CodeRanch.

Discuss book in the Saloon More info at Amazon.com




Lucene in Action, Second Edition: Covers Apache Lucene 3.0
by Michael McCandless, Erik Hatcher, Otis Gospodnetic


Manning Publications
second edition
July 2010
475 pages

Reviewed by Ulf Dittmer, September 2010
  (9 of 10)


It's been 5 years since the first edition of this book, and Lucene has progressed from version 1.4 to 3.0 since then. This has meant significant new features, performance improvements, a much larger ecosystem around the core library, and more.

That's where the second edition comes in. It still describes the basics (indexing and searching) in as much detail as before, but also addresses new features such as payloads and new query types. The book also covers significant 3rd party extensions (the 'contrib' packages) that are not part of the Lucene core, but are considered of high enough quality to be shipped with it, as well related projects (like the Luke tool for analyzing indexes, and the Tika library that unifies indexing a wide variety of document types).

The book is full of ready to use code examples, is very readable, and is written in a way that one can read a section about a particular feature without having to digest everything that came before it first. So it doubles as a reference book. And, let's face it, there's way more to know about Lucene than one can pick up from articles and forums on the web. I consider the book indispensable to anyone who uses (or considers using) Lucene for more than simple toy projects; it will pay itself back quickly through time saved.

Discuss book in the Saloon More info at Amazon.com




Unlocking Android: A Developer's Guide
by Frank Ableson, Charlie Collins, Robi Sen


Manning Publications
1 edition
April 2009
416 pages

Reviewed by Ulf Dittmer, September 2010
  (7 of 10)


Android being a complete application platform, it's impossible to cover all of it in a single book, but "Unlocking Android" makes a credible attempt at getting the reader up and running quickly. The major chapters cover the development environment, user interfaces, intents and services (the building blocks of Android apps), storing and retrieving data, networking and web services, telephony, notifications and alarms, graphics and animation, multimedia, and handling location. After the capabilities of the platform have been introduced along with many code examples that show them in use, a lengthy example app that ties it all together is developed from scratch.

None of the areas is covered in full depth -trying to do so would be futile, given the size of the class libraries- but once a familiarity with the basic concepts has been established, the reader can consult the javadocs for more information, and use targeted web searches to find the missing pieces. The same is true for more advanced concepts such as OpenGL and native code, which are covered just briefly or not at all.

It needs to be said that Android is a fast-moving target, and while this book covers the now obsolete Android 1.x, a 2nd edition is on its way and will update coverage to Android 2.x. I recommend the book -or rather, its upcoming new edition- to anyone who has had no exposure to Android, and needs to get up to speed quickly on a whole range of issues. Reading javadocs and searching the web will be necessary to fill in some of the blanks, though.

Discuss book in the Saloon More info at Amazon.com




Stripes: ...and Java web development is fun again (Pragmatic Programmers)
by Frederic Daoud


Pragmatic Bookshelf
1 edition
October 2008
396 pages

Reviewed by Ulf Dittmer, January 2009
  (8 of 10)


Web application frameworks are a dime a dozen these days, so any new one faces an uphill battle for adoption. This book explains why - when choosing a web framework next time - you might want to take a long, hard look at Stripes.

The book starts with a simple example that shows all major parts of Stripes in action, just to give the reader a feeling for how things are wired together (although there's not much wiring to do). For the remainder of the book, one application is developed from scratch (a web-mail front-end), adding features step by step, thereby making use of more and more of Stripes' features.

The major aspects of all web applications are handled early on: creating and handling forms using JSP and JSTL, form parameter to Java object binding, validation, error handling, implementing MVC, dealing with I18N, and how to reuse common layouts. Further chapters deal with unit testing with mock objects, integration with other frameworks like JPA and Spring, using Stripes as an AJAX back-end, and web application security. A chapter on how to tap into Stripes' inner workings shows how to customize its operation, in the event that should ever become necessary.

I found the author's style very approachable, explaining each new concept with examples of when it might (or might not) be advantageous to use. At each step a new version of the web mail application was at hand that demonstrated how the newly introduced concepts improved on the previous version (all the code is downloadable from the book's web site). Overall, I commend the author on the book. After reading it I have a good feeling for all the things Stripes can do to make developing web applications easier and - yes indeed- fun again.

Discuss book in the Saloon More info at Amazon.com




The ThoughtWorks Anthology: Essays on Software Technology and Innovation (Pragmatic Programmers)
by ThoughtWorks Inc.


Pragmatic Bookshelf
1 edition
March 2008
248 pages

Reviewed by Ulf Dittmer, May 2008
  (7 of 10)


This collection of 13 essays written by various ThoughtWorks (a software consulting company) employees covers a wide range of software development topics. There's no overarching theme - the essays are meant to present current thinking on issues that are being thought about nowadays even if they're maybe not on everybody's mind.

Some essays focus purely on the programming (e.g. domain-specific languages, object design, domain annotations and the mix-and-match of languages that's possible with the JVM and CLR), while the majority addresses issues of the development process. That includes agile testing, performance testing, iteration management, improving the build and release processes and project tracking, amongst others. Some source code in various languages is shown throughout the book, but all is explained, and can be understood even without knowing that particular language.

The depth and style of the essays varies widely, since no two chapters are written by the same author. While all of them should be of interest to any developer or development manager, not many may be applicable to a particular reader's situation. For this reviewer, 4 out of 13 essays were very interesting or directly applicable; that's enough to make the book worthwhile reading. Particularly a chapter about domain annotations (using Java's annotations and .Net's attributes not for code management or deployment purposes, but for issues arising from the problem domain) provided food for much thought.

Discuss book in the Saloon More info at Amazon.com




Ajax Security
by Billy Hoffman, Bryan Sullivan


Addison-Wesley Professional
1 edition
December 2007
504 pages

Reviewed by Ulf Dittmer, February 2008
  (9 of 10)


With the advent of more sophisticated client-side web apps -- facilitated by AJAX and the JavaScript XmlHttpRequest object -- have come more numerous and more easily discovered security issues. As the authors point out, AJAX combines the vulnerabilities of traditional web apps and web services.

This book is billed as "The Hands-On, Practical Guide to Preventing Ajax-Related Security Vulnerabilities", and it delivers admirably on that count. It covers in detail the wide range of attack possibilities - from traditional web attacks and JavaScript hijacking over client-side storage and offline vulnerabilities to request origin issues, mashups and even CSS. An analysis of two JavaScript worms and a couple of chapters presenting tools to help test AJAX application and popular AJAX frameworks round out the book. Many illustrations and code examples help convey the subjects, as do details of what to look out for in particular browsers or server software. It's hard to picture a web worker (be it developer, tester, producer or manager) that doesn't take away something (and more likely quite a bit) from this book.

It's written in a style that makes it easily approachable, and complex topics are explained well. Although some of the later material assumes knowledge of the earlier stuff, most chapters can be skipped if the reader isn't interested in a particular topic, and revisited later. I recommend the book to every web professional.

Discuss book in the Saloon More info at Amazon.com



Addison-Wesley Professional
1 edition
December 2007
504 pages

Reviewed by Jeanne Boyarsky, January 2008
  (10 of 10)


Anyone involved in developing/testing AJAX should read "AJAX Security." It covers preventing a hacker from attaching your application. The audience includes developers, QA and penetration testers. While there are code snippets, they are explained well. While managers aren't in the target audience, I think they could benefit from understanding the concepts presented in the book.

The book begins with a brief review of AJAX architecture with an emphasis on security. The writing style is quite engaging including a chapter walking you through an attack from a hacker's point of view. All the major known categories of attacks are included including resource enumeration, parameter manipulation (with SQL and XPATH injection), session hijacking, JSON hijacking, XSS, CSRF, phishing, denial of service, etc.

I particularly liked the analogies to things that happen in the physical world such as resource injection into a roommate's "to do" list and hijacking another customer's paid order in the deli. These made it easy to visualize the problem even for people who don't code often.

The authors were realistic and included the limitations and drawbacks of each tool/framework mentioned. I liked the chapter analyzing two major JavaScript worms including the source code. This really hit home on the importance of certain practices!

All information was up to date as of printing including comments on all four major browsers (IE, Firefox, Opera and Safari.) They even mentioned the HTML 5 specification. The book is not server side language specific, which was nice.

Discuss book in the Saloon More info at Amazon.com




JavaFX Script: Dynamic Java Scripting for Rich Internet/Client-side Applications
by James L. Weaver


Apress
1 edition
October 2007
200 pages

Reviewed by Ulf Dittmer, February 2009
  (5 of 10)


JavaFX Script ("JavaFX" henceforth) is a new way to develop client-side Java GUI applications, comprised of a more declarative code syntax, and some new ways to couple behavior to code. That being the case, it (and by extension, this book) has two audiences: developers proficient in Java who want to learn about JavaFX, and web developers interested in building rich client applications who may not know much (or any) Java.

Falling into the first group, this reviewer thinks neither group is well served by the book. Java developers don't need much introduction to basic concepts; they'd be better served by comparisons between how things are done in plain Java, and how they are done in JavaFX, plus an overview of the new features JavaFX brings to the table. Neither is included in the book. Non-Java developers will struggle when trying to understand Java syntax and concepts, JavaFX concepts and parts of the Java class libraries all at once.

Most of the book is taken up by presenting various JavaFX concepts using a single medium-sized example GUI application (that builds word search puzzles, although that's really besides the point). Where some concepts don't fit that application, small additional examples are used. This does help in understanding what's going on, since the code can simply be run, and the effects of certain constructs be observed, if the text leaves something unclear.

Discuss book in the Saloon More info at Amazon.com




Scripting in Java - Languages, Frameworks and Patterns
by Dejan Bosanac


Addison-Wesley Professional
1 edition
August 2007
552 pages

Reviewed by Ulf Dittmer, November 2007
  (6 of 10)


This book aims to be an introduction to combining Java with scripting by presenting popular Java-based scripting languages, making the case for when and how to use scripting and Java, explaining the prevalent APIs, and showing some useful patterns of how to make it work.

A full third of the book is taken up by introducing scripting APIs, namely the Apache Bean Scripting Framework (BSF) and the javax.script package found in Java 6 and its non-yet-released web scripting component.

Another quarter is used for an introduction to Groovy, and many examples are written in that language; so if for some reason Groovy is of no interest to the reader that might be a drawback. JavaScript and (to a lesser degree) PHP are the other languages being used.

While just about everyone interested in the subject will find something (or a few somethings) of interest in this book, it doesn't feel like a coherent whole. It touches authoritatively on a number of subjects, amongst which the reader will choose which ones are applicable to him, and ignore the remainder. The style is technical, and even through the author seeks to present motivation repeatedly as to why to use scripting with Java, this becomes a bit tedious after a while. Overall the book is quite readable, though, and the numerous code examples interspersed with the text help provide some out-of-the-box applicability of the concepts presented.

Discuss book in the Saloon More info at Amazon.com




Enterprise AJAX
by David Johnson, Alexei White, Andre Charland


Prentice Hall PTR
1 edition
August 2007
496 pages

Reviewed by Ulf Dittmer, November 2007
  (7 of 10)


The subtitle of the book -- "Strategies for building high performance web applications" -- nicely sums up what this book is about: Not so much a tutorial about AJAX that takes the reader from 0 to 100%, but rather a collection of topics that relate to AJAX-based web applications, bundled into book chapters. The chapters span a wide gamut, from basic browser technologies like CSS/DOM/JavaScript and XMLHttpRequest, to more advanced stuff like the design of JavaScript code, Web Services, and the handling of sizable chunks of data within JavaScript. The book also covers issues of the software development process as they relate to AJAX applications, like usability, prototyping, testing and project risk management. Three case studies round out the book, but don't provide much additional insight.

If a chapter isn't of interest to the reader, it can generally be skipped without impacting the understanding of later material. Everything is explained with plenty of code examples, along with explanations of what gotchas to look out for when running under different browsers.

The book would have benefited from a more thorough proofreading. As it is, an annoyingly large number of typos, duplicated words and sentence fragments, and even incorrect picture captions and footnotes, have crept in. Nevertheless, the authors clearly know their stuff, and break it down into pieces that are easily digested and readily applied. Just about any web developer will get useful ideas out of Enterprise AJAX, no matter how big his projects.

Discuss book in the Saloon More info at Amazon.com




SOA Using Java Web Services
by Mark D. Hansen


Prentice Hall PTR
1 edition
May 2007
608 pages

Reviewed by Ulf Dittmer, October 2007
  (7 of 10)


The book covers the development of web services using the Java EE 5 platform. It provides a comprehensive yet detailed overview of the various components that play a part in it, from JAX-WS clients using REST and SOAP, through data binding with JAXB, to developing, packaging and deploying JAX-WS services, and the various JSR standards covering these technologies. The author also points out the shortcomings of these APIs, and possible workarounds.

At every step of the way ready-to-run example code is presented that illustrates the points made in the text. The code is also tied to numerous WSDL and Schema examples, so the reader should not be afraid to delve into those. The examples culminate in a program accessing various shopping sites via web services, and exposing their accumulated information via a web service itself, thus tying both ends together.

The writing is technical and to-the-point. Sometimes the minutiae of the examples become a bit exhausting, but if a chapter isn't of immediate interest to the reader, it can generally be skimmed over; the chapter introductions and conclusions provide enough hints that the reader knows what he's missing.

This reviewer wouldn't recommend the book as a tutorial for someone who's never developed web services. It is a good introduction to JAX-WS and associated APIs for experienced developers, though, or a reference of the finer points for anyone who doesn't use these technologies continuously.

Discuss book in the Saloon More info at Amazon.com




iText In Action - Creating and Manipulating PDF
by Bruno Lowagie


Manning Publications
1 edition
December 2006
656 pages

Reviewed by Ulf Dittmer, March 2007
  (9 of 10)


The iText project is one of the -or maybe the- most popular Java library for creating PDF documents. This book, written by one of the principal developers, shows in great detail how iText can be used for working with PDFs. It touches on topics ranging from text, images, graphics, tables and fonts to forms and fields, interactive content, digital signatures, and web applications. Each aspect is explained with numerous examples that can be applied to real-world problems right away.

The book also delves into the underlying PDF internals and PostScript details, and shows off capabilities that are not commonly used, yet make for impressive documents.

The style is light and easily approachable, and if a particular subject is not of interest to the reader, it can usually be just skimmed over (or entirely skipped) without impacting the understanding of later chapters.

This reviewer recommends the book for everyone using iText as a companion to the -quite extensive- online documentation that is available as well. It covers many features of PDF that a casual user of Adobe Reader would not even think were possible, and for which the javadocs alone are not sufficient introduction.

Discuss book in the Saloon More info at Amazon.com




In Search of Stupidity: Over 20 Years of High-Tech Marketing Disasters
by Merrill Chapman, Merrill Chapman


Apress
second edition
September 2006
408 pages

Reviewed by Ulf Dittmer, December 2006
  (9 of 10)


This highly readable book provides an overview of major blunders hardware and software companies have made since the evolution of small computers in the mid 70s. Not all examples are marketing failures - management, development and sales also often contributed. The book provides examples of various kinds of business mistakes, be it product positioning, burning one's own brand, mistreating the customer base, being caught in a bubble, underestimating the competition and others. Amongst the companies studied are IBM, Digital Research, Apple, Microsoft, MicroPro, Ashton-Tate, Siebel, Borland, Intel, Motorola, Google, Novell and Netscape. Taken together, the case studies also provide a kind of abridged history of microcomputing. Two concluding chapters try to distill the essence of the mistakes made, and how they may have been avoided. Even though hindsight is 20/20, there are a number of valuable lessons, not always new ones, sometimes just forgotten ones.

At 350 pages the book is nicely shorter than the usual crop of high-tech books, but it still contains a lot of material that is covered in-depth. The authors manages not to get lost in technical arcana, and makes his points clearly, and in a light style that is accessible even to those without a programming background.

Discuss book in the Saloon More info at Amazon.com



Apress
1 edition
July 2003
256 pages

Reviewed by Valentin Crettaz, October 2004
  (9 of 10)


I would qualify this book as a great marketing antipattern repository. All the true stories reported by Rick Chapman illustrate the worst practices in high-tech marketing he experienced over the past twenty years. With an entertaining narrative style, he immerses you in the corporate life of the big companies he worked at and delivers a fair dose of crispy details about some scary war stories that you wouldn't believe they actually happened. You would think that companies like IBM, Microsoft, Novell and Borland to cite a few, have never made stupid mistakes. Well, you're wrong! As the saying goes, ?nobody?s perfect?. This statement gets all its sense when applied to people working for big corporations that have the money and the brain cells, but despite this, still manage to shoot themselves in the feet. Money doesn?t buy you anything, but it is isually a good magnet for stupid managers, so watch out!

To understand the content of this book, there is no need to be a marketing guru whose resume reaches the moon. In fact, this book is suitable to pretty much anyone, whether you want to discover which practices to avoid at all costs, or whether you want to laugh out loud and despise those wannabe "deus ex machina" working for big corporations. Grab your copy, sit down comfortably and start turning the pages. You won't regret it, unless of course you were actively involved in one of those shameful and pathetic undertakings :)

Discuss book in the Saloon More info at Amazon.com



Apress
1 edition
July 2003
256 pages

Reviewed by Michael Ernest, August 2003
  (9 of 10)


It's hard to build a company that is both big and smart; most large companies survive by minimizing their mistakes, or making fewer costly mistakes than the competition, or at least by knowing how to recover from their own. In making light of the 80's blockbuster In Search of Excellence -- which the author admitted 20 years later was written on bogus data -- In Search of Stupidity examines several companies that did nothing to prevent or recover from its mistakes, and willfully so. Each story exemplifies pride in wrongheadedness, a triumph of personality over common sense, or best of all, a belief that markets can be told what they want and who to get it from.

It's great reading. Chapman is merciless, entertaining and yeah, really merciless. Aside from kicking several high-tech losers after the fact, which is fun, he shows how high-tech's own foibles create (when it could prevent) its own sufferings.

For programmers, developers, and other technical types, this book is an eye-opener to the differences between how software gets built and how it gets sold. In particular, Chapman's analysis of Microsoft's market dominance today (and why), along with his excerpted interview with Joel Spolsky are invaluable reading.

Discuss book in the Saloon More info at Amazon.com



Apress
1 edition
July 2003
256 pages

Reviewed by Thomas Paul, September 2003
  (9 of 10)


Why is Microsoft such a huge company today? It isn't because their products were better or because they cheated other companies out of their rightful place in the market. It's because they weren't as stupid as their competition. Merrill Chapman takes us through the comedy of errors that companies like Digital Research, WordStar, Lotus, and AshtonTate went through as they tossed their market leads aside in fits of stupidity. You can't help but laugh (or cry) at the mistakes these companies made. Example: WordStar was once one of the finest word processing programs in the world. But through stupidity the company ended up owning two competing mediocre products.

You won't find very much analysis of why a particular company made such obviously fatal errors. Why did Borland pay an outrageous sum to buy AshtonTate at a time when it had virtually nothing that Borland needed? You won't find the answer here. What you will find is an amusing, well-written examination of the collapse of good companies under the weight of their serious errors of judgment.

There is a moral to be learned from this book. It isn't necessary to be excellent. In fact, excellence can be expensive and drive up your costs so much that they make your products uncompetitive. The secret is not to be excellent, in fact you don't even have to be very smart. All you need to be is less stupid that your competitors. Just ask Microsoft.

Discuss book in the Saloon More info at Amazon.com




AJAX - Creating Web Pages with Asynchronous JavaScript and XML
by Edmond Woychowsky


Prentice Hall PTR
1 edition
August 2006
432 pages

Reviewed by Ulf Dittmer, September 2006
  (3 of 10)


This book misses the mark of explaining where and how to use AJAX.

Less than half the pages deal with AJAX itself; the rest is taken up by introductions to (X)HTML, JavaScript, XML, Path, XSLT and Ruby (on Rails) - technologies that are related, but which the brief coverage here doesn't do justice. Furthermore, pages upon pages of HTML element/attribute listings, DOM methods or XSLT functions don't further the insight into AJAX.

The sole in-depth example is a shopping cart application, which is fine, but plenty of simple ready-to-run examples that show various aspects of working with AJAX would help much more. Other examples use outdated techniques like XML islands and hidden frames, which muddles the picture further.

The authors' style of writing also gets in the way. It's probably supposed to be easy-going, but includes a stream of witty and self-deprecating remarks that detract from the content, and by the 10th repetition of "this is all mad-scientist stuff" this reviewer was yearning for some actual stuff, not fluff.

The chapters of the book that do talk about AJAX provide a decent introduction to the XMLHttpRequest object, and how to use it to transfer information back and forth from the server. It?s all bits and pieces, though, and no big picture is ever provided. Anyone who was inspired by Google Mail or Google Maps to build AJAX apps will not know where to start after reading this book.

Discuss book in the Saloon More info at Amazon.com




BPEL Cookbook
by Jeremy Bolie, Michael Cardella, Stany Blanvalet, et al.


Packt Publishing
1 edition
June 2006
188 pages

Reviewed by Ulf Dittmer, December 2006
  (5 of 10)


The book is billed as a showcase of BPEL best practices, demonstrated by showing 10 real-world projects from a variety of companies. It doesn't become clear what constitutes the "best practice" of each project, though, as there are no comparisons or discussion of alternative solutions. Sometimes the mere fact that something is doable using BPEL apparently makes it an SOA best practice. The cases are descriptions of particular solutions using BPEL, and there is no overarching theme to tie them together. They do serve to highlight particular problems faced when implementing SOA, and how to address them using BPEL, though.

One aspect of the book this reviewer found problematic is that almost all cases use (and sometimes require to use) the Oracle BPEL implementation, Process Manager and Process Designer, all the way to showing plenty of screenshots of its GUIs and dialog boxes. While this will be helpful for Oracle shops, it limits the usefulness of the book for developers using different software, especially as some cases rely on Oracle-specific details like the implementation API and management tools.

The book is relatively short at 170 pages -- which this reviewer counts as a plus in the days of 1000-page technology books -- and is well written and illustrated. Anyone determined to use BPEL will find interesting ways to use it in it. A justification for using BPEL it is not, as it assumes that SOA in general, and BPEL in particular, are industry best practices.

Discuss book in the Saloon More info at Amazon.com




Java Concurrency in Practice
by Brian Goetz, Tim Peierls, Joseph Bowbeer, David Holmes, Joshua Bloch, Doug Lea


Addison-Wesley Professional
1 edition
May 2006
384 pages

Reviewed by Ulf Dittmer, July 2007
  (8 of 10)


Java has had multi-threading capabilities from the beginning, but with the arrival of multi-core and multi-processor CPUs on desktops everywhere, and the broad range of new concurrency features in Java 5, there are no excuses any more not to take advantage of multithreading. Getting it right can be tricky, though, and that's where this book comes in.

It explains not just the features of the Java virtual machine and the class libraries that help implement concurrent applications, but also serves as an introduction to the problems arising in multi-threaded code in general. That can range from the small -how to share a class variable between threads - to the large - how to structure applications to take advantage of concurrency. More specialized chapters deal with threading in GUIs (important for Swing developers), how to maximize performance while retaining thread safety, and how to test concurrent code.

All concepts are explained with plenty of code examples that show what is and what isn't thread-safe. If several ways to solve a concurrency problem exist, their functional and performance differences are investigated, and -where possible- quantified. Engineering consists of tradeoffs everywhere, and this book makes clear how those between functionality, performance and thread safety can usefully be made.

Everyone not having had the benefit of CS 401 "Issues in Concurrency" will get a lot out of this book. And those who did will learn how to properly implement concurrent applications in Java.

Discuss book in the Saloon More info at Amazon.com



Addison-Wesley Professional
1 edition
May 2006
384 pages

Reviewed by Lasse Koskela, June 2006
  (9 of 10)


I've been doing most of my recent consulting in technology companies building systems that deal with concurrency, which is part of the reason why this book ended up on my desk -- I wanted to upgrade my know-how on the new concurrency features in Java 5 and a brand new book from recognized authors in the field sounded like a great source of information beyond the javadocs. And it is.

I'd almost call this the current bible on Java concurrency. At less than 400 pages it's relatively compact and still manages to properly cover a lot of ground. The text is easy to understand and avoids "difficult" words better than Doug Lea's "Concurrent Programming in Java", although it's been a couple of years since I read Lea's earlier book.

What I really like about the book is the thorough discussion on not just the API but also on the underlying theory. In other words, you're not just reading about the new synchronizer objects, thread factories or the executor architecture -- you're also getting the low-down on a lot of what's happening inside the JVM.

This, on the other hand, also makes the book somewhat less approachable as it might be if the authors would just give you the "tutorial". I did have hard time figuring out some sections on the first time around but I can't say it was because of the authors' writing. In any case, definitely not a course book for Java Programming 101.

It was a positive surprise to see the authors dedicating a chapter for testing multithreaded code. I would've wanted to read more on the topic, but the material in this one chapter is already a huge help in helping the reader to understand some important differences between unit testing the logic and the concurrent behavior of Java code.

I'm giving a big thumbs-up for "Java Concurrency in Practice". Besides the couple of pages in my copy having print quality problems (the copy we have at the office doesn't, so it's probably a one-off case), I don't have much negative things to say about this book. If you're looking for an advanced title on concurrency programming in Java, you won't go wrong with this one.

Discuss book in the Saloon More info at Amazon.com



Addison-Wesley Professional
1 edition
May 2006
384 pages

Reviewed by Janeice DelVecchio, October 2010
  (8 of 10)


Wow. So many examples! I love books that really SHOW me what's going on.

This was my first *real* in depth look at threads. When I first got this book, I said, "wow, kindof a smallish book for a big deal subject...." I assure you: there's a ton of material packed into this book. I can bet that everyone could benefit from the concentrated knowledge in this text.

I mainly got through the first section of the book, the fundamentals. There's talk about easy-ish stuff like definitions and use of volatile and synchronized keywords, and a way more in depth description of what happens in the JVM and why. I will be reading this whole section over again because it's a whole lot to wrap my head around.

I really enjoyed picking at the code examples and using the snippets to work through what was going on. This was really helpful in helping me understand the concepts.

The only (minor) downfall is the book goes like a steamtrain through the material. Because of this, I wouldn't recommend this book to anyone without a very good understanding of core Java, and at least some foundational knowledge of threads and threadsafety.

The other sections of the book look at design, performance, testing, and advanced topics. This is a book that will remain in my collection and be used time and time again.

Discuss book in the Saloon More info at Amazon.com




The Definitive Guide to Apache mod_rewrite
by Rich Bowen


Apress
1 edition
February 2006
160 pages

Reviewed by Ulf Dittmer, July 2006
  (9 of 10)


"mod_rewrite, frequently called the "Swiss Army Knife" of URL manipulation, is one of the most popular -- and least understood -- modules in the Apache Web Server's bag of tricks." This opening sentence of the book makes it clear why there is a need for it: the module can be used for so many purposes, that it's very easy to misuse it.

The book starts by explaining how to install and configure mod_rewrite, and then gives a brief introduction into regular expressions, which are crucial to its functionality. The main part of the book is taken up by explaining the directives and options which mod_rewrite offers, and plenty of examples showing how common tasks faced by web administrators and application developers can be accomplished.

The author -- a member of the Apache Software Foundation -- is very knowledgeable, and writes in a very light prose that's readily accessible even to readers not up to speed on web arcana. A huge plus is the fact that at every turn he shows how the same or a similar effect can be achieved without mod_rewrite, and weighs the benefits and drawbacks; often he recommends using a different tool when using mod_rewrite would not be the best choice. Thus the reader learns a good deal about the Apache Web Server and several other modules along the way. At the end, this reviewer had a very good idea of what the module can do, and how it should be used.

Discuss book in the Saloon More info at Amazon.com




Business Process Execution Language for Web Services
by Matjaz Juric, Benny Mathew, Poornachandra Sarang, Matjaz Juric, Benny Mathew, Poornachandra Sarang


Packt Publishing
second edition
January 2006
372 pages

Reviewed by Ulf Dittmer, June 2006
  (6 of 10)


The book starts off with a couple of chapters giving the motivation for why one might want to use BPEL, and an overview of the complete Web Services stack that supports it. As a number of those standards are not in widespread use, this provides some helpful context.

The heart of the book are two chapters that explain BPELs capabilities, and show them in action in an example that gets expanded step by step to make use of all those features. This is a sensible approach, as each step introduces just a bit more new stuff than the previous one covered.

Almost half of the book is taken up by introductions to two commercial BPEL servers from Oracle and Microsoft. This may be helpful for a reader who happens to run those products, but doesn't further the insight into BPEL itself.

The final chapter provides a reference to all BPEL features and constructs, which were introduced earlier in the book.

After reading the book, this reviewer had a much better feeling for what BPEL can and can not do. The lasting impression, though, is that BPEL sits on top of a large stack of WS-* standards, most of which struggle for adoption themselves, and that use of it should be considered carefully, as there may be simpler ways of achieving what it strives for.

The overall style is dry and technical, and a more thorough editing might have done some good, but the book is quite readable nonetheless.

Discuss book in the Saloon More info at Amazon.com



Packt Publishing
1 edition
October 2004
270 pages

Reviewed by Jeanne Boyarsky, April 2005
  (8 of 10)


"Business Process Execution Language for Web Services" is a good tutorial and reference for BPEL. The authors state that the book is targeted towards current web services developers and architects. Appropriately, the book assumes knowledge of XML, UML, and of course, web services.

The book was written by three authors and the chapters are separated by author. One author wrote chapter one, which includes an overview of BPEL, concrete examples of workflow and how BPEL fits into the big picture. The main author wrote chapters two through four, which flow well and teach BPEL through a running example, along with describing Oracle's BPEL tools. The third author wrote chapter five, which describes Microsoft's BPEL tools. The book ends with a clear, concise syntax reference. While all the chapters provide valuable information, the first and last chapters seem disjointed from the remainder of the book.

There are plenty of diagrams to show architecture and flow, something very important in BPEL. The meat of the book teaches BPEL, something it does very well. The examples in chapters two and three gradually grow in complexity and build on each other. When describing Oracle and Microsoft's tools, appropriate screenshots are provided. I recommend this book for anyone starting out with BPEL or just looking to learn it.

Discuss book in the Saloon More info at Amazon.com




Lucene in Action
by Erik Hatcher, Otis Gospodneti


Manning Publications
1 edition
December 2004
456 pages

Reviewed by Ulf Dittmer, May 2007
  (9 of 10)


The Lucene library is a powerful text indexing and retrieval engine. While it's not a complete search solution, its multifaceted API makes it easy to build one based on it. The examples shipping with it make it easy to get started with, but they only show a small excerpt of what the library is capable of. Without a guide, it's easy to overlook important details and helpful features.

That's where this book fits in. It devotes lengthy chapters to the two core activities of indexing and searching, and it offers multiple examples of how the library accomplishes those. It also explains the multiple extension points that it API offers, allowing a user to customize many aspects of its operation.

Further chapters discuss ports of Lucene to other languages, indexing rich document formats like Word, HTML, RTF and PDF, introduce the Lucene Sandbox which collects a variety of user contributions, and case studies of some advanced and uncommon usages.

The book is slightly outdated (it covers version 1.4, while 2.1 is released now), but with such a powerful API it's probably better to start out by using not all of its features anyway. A small gripe of this reviewer is that some advanced features are only hinted at, leaving the reader to piece the remainder together himself. But -- given the plentitude of material Lucene offers -- that's probably unavoidable, and doesn't detract from a book that must be considered indispensable by serious users.

Discuss book in the Saloon More info at Amazon.com



Manning Publications
1 edition
December 2004
456 pages

Reviewed by Valentin Crettaz, March 2005
  (9 of 10)


The advent of the Internet has brought the humanity to a new era where information has become the keystone of many businesses and human activities. The bad news is that the process of retrieving accurate information is often tedious and imprecise. Undoubtedly, we are all information addicts. We need relevant information and we need it now. Many companies, such as Yahoo!, Altavista, Google and some open-source movements, are striving to devise new algorithms and to create cutting edge tools whose primary goal is to ease the pain of retrieving information needles in the Internet and desktop haystacks.

This book is 100% dedicated to the Lucene search engine library, which one of those free medications that can considerably ease your pain of providing information retrieval support. The authors, who are both committers of the Lucene project, make an outstanding job of presenting the library and describing how to incorporate it into your system in order to leverage its flexible and powerful indexing and searching capabilities.

This book is the most comprehensive and up-to-date reference work on Lucene available on the bookshelves. It is targeted at developers of any level in strong need of powerful indexing and information retrieval support that can be plugged into the various lightweight and heavyweight systems they are developing. If you ever need to provide a search functionality to your users, the best advice I can give you is to grab this book and learn how to leverage Lucene's potential.

Discuss book in the Saloon More info at Amazon.com




Secrets & Lies - Digital Security in a Networked World
by Bruce Schneier


John Wiley & Sons
1 edition

pages

Reviewed by Ulf Dittmer, February 2010
  (8 of 10)


Although several years old by now, this book about computer and network security is still as relevant today as it was when it was first published. Bruce Schneier is one of the best-known computer security experts, and he imparts his expertise in a very readable and highly informative way.

The core message is that "security is a process, not a product or technology", and it must be designed into any system from the start, instead of trying to bolt it on as an afterthought. The other important point is that defense against an attack should consist of prevention, detection and response; neither of these is likely to work perfectly, so only a combination can make a system secure. And lastly, security is in interactive process between attacker and defender - advances on one side will lead to advances one the other, thus creating an eternal cat and mouse game.

After surveying in depth the various technologies available to secure systems, and analyzing their respective strengths and weaknesses, as well as how they might be circumvented by a different attack, Schneier presents strategies for dealing with them. This involves threat modeling (determining ALL the ways in which a system might be attacked), defining a security policy that defends against those threats, and putting in place the prevention/detection/response mechanisms that implement that policy. This approach can be used for every system (and for non-computer systems as well).

Throughout the book, many examples are used to illustrate the points which help the reader think about security (not just of the computer kind) in a wholly new way. It thus holds applicable lessons that go way beyond the immediate audience of the book.

Discuss book in the Saloon More info at Amazon.com

 
The Bunkhouse administrator is Ankit Garg.