Slashdot Mirror

Saqib Ali asks: "I am looking for for some OpenSource PDF Writers/Creator. I found one, here. It can basically create PDFs out of common software Like OfficeSuite, Visio, Project or any other Windows Application that uses the Windows Printers. I know OpenOffice can also export to PDF. I am working on a project (fat client) where I need to dynamically create PDF reports from data stored in MySQL DB. I know I can use PHP to create PDFs, and also Apache's Cocoon (you can find an example document, here). Of course, I would like to investigate other OpenSource PDF writers as well. Do you know of any other PDF writers, that I can utilize or learn from by looking at the source-code?"

Slashback brings you updates tonight on Diebold's attempts to bring undisclosed-source, unauditable black-box voting to a ballot box near you, John Carmack's search for (rocket-fuel, not hair) peroxide, AT&T's (withdrawn) request for its customers' mail server addresses, open source goings on at Comdex, and more -- read on for the details.

Diebold Election Systems Round 2 in MD zznate writes "Looks like Diebold is not going to get off the hook so easily in Maryland after all. For anyone local, feel free to contact delegates Hixson or Hollinger to express your support. Perhaps they could even receive a copy or two (or fifty ;-) of the documents listed here."

Diebold is having an easier time at Swarthmore. yoshi_mon writes "Previously reported on /. was the Swarthmore Students Effort to keep the Diebold leaked memo's online. However that effort has been quashed by one Dean Bob Gross. To quote the dean, "We can?t get out in front in this fight against Diebold." BlackBoxVoting.com reports that '[Swarthmore College] is not willing to take a strong stand against Diebold, and is systematically disabling the network access of any student who hosts the files.'"

AT&T says Ha, just kidding! An anonymous reader writes "In an update to an earlier Slashdot article, Telco giant AT&T rushed to withdraw two notices sent to business partners and customers asking for the IP addresses of all outbound SMTP servers because of a 'human error' gaffe."

All this and cheap shrimp cocktail. blackbearnh writes "While the topic has been raised, I thought I'd mention a few other things going on at COMDEX Open-Source wise.

First off, the Open Source and Linux track has been expanded from a half-dozen sessions last year to nearly twenty this year. These will cover everything from the basics of Open Source (taught by folks like Ken Coar of Apache) to an intro to PHP led by Rasmus Lerdorf.

On the show floor, a massive 2500 sq foot Open Source Innovation Center will serve as the site for hourly talks by Open Source evangelists on business-related topics such as case studios proving the benefits of Open Source. There will also be a staffed "clinic" area where attendees can get advice on what Open Source technologies would work well in their business. There will also be install parties held at noon each day, where attendees can bring their laptops to get help installing MySQL or Debian. And lastly, a .ORG village inside the center will host representitives from more than a dozen prominent Open Source organizations, including OpenOffice and Mozilla.

Also, the COMDEX/ApacheCon exchange program continues this year. COMDEX members can get access to the ApacheCon expo floor and BOF sessions, while ApacheCon member can visit the COMDEX show floor and the Open Source keynotes. Shuttle service will link the two conventions.

James Turner
Co-Chair, Open Source, Fall 2003 COMDEX"

It's a crapshoot, eh. Dick Faze writes " Royal Bank of Canada is part of a $50 Million investment in SCO: Has our communist neighbor to the north finally flipped completely?" (We know Mr. Faze is being facetious, here ... don't we?) This is the same $50,000,000 investment deal in which some people suspected Microsoft's involvment.

Patent Office Cancels Swing Patent An anonymous reader writes "Remember the swing patent issued last year covering the method of swinging a swing? Well, the Patent Office must've taken offense at the amount of criticism it received over this patent. It initiated a reexam proceeding and after a year's worth of reexamination, they cancelled the patent on July 1, 2003."

But all the other patents are up to snuff, don't worry.

Carmack's Peroxide Troubles Over? Rob Jellinghaus writes "John Carmack's aerospace company has had problems getting enough concentrated 90% peroxide for their engines. So they have been working on mixed monoprop engines that would need only 50% peroxide, which would pretty much end their fuel troubles for good. They have had many failures, but they may have just succeeded. In his words: 'This is Very Good.'"

Remember, most of the world is still dial-up, at best. Anothermouse Cowered writes "It's a router, it's a firewall, it's a home gateway it's a... In another giant leap for the Open Source community, you can now hack on your own embedded Linux system for under $70. The source code for the ActionTEC Dual modem previously mentioned on Slashdot ('Hacking the Actiontec 56k Modem/Gateway') in September has now been released under the GPL. Downloads available here."

ninejaguar asks: "Slashdot did an article on an Open Source product called Prevayler, which could theoretically resolve all the problems associated with OO's rough courtship with Relational databases. Slashdot covered Prevayler when it was still 1.x. Despite fear, doubt, and memory concerns, it has reached 2.0 alpha. Is anyone currently using this non-database solution in production? If so, has it sped development because of the lack of OO-to-RDBMS complexity? Was there a significant learning curve to speak of? The LGPL'd product could be incorporated into proprietary commercial software, and few might know about it. Is anyone considering using it in a transactional environment where speed is the paramount need? And, are there any objections to using Prevayler that haven't been answered at the Prevayler wiki? Would those who use MySQL find Prevayler to be a better solution because it's tiny (less than 100kb), 3000 times faster and is inherently ACID compliant?" Update: 09/24 19:25 GMT by C :Quite a few broken links, now fixed.

"We've used relational databases for years despite incompatibilities in SQL implementation. Accessing them from an OOP paradigm has been so tedious, that Object-Relational mapping technologies have sprouted all over the Open Source landscape. Some competing examples and models are Hibernate, OJB, TJDO, XORM, and Castor; which in turn have supporting frameworks such as Spring and SQLExecutor. Because SQL is the dominant form of interfacing with the data in an RDBMS, there's now a specification to offer it a friendlier OO face.

Most of the above, including the SQL-variants, arguably appear to add yet another layer of complexity (even if only at the integration level) where they should be taking complexity away. These solutions are put together by some very smart people, but it's inescapable to get that feeling someone is missing the forest (simple answer) because all the trees (incompatible models) are in the way. If there are so many after-the-fact solutions attempting to simplify relational database access and manipulation from OO, isn't it reasonable to think that there is something generally wrong with trying to cobble-together two disparate concepts with what are essentially high-caliber hacks? Is Prevayler a better way?"

Simon P. Chappell writes "Now, I enjoy a good technical book more than the next geek, but it's been quite a while since one left me quite so excited with the possibilities that it presented. Code Generation in Action is beyond interesting, it is a masterful tome on its subject matter, written by one who is obviously an experienced practicioner in his craft." If "code generation" isn't a familiar term to you, this enthusiastic overview on devx.com is a concise introduction to what code generation is about, though it makes no pretense of ambivalence about its importance as a programming tool. Read on for the rest of Chappell's review. Code Generation in Action author Jack Herrington pages 342 (10 page index) publisher Manning rating 9 reviewer Simon P. Chappell ISBN 1930110979 summary A masterful tome.

Overview Code Generation in Action, CGiA to its friends, is presented in two parts. The first part is four chapters, and covers a code generation case-study, the basic principles of code generation, including the different types of code generation strategies together with reasons why you would or would not use each strategy. The book's chosen toolset for building generators is presented next, and then some walk-through examples of building simple generators wraps up the first part.

The second part is a kind of a cross between a cookbook and a list of engineering solutions. There are nine chapters with the breadth of solutions covered being quite impressive, covering the gamut of generation of user interfaces, documentation, unit tests and data access code. Each chapter presents a couple of solutions within its topic area, often for different technologies within that topic. For example, the user interface chapter covers the generation of Java ServerPages, Swing dialog boxes and then Microsoft MFC dialog boxes. No favouritism here!

What's To Like There's a lot to like with this book. The writing is very clear and of good prose. I found the introduction to be very compelling, and I felt completely drawn in by the opening case-study. The four chapters of part one are a concise case for code generation, and would be very useful information to help persuade co-workers and management of the positive risk/benefit ratio with trying code-generation on a live project.

It would be impossible to try enough of any solution from part two in a time-frame short enough to make this review useful, but in the solutions that match my areas of knowledge, I found myself admiring Herrington's straight-forward and pragmatic approach.

What's To Consider There are two aspects of this book that I want to flag. One of these aspects, some will love and others will hate, and that is the choice of generator language for CGiA. The author has chosen to use Ruby as his working language. This is an interesting choice. Ruby is certainly a language that is inspiring a lot of admiration these days (in fact, it's hard to get Dave Thomas to stop talking about it :-), but with the majority of the code-generation examples being for Java-related technologies, I wonder why Java was not selected instead.

I also found myself wondering about the lack of discussion of how to integrate these Ruby tools into a typical Java build process. Many developers I know use ant to bring automation and consistency to their builds, yet the book doesn't mention this. (JRuby anyone?) Certainly something to consider for the second edition or future code-generation authors.

Summary

This is a masterful tome that inspires and delights, although the two issues raised above did cost it a perfect score of ten.

Table Of Contents

1. Code generation fundamentals
2. 1. Overview
   2. Code generation basics
   3. Code generation tools
   4. Building simple generators
3. Code generation solutions
4. 1. Generating user interfaces
   2. Generating documentation
   3. Generating unit tests
   4. Embedding SQL with generators
   5. Handling data
   6. Creating database access generators
   7. Generating web services layers
   8. Generating business logic
   9. More generator ideas

You can purchase Code Generation in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Richard W.M. Jones writes "mod_caml is a set of bindings between Objective Caml and the full Apache API. mod_caml 0.6 has bindings for the Apache API and a full Perl-like CGI and templating library. There's only two things you need to know about Objective Caml: it's a modern, fully-featured and highly-optimised language, and it has a good tutorial so Perl/Java/C/C++ programmers can join in the fun."

Kyle Hamilton writes "The first Apache Newsletter was released today. The Newsletter is a result of the outgrowth of the 'Jakarta Newsletter' and the newsletter can cover all the projects including infrastructure, incubator et cetera."

Vito asks: "I'd like to use WebDAV over SSL (with [preferably digest] authentication against Unix accounts) to provide a few hundred Windows users with secure, easy, and free access to their Linux home directories. WebDAV is supported as Web Folders in Windows, meaning there is no need to download and install SFTP, SCP, FTPS, and other clients. It's also supported natively in Mac OS X, and Linux users can install davfs. But this setup doesn't seem to be possible (safely) using Apache. Do I have alternatives?"

"Apache has mod_dav, which seems to be primarily designed to provide a single shared space to files, where the Apache process user has read/write access. mod_auth_digest doesn't seem to be usable at the same time as mod_auth_shadow. It would appear that the only way to 'properly' do what I want to do would be to run Apache as root(!), have vhosts for every user (webdav.username.domain.com), have Apache change to that user's uid and gid before enabling webdav for their home directory, and then use basic authentication instead of digest authentication.

Is anyone out there trying this? Has Anyone used Jigsaw, kirra-httpd or even the no-longer-available MoulDAVia in a production environment? What are you using to provide non-trivial, safe WebDAV services?

I know I can use something like a restricted SCP- and SFTP-only shell, like scponly and rssh, but again, I'd prefer WebDAV as it wouldn't require the end user to install a client application."

Simon P. Chappell writes "The Eclipse IDE has thundered into the collective consciousness of Java developers since its release by IBM as Open Source Software. Up until this time, the majority of available documentation at the Eclipse website has been for plug-in developers, with scant attention given to the rest of us that actually want to use the tool for anything else. This book restores the balance and brings much needed help to those interested in this IDE." Read on for the rest of Simon's review, about which he says "Full Disclosure: I received a free, review copy of this book, so feel free to assume that I've been bought off and have traded my technical integrity to put about an inch of dead tree on my shelf." Eclipse in Action author Gallardo, Burnette and McGovern pages 383 (15 page index) publisher Manning rating 8 reviewer Simon P. Chappell ISBN 1930110960 summary A good book that lives up to its name.

Overview With a book like this it's difficult to know where to pitch the level. Do you aim for the lowest common denominator or do you assume some experience on the part of your reader? This book seems to have pitched itself well, not pandering to the absolute Java newbie, not afraid to get down into the code and yet gentle enough that newer Java developers can follow easily. The heavyweight chapter on writing plug-ins is at the back where it shouldn't frighten those of a sensitive nature.

The book is divided into two sections. The first and largest section concerns actual use of Eclipse during Java application development. The second section is for those who wish to write plug-ins for Eclipse.

The book takes a very 'Test Driven Development' approach to Java development and this shows in the manner that Eclipse is presented and taught. Emphasis is given to the tools that come with Eclipse, especially Ant, Junit and the CVS client. For those already skilled in these tools, this might seem like filler, but remember that there are still pitifully few Java developers using even these simple and free tools. My hat is off to the authors for their TDD evangelism, skillfully disguised as Eclipse usage instruction.

What's To Like I liked the progression followed in the book, first teaching the basic operation of Eclipse and then moving on to the tools that come with the base install. What's To Consider Some may consider that the material on Ant, Junit and CVS is filler. The 'Test Driven Development' theme may be a little too much evangelism for some.

I use Eclipse on a Mac OS X box and I felt that there was very little discussion concerning the cross-platform attributes of the tool. All of the screenshots were from a Microsoft Windows build of the software; a Linux or OS X screenshot would have been helpful.

One more niggle and then I'm done. There is no information on using Eclipse with other programming languages (a couple of paragraphs in the introduction chapter doesn't really count). I've recently started tinkering with Ruby and have used a Ruby plug-in to allow me to work within Eclipse as I learn the language. This is a wonderful testament to the power and extensibility of Eclipse.

Summary This is a good book. You know it's a good book when you already use the tool (both pure Eclipse and IBM's WSAD) regularly and you find yourself learning things that you had not previously been aware of. If you are working with Java and want a good free IDE that's going to grow with you, then Eclipse is a tool you should try -- and consider this book the User's Guide that would have been in the box if Eclipse came shrink-wrapped.

Table Of Contents

1. Using Eclipse
2. 1. Overview
   2. Getting started with the Eclipse Workbench
   3. The Java development cycle: test, code, repeat
   4. Working with source code in eclipse
   5. Building with Ant
   6. Source control with CVS
   7. Web development tools
3. Extending Eclipse
4. 1. Introduction to Eclipse plug-ins
   2. Working with plug-ins in Eclipse

You can purchase Eclipse in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Kyle Hamilton writes "Apache HTTP Server 1.3.28 Released - The Apache Software Foundation and The Apache Server Project are pleased to announce the release of version 1.3.28 of the Apache HTTP Server ("Apache"). This Announcement notes the significant changes in 1.3.28 as compared to 1.3.27. This version of Apache is principally a bug and security fix release."

Nathan Bubna writes "Jakarta Velocity Tools is a newly released project from the Apache Software Foundation. It provides servlets and tools for rapid, clean, MVC web development with Velocity, tools for using Velocity with the Jakarta Struts framework, and a set of generic tools to help with any Velocity project."

Nathan Bubna writes "Jakarta Velocity Tools is a newly released project from the Apache Software Foundation. It provides servlets and tools for rapid, clean, MVC web development with Velocity, tools for using Velocity with the Jakarta Struts framework, and a set of generic tools to help with any Velocity project."

Nathan Bubna writes "Jakarta Velocity Tools is a newly released project from the Apache Software Foundation. It provides servlets and tools for rapid, clean, MVC web development with Velocity, tools for using Velocity with the Jakarta Struts framework, and a set of generic tools to help with any Velocity project."

Nathan Bubna writes "Jakarta Velocity Tools is a newly released project from the Apache Software Foundation. It provides servlets and tools for rapid, clean, MVC web development with Velocity, tools for using Velocity with the Jakarta Struts framework, and a set of generic tools to help with any Velocity project."

Nathan Bubna writes "Jakarta Velocity Tools is a newly released project from the Apache Software Foundation. It provides servlets and tools for rapid, clean, MVC web development with Velocity, tools for using Velocity with the Jakarta Struts framework, and a set of generic tools to help with any Velocity project."

Quicksilver31337 writes "The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the tenth public release of the Apache 2.0 HTTP Server. This Announcement notes the significant changes in 2.0.47 as compared to 2.0.46. This version of Apache is principally a security and bug fix release."

Quicksilver31337 writes "The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the tenth public release of the Apache 2.0 HTTP Server. This Announcement notes the significant changes in 2.0.47 as compared to 2.0.46. This version of Apache is principally a security and bug fix release."

Quicksilver31337 writes "The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the tenth public release of the Apache 2.0 HTTP Server. This Announcement notes the significant changes in 2.0.47 as compared to 2.0.46. This version of Apache is principally a security and bug fix release."

PotPieMan writes "I recently finished reading JSP and Tag Libraries for Web Development, a book for JSP developers wanting to improve their skillset. Read on for my review." It's not a new book, but still relevant. JSP and Tag Libraries for Web Development author Wellington L.S. da Silva pages 420, including appendices publisher New Riders rating 6 reviewer PotPieMan ISBN 0735710953 summary A guide to designing and implementing JSP applications, with a focus on tag libraries.

The Scoop Web developers and designers have long wrestled with strategies for combining their efforts. Web developers don't mind looking at code but dislike dealing with the look of a page, while Web designers are the opposite. Dynamic Web page technologies, such as Microsoft's ASP, Perl's many template systems and Web frameworks (Text::Template, HTML::Template, HTML::Mason, CGI::Application, etc.), and PHP, were designed to give both developers and designers a chance to do their work without stepping on each other's toes.

Sun's answer was to release the Servlet API and later extend that to make JavaServer Pages. Initially, there was no clear role separation for servlets and JSPs, since a servlet could generate and display HTML just as easily as a JSP could perform business logic. The Model 2 architecture, based on Smalltalk's Model-View-Controller (MVC) design pattern, showed that servlets and JSPs complemented each other. Tag libraries extended the functionality of JSPs in a way that made it easier for developers and designers to collaborate.

JSP and Tag Libraries for Web Development is mostly targeted at Web developers who want advice on designing JSP applications and incorporating tag libraries. The book covers custom tag libraries, the Jakarta Struts framework, and various commercial and noncommercial tag libraries, such as Jakarta Taglibs.

What's to Like? The author starts with an introduction to servlets and JSPs, including a decent explanation of MVC. If you are comfortable with servlets and JSPs, this discussion is really more of a review than anything else.

The next two chapters introduce tag libraries and the author's example application (a simple article and author tracking system). The author illustrates the lifecycle of a tag, which helps if you haven't really used or written custom tags before. Da Silva also gives a very detailed discussion of tag library descriptors (TLDs). Some details might have been better left as an appendix, but it is nice to see such a comprehensive explanation of what you can put in a TLD.

Da Silva then spends about 100 pages on writing simple tags, iteration tags, body tags, and making all of these types of tags cooperate. The discussion is again very detailed, but seems unfocused in many parts. Very little of the code in these chapters ties in with his example application.

Next, the author spends three chapters on the Jakarta Struts framework. He explains how Struts naturally fits into the MVC design pattern and gives various examples of how to structure your Struts application. He also includes an entire chapter on finishing his example application, going over Struts ActionForms, Struts Actions (including a method to prevent double submission that I had not seen before), and Struts' method of internationalization on JSPs.

Finally, the author runs through the Jakarta Taglibs project and some commercial tag libraries. Brief examples are provided, but this chapter really needed more attention than da Silva gave it.

What's to Consider Overall, JSP and Tag Libraries for Web Development feels unfocused. The author's central points are explained well in many places, but lost in many others. With some reorganization, I think the book could make a much stronger case for appropriate uses of tag libraries, both application-specific and general (e.g. Struts and Taglibs).

Sections where general tag libraries are discussed read very much like the documentation available on project Web sites, such as the struts-html tag library documentation. These really should have been left as an appendix, with better explanations and usage examples provided in their place.

I was also very disappointed in the author's use of Struts Action classes. He combined various actions (add, edit, delete, etc.) to perform on a specific object and tested for a URL parameter to decide what to do. In my opinion, each action should be encapsulated in one Action class (AddObjectAction, EditObjectAction, and DeleteObjectAction). The author's design leads to URL hackery which Struts tries to avoid.

Recently, Struts released a stable version of the 1.1 series, which this book does not cover (it was published in early 2002). Readers should be familiar with the Struts documentation for this release before picking up this book.

The book's Web site is under construction, and I've been able to find little information on the publisher's site.

The Summary A okay book with room for improvement. While the author shows his technical knowledge, the book loses its direction in places. Most developers can probably get by with the documentation available on the Web. Table of Contents

1. Understanding the Tag Library Extension API
2. 1. Introduction to Servlets and JavaServer Pages
   2. Introduction to Tag Libraries
   3. Writing Custom Tags
   4. Cooperating Tags and Validation
   5. Design Considerations
3. The Struts Framework
4. 1. The Jakarta Struts Project
   2. Struts Tag Libraries
   3. Anatomy of a Struts Application
5. The Jakarta Taglibs and Other Resources
   1. The Jakarta Taglibs Project
   2. Commercial Tag Libraries
   3. Other Resources
6. Appendices
7. 1. Tomcat
   2. Allaire JRun
   3. Orion
   4. MySQL
   5. Mapping Servlet-JSP Objects
   6. The Apache Software License, Version 1.1

You can purchase the JSP and Tag Libraries for Web Development from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

PotPieMan writes "I recently finished reading JSP and Tag Libraries for Web Development, a book for JSP developers wanting to improve their skillset. Read on for my review." It's not a new book, but still relevant. JSP and Tag Libraries for Web Development author Wellington L.S. da Silva pages 420, including appendices publisher New Riders rating 6 reviewer PotPieMan ISBN 0735710953 summary A guide to designing and implementing JSP applications, with a focus on tag libraries.

The Scoop Web developers and designers have long wrestled with strategies for combining their efforts. Web developers don't mind looking at code but dislike dealing with the look of a page, while Web designers are the opposite. Dynamic Web page technologies, such as Microsoft's ASP, Perl's many template systems and Web frameworks (Text::Template, HTML::Template, HTML::Mason, CGI::Application, etc.), and PHP, were designed to give both developers and designers a chance to do their work without stepping on each other's toes.

Sun's answer was to release the Servlet API and later extend that to make JavaServer Pages. Initially, there was no clear role separation for servlets and JSPs, since a servlet could generate and display HTML just as easily as a JSP could perform business logic. The Model 2 architecture, based on Smalltalk's Model-View-Controller (MVC) design pattern, showed that servlets and JSPs complemented each other. Tag libraries extended the functionality of JSPs in a way that made it easier for developers and designers to collaborate.

JSP and Tag Libraries for Web Development is mostly targeted at Web developers who want advice on designing JSP applications and incorporating tag libraries. The book covers custom tag libraries, the Jakarta Struts framework, and various commercial and noncommercial tag libraries, such as Jakarta Taglibs.

What's to Like? The author starts with an introduction to servlets and JSPs, including a decent explanation of MVC. If you are comfortable with servlets and JSPs, this discussion is really more of a review than anything else.

The next two chapters introduce tag libraries and the author's example application (a simple article and author tracking system). The author illustrates the lifecycle of a tag, which helps if you haven't really used or written custom tags before. Da Silva also gives a very detailed discussion of tag library descriptors (TLDs). Some details might have been better left as an appendix, but it is nice to see such a comprehensive explanation of what you can put in a TLD.

Da Silva then spends about 100 pages on writing simple tags, iteration tags, body tags, and making all of these types of tags cooperate. The discussion is again very detailed, but seems unfocused in many parts. Very little of the code in these chapters ties in with his example application.

Next, the author spends three chapters on the Jakarta Struts framework. He explains how Struts naturally fits into the MVC design pattern and gives various examples of how to structure your Struts application. He also includes an entire chapter on finishing his example application, going over Struts ActionForms, Struts Actions (including a method to prevent double submission that I had not seen before), and Struts' method of internationalization on JSPs.

Finally, the author runs through the Jakarta Taglibs project and some commercial tag libraries. Brief examples are provided, but this chapter really needed more attention than da Silva gave it.

What's to Consider Overall, JSP and Tag Libraries for Web Development feels unfocused. The author's central points are explained well in many places, but lost in many others. With some reorganization, I think the book could make a much stronger case for appropriate uses of tag libraries, both application-specific and general (e.g. Struts and Taglibs).

Sections where general tag libraries are discussed read very much like the documentation available on project Web sites, such as the struts-html tag library documentation. These really should have been left as an appendix, with better explanations and usage examples provided in their place.

I was also very disappointed in the author's use of Struts Action classes. He combined various actions (add, edit, delete, etc.) to perform on a specific object and tested for a URL parameter to decide what to do. In my opinion, each action should be encapsulated in one Action class (AddObjectAction, EditObjectAction, and DeleteObjectAction). The author's design leads to URL hackery which Struts tries to avoid.

Recently, Struts released a stable version of the 1.1 series, which this book does not cover (it was published in early 2002). Readers should be familiar with the Struts documentation for this release before picking up this book.

The book's Web site is under construction, and I've been able to find little information on the publisher's site.

The Summary A okay book with room for improvement. While the author shows his technical knowledge, the book loses its direction in places. Most developers can probably get by with the documentation available on the Web. Table of Contents

1. Understanding the Tag Library Extension API
2. 1. Introduction to Servlets and JavaServer Pages
   2. Introduction to Tag Libraries
   3. Writing Custom Tags
   4. Cooperating Tags and Validation
   5. Design Considerations
3. The Struts Framework
4. 1. The Jakarta Struts Project
   2. Struts Tag Libraries
   3. Anatomy of a Struts Application
5. The Jakarta Taglibs and Other Resources
   1. The Jakarta Taglibs Project
   2. Commercial Tag Libraries
   3. Other Resources
6. Appendices
7. 1. Tomcat
   2. Allaire JRun
   3. Orion
   4. MySQL
   5. Mapping Servlet-JSP Objects
   6. The Apache Software License, Version 1.1

You can purchase the JSP and Tag Libraries for Web Development from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

PotPieMan writes "I recently finished reading JSP and Tag Libraries for Web Development, a book for JSP developers wanting to improve their skillset. Read on for my review." It's not a new book, but still relevant. JSP and Tag Libraries for Web Development author Wellington L.S. da Silva pages 420, including appendices publisher New Riders rating 6 reviewer PotPieMan ISBN 0735710953 summary A guide to designing and implementing JSP applications, with a focus on tag libraries.

The Scoop Web developers and designers have long wrestled with strategies for combining their efforts. Web developers don't mind looking at code but dislike dealing with the look of a page, while Web designers are the opposite. Dynamic Web page technologies, such as Microsoft's ASP, Perl's many template systems and Web frameworks (Text::Template, HTML::Template, HTML::Mason, CGI::Application, etc.), and PHP, were designed to give both developers and designers a chance to do their work without stepping on each other's toes.

Sun's answer was to release the Servlet API and later extend that to make JavaServer Pages. Initially, there was no clear role separation for servlets and JSPs, since a servlet could generate and display HTML just as easily as a JSP could perform business logic. The Model 2 architecture, based on Smalltalk's Model-View-Controller (MVC) design pattern, showed that servlets and JSPs complemented each other. Tag libraries extended the functionality of JSPs in a way that made it easier for developers and designers to collaborate.

JSP and Tag Libraries for Web Development is mostly targeted at Web developers who want advice on designing JSP applications and incorporating tag libraries. The book covers custom tag libraries, the Jakarta Struts framework, and various commercial and noncommercial tag libraries, such as Jakarta Taglibs.

What's to Like? The author starts with an introduction to servlets and JSPs, including a decent explanation of MVC. If you are comfortable with servlets and JSPs, this discussion is really more of a review than anything else.

The next two chapters introduce tag libraries and the author's example application (a simple article and author tracking system). The author illustrates the lifecycle of a tag, which helps if you haven't really used or written custom tags before. Da Silva also gives a very detailed discussion of tag library descriptors (TLDs). Some details might have been better left as an appendix, but it is nice to see such a comprehensive explanation of what you can put in a TLD.

Da Silva then spends about 100 pages on writing simple tags, iteration tags, body tags, and making all of these types of tags cooperate. The discussion is again very detailed, but seems unfocused in many parts. Very little of the code in these chapters ties in with his example application.

Next, the author spends three chapters on the Jakarta Struts framework. He explains how Struts naturally fits into the MVC design pattern and gives various examples of how to structure your Struts application. He also includes an entire chapter on finishing his example application, going over Struts ActionForms, Struts Actions (including a method to prevent double submission that I had not seen before), and Struts' method of internationalization on JSPs.

Finally, the author runs through the Jakarta Taglibs project and some commercial tag libraries. Brief examples are provided, but this chapter really needed more attention than da Silva gave it.

What's to Consider Overall, JSP and Tag Libraries for Web Development feels unfocused. The author's central points are explained well in many places, but lost in many others. With some reorganization, I think the book could make a much stronger case for appropriate uses of tag libraries, both application-specific and general (e.g. Struts and Taglibs).

Sections where general tag libraries are discussed read very much like the documentation available on project Web sites, such as the struts-html tag library documentation. These really should have been left as an appendix, with better explanations and usage examples provided in their place.

I was also very disappointed in the author's use of Struts Action classes. He combined various actions (add, edit, delete, etc.) to perform on a specific object and tested for a URL parameter to decide what to do. In my opinion, each action should be encapsulated in one Action class (AddObjectAction, EditObjectAction, and DeleteObjectAction). The author's design leads to URL hackery which Struts tries to avoid.

Recently, Struts released a stable version of the 1.1 series, which this book does not cover (it was published in early 2002). Readers should be familiar with the Struts documentation for this release before picking up this book.

The book's Web site is under construction, and I've been able to find little information on the publisher's site.

The Summary A okay book with room for improvement. While the author shows his technical knowledge, the book loses its direction in places. Most developers can probably get by with the documentation available on the Web. Table of Contents

1. Understanding the Tag Library Extension API
2. 1. Introduction to Servlets and JavaServer Pages
   2. Introduction to Tag Libraries
   3. Writing Custom Tags
   4. Cooperating Tags and Validation
   5. Design Considerations
3. The Struts Framework
4. 1. The Jakarta Struts Project
   2. Struts Tag Libraries
   3. Anatomy of a Struts Application
5. The Jakarta Taglibs and Other Resources
   1. The Jakarta Taglibs Project
   2. Commercial Tag Libraries
   3. Other Resources
6. Appendices
7. 1. Tomcat
   2. Allaire JRun
   3. Orion
   4. MySQL
   5. Mapping Servlet-JSP Objects
   6. The Apache Software License, Version 1.1

You can purchase the JSP and Tag Libraries for Web Development from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

PotPieMan writes "I recently finished reading JSP and Tag Libraries for Web Development, a book for JSP developers wanting to improve their skillset. Read on for my review." It's not a new book, but still relevant. JSP and Tag Libraries for Web Development author Wellington L.S. da Silva pages 420, including appendices publisher New Riders rating 6 reviewer PotPieMan ISBN 0735710953 summary A guide to designing and implementing JSP applications, with a focus on tag libraries.

The Scoop Web developers and designers have long wrestled with strategies for combining their efforts. Web developers don't mind looking at code but dislike dealing with the look of a page, while Web designers are the opposite. Dynamic Web page technologies, such as Microsoft's ASP, Perl's many template systems and Web frameworks (Text::Template, HTML::Template, HTML::Mason, CGI::Application, etc.), and PHP, were designed to give both developers and designers a chance to do their work without stepping on each other's toes.

Sun's answer was to release the Servlet API and later extend that to make JavaServer Pages. Initially, there was no clear role separation for servlets and JSPs, since a servlet could generate and display HTML just as easily as a JSP could perform business logic. The Model 2 architecture, based on Smalltalk's Model-View-Controller (MVC) design pattern, showed that servlets and JSPs complemented each other. Tag libraries extended the functionality of JSPs in a way that made it easier for developers and designers to collaborate.

JSP and Tag Libraries for Web Development is mostly targeted at Web developers who want advice on designing JSP applications and incorporating tag libraries. The book covers custom tag libraries, the Jakarta Struts framework, and various commercial and noncommercial tag libraries, such as Jakarta Taglibs.

What's to Like? The author starts with an introduction to servlets and JSPs, including a decent explanation of MVC. If you are comfortable with servlets and JSPs, this discussion is really more of a review than anything else.

The next two chapters introduce tag libraries and the author's example application (a simple article and author tracking system). The author illustrates the lifecycle of a tag, which helps if you haven't really used or written custom tags before. Da Silva also gives a very detailed discussion of tag library descriptors (TLDs). Some details might have been better left as an appendix, but it is nice to see such a comprehensive explanation of what you can put in a TLD.

Da Silva then spends about 100 pages on writing simple tags, iteration tags, body tags, and making all of these types of tags cooperate. The discussion is again very detailed, but seems unfocused in many parts. Very little of the code in these chapters ties in with his example application.

Next, the author spends three chapters on the Jakarta Struts framework. He explains how Struts naturally fits into the MVC design pattern and gives various examples of how to structure your Struts application. He also includes an entire chapter on finishing his example application, going over Struts ActionForms, Struts Actions (including a method to prevent double submission that I had not seen before), and Struts' method of internationalization on JSPs.

Finally, the author runs through the Jakarta Taglibs project and some commercial tag libraries. Brief examples are provided, but this chapter really needed more attention than da Silva gave it.

What's to Consider Overall, JSP and Tag Libraries for Web Development feels unfocused. The author's central points are explained well in many places, but lost in many others. With some reorganization, I think the book could make a much stronger case for appropriate uses of tag libraries, both application-specific and general (e.g. Struts and Taglibs).

Sections where general tag libraries are discussed read very much like the documentation available on project Web sites, such as the struts-html tag library documentation. These really should have been left as an appendix, with better explanations and usage examples provided in their place.

I was also very disappointed in the author's use of Struts Action classes. He combined various actions (add, edit, delete, etc.) to perform on a specific object and tested for a URL parameter to decide what to do. In my opinion, each action should be encapsulated in one Action class (AddObjectAction, EditObjectAction, and DeleteObjectAction). The author's design leads to URL hackery which Struts tries to avoid.

Recently, Struts released a stable version of the 1.1 series, which this book does not cover (it was published in early 2002). Readers should be familiar with the Struts documentation for this release before picking up this book.

The book's Web site is under construction, and I've been able to find little information on the publisher's site.

The Summary A okay book with room for improvement. While the author shows his technical knowledge, the book loses its direction in places. Most developers can probably get by with the documentation available on the Web. Table of Contents

1. Understanding the Tag Library Extension API
2. 1. Introduction to Servlets and JavaServer Pages
   2. Introduction to Tag Libraries
   3. Writing Custom Tags
   4. Cooperating Tags and Validation
   5. Design Considerations
3. The Struts Framework
4. 1. The Jakarta Struts Project
   2. Struts Tag Libraries
   3. Anatomy of a Struts Application
5. The Jakarta Taglibs and Other Resources
   1. The Jakarta Taglibs Project
   2. Commercial Tag Libraries
   3. Other Resources
6. Appendices
7. 1. Tomcat
   2. Allaire JRun
   3. Orion
   4. MySQL
   5. Mapping Servlet-JSP Objects
   6. The Apache Software License, Version 1.1

You can purchase the JSP and Tag Libraries for Web Development from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

fruey writes "Following Reasoning's February analysis of the Linux TCP/IP stack (putting it ahead of many commercial implementations for it's low error density), they recently pitted Apache 2.1 source code against commercial web server offerings, although they don't say which. Apparently, Apache is close, but no cigar..."

Evil Grinn writes "The long-awaited release of Struts 1.1 has finally happened. See the release notes for all of the changes since the last Release Candidate and also since Struts 1.0.2. Many new features are available in a stable production release for the first time today. Congratulations to the entire Struts team."

The Apache HTTP Server Project writes "Apache 2.0.46 has been released. It's an important security-fix release, fixing both a crash bug [CAN-2003-0245] and a DoS [CAN-2003-0189], so everybody using prior versions of Apache 2.0 should grab a copy from the nearest mirror and upgrade!"

The Apache HTTP Server Project writes "Apache 2.0.46 has been released. It's an important security-fix release, fixing both a crash bug [CAN-2003-0245] and a DoS [CAN-2003-0189], so everybody using prior versions of Apache 2.0 should grab a copy from the nearest mirror and upgrade!"

The Apache HTTP Server Project writes "Apache 2.0.46 has been released. It's an important security-fix release, fixing both a crash bug [CAN-2003-0245] and a DoS [CAN-2003-0189], so everybody using prior versions of Apache 2.0 should grab a copy from the nearest mirror and upgrade!"

newkid asks: "Our company needs to upgrade its standard browser, a difficult decision when we factor security, compatibility and the logistics of actually doing it. For compatibility, Internet Explorer is required by internal applications like IBM Tivoli Storage Manager, so we have to keep it. On the security front, expert bulletins keep ranting every week about the latest gaping holes in IE but nobody really seems concerned: for example, many on-line banking services only work in IE, and they don't check for patches. Meanwhile, users do not care, as a large portion of the traffic still comes from IE 5.5, a version discontinued by Microsoft. As for logistics,the software distribution technology and the cost of patching both make the project much larger than we can undertake this year. Our two options are: roll-out IE without patching, or roll-out IE and Netscape, but lock IE so it can only surf on intranet sites, and update NS with rsync or Ant. What is your company doing? What is your strategy? How serious are the security threats? What are the documented security breach caused by IE? We need a reality check."

Web Sawy asks: "I work for a large-ish company (4000+). We have a number of disparate divisions and, believe it or not, varying knowledge on How Technology Works. It was brought to my attention that one part of the corporate website has been using 'a third party tool' to 'compare the performance of individual ads'. In other words, some external party is tracking user surfing habits. How does one go about educating co-workers on the evils of these third party services, which are currently 'helping' the Marketing department? What technologies are people using to do this type of reporting to help the Marketing department generate their numbers? In the world that I live, I can't even see those third-party ads (or hidden images!). I certainly can build my own user tracking system using existing technologies but before I fight that major uphill battle, I wonder if Slashdot readers would share their insights."

BSD Forums writes "OpenBSD recently changed the mode of operation for the Apache webserver from the normal non-chrooted operation to chrooted operation. This enhances the security of the server on which Apache is run but it imposes a few challenges to the system administrator. In this article Marc Balmer discusses selected aspects of running a chrooted HTTP daemon and present strategies on how to set up a chrooted environment for more complex applications like database access or using CGI-scripts."

cioxx writes "Speaking to a few-hundred ISVs at an Oracle-sponsored event in New York, Larry Ellison made a bold prediction , also covered in Infoworld, stating: "(Microsoft has) already been killed by one open-source product. Slaughtered, wiped out, taken from market dominance to irrelevance [...]", referring to Apache's displacement of MS IIS server. He continues on with a claim that battle for datacenter dominance is looming with a clear advantage on the side of Open-Source platforms, and desktop would follow once Star Office becomes completely "usable" to compete with MS Office. "And it's going to happen to them again on Linux." Newsforge also has a related article on Oracles ongoing linux efforts.

thx2001r writes "Well, it's no longer April 1st across the contiguous United States, so the coast is clear to say Apache 2.0.45 is released. This version contains two important security fixes and a number of bug fixes. The security fixes affect all platforms and versions of Apache 2.0.x up until this update with some special caveats for the 2.0.45 OS/2 release. It looks like the first security vulnerability addressed in this eighth public release of the Apache 2.0.x series is having its details witheld until April 8th. This is being called "a significant Denial of Service vulnerability" for Apache 2.0.x by the ASF."

thx2001r writes "Well, it's no longer April 1st across the contiguous United States, so the coast is clear to say Apache 2.0.45 is released. This version contains two important security fixes and a number of bug fixes. The security fixes affect all platforms and versions of Apache 2.0.x up until this update with some special caveats for the 2.0.45 OS/2 release. It looks like the first security vulnerability addressed in this eighth public release of the Apache 2.0.x series is having its details witheld until April 8th. This is being called "a significant Denial of Service vulnerability" for Apache 2.0.x by the ASF."

Slashback this evening brings updates on social networks, Audioscrobbler, the Social Security-number security breach at the University of Texas at Austin, and more. Read on for the details.

Why meet people in real life? Roland Piquepaille writes "I wrote [Saturday] a column about social-network mapping tools mentioned by Slashdot. Slashdot readers sent me many comments and e-mails about other visualization tools. Here are these new tools, in no particular order: email constellations, Apache Agora, NetVis Module, EtherApe, inGridX, NameBase's Proximity Search, Surf3D Pro and the dazzling KartOO. Finally, a reader talked about another kind of tools, the Visual Thesaurus. This web tool is not about social mapping, but it shows graphical connections between words. In this previous column, "The Visual Thesaurus: What Does it Show About Thanksgiving?," I already explored this very funny tool. Check this new story for more the details about all these tools."

Update: 03/19 00:34 GMT by T : Directly related: Josh Tyler writes "Related to a recent Slashdot posting on social networks is this paper on automatically discovering communities based on email data, just published by our group at HP Labs. We find that simple communication data is enough to identify communities, both formal and informal, and possibly even to identify the leaders of these groups."

Speaking of online community ... TGK writes "Audioscrobbler (which many of us visited the first time it was posted here) has a new site up, and most importantly, new plugins for XMMS and Winamp 3."

From the site, a capsule description of what Audioscrobbler does: "It grows to know what music you like by monitoring what songs you play on your computer. From this information you can discover other users that share some or all of your taste in music."

Feedback is always cool. An anonymous reader writes: "Sudhakar Govindavajhala, co-author of the paper referenced by the Saturday Slashdot article 'Using Memory Errors to Attack a Virtual Machine,' has responded to many of your [Slashdot readers'] questions and comments. His commentary is located at his Princeton CS website."

Another reason that Social Security isn't. GregAllen writes "Remember the recent case of SSN data theft at The University of Texas? A student has turned himself in. In his confession he says that he acted alone, and had no intention to disseminate the information. Maybe this will convince them to stop using SSNs for student IDs." Bonker also points out that "Salon is carrying an AP article that's a followup to the story a few days ago about the mass of Social Security Numbers stolen from University of Texas. Christopher Andrew Phillips is described as a 'fine young man who has never before been in trouble with the law'. Apparently he wrote a program 'to access a university Web site that tracks employees who attend training classes'. Whether or not this was done for illegitimate purposes remains to be seen. As a former UTA student, I'm glad my SSN is no longer in danger!"

What's the state of the device? An anonymous reader writes "N-Philes.com did another State of the GBA Industry Article and Roundtable. Here is the Industry Article, and here is the Roundtable"

Update: 03/19 00:34 GMT by T : And one more presroi writes "Just one week after even slashdot has noticed the new 2.2.24 linux kernel, Alan Cox has announced a new version due to a security issue found in 2.2 as well as in the 2.4 branch. I hope that we all were to lazy to upgrade from 2.2.X to .24 until now :)"

Saqib Ali asks: "Later this year, I will be starting a project, that will involve storing XML data in a database. I understand why a Relational DB is not a good choice. I also understand why a pure OODB like Objectivity is not a good option either. So I started doing some research into various XML DBs like Apache Xindice, exist-db, Oracle 9i, and others, but I am unable to decide which XML DB to use. What criteria should one use when evaluating whether an XML DB will be a good option for a particular application? I would prefer using an Open Source solution. Initially my application wil involve storing reports in an XML repository, for retrieval via XPath, but the reports will get larger with time. Any suggestions on how to decide which database to use?"

Verity Stob writes "There is a turning point in the emergence of a programming methodology. It doesn't matter how big and popular the website is, nor how many papers have been published in the ACM journals or development magazines, nor even whether the first conferences have been a sell-out. A methodology hasn't made really made it until somebody has published a Proper Book. With Aspect-Oriented Programming with AspectJ author Ivan Kiselev is bidding to drag AOP into the mainstream. He is motivated, he says in his introduction, by the recollection of the 25 odd years it took for the object-oriented concept to spread from its Simula origins in frosty Norway to being the everyday tool of Joe Coder. He aims to prevent this delay happening to AOP." Read on for Verity Stob's review of Kiselev's book. Aspect-Oriented Programming with AspectJ author Ivan Kiselev pages 274 publisher SAMS rating Excellent reviewer Verity Stob ISBN 0672324105 summary Introduction to a new programming technique using an extension to Java

He has divided the book into four parts. Part I provides a brief sketch of AOP and introduces its concepts. AOP builds on OOP, asserting that we need a new programming entity called, wait for it, an aspect. Mr Kiselev's explanation of aspects reminded me of that bit in The Hitchhiker's Guide to the Galaxy when the planet Golgafrincham divided its population into A types (who were the leaders, the scientists and the great artists), the C types (who were the people who did all the actual making of things and doing of things), and the B types, who comprised everybody left over: telephone sanitizers, advertising account executives and hairdressers. As I understand Mr Kiselev, the AOP view of things is that objects and classes (A type thinkers) and low-level procedures and APIs (C type doers) can be nicely encapsulated using traditional components. But aspects, software's little hairdressers, get their fingers into everything, and until now there has been no way to encapsulate them. This of course is what AOP in general and specifically the AspectJ superset of the Java language set out to do.

AspectJ's eponymous aspects are constructs not unlike ordinary classes. Mr Kiselev has not resisted the temptation to make an aspect Hello World example, and it looks reassuringly so-whatish:

package intro;

import java.io.*;

public aspect HelloWorldA
{
public static void main(String args[])
{
System.out.println(Hello, world!);
}
}

Mr Kiselev then lays out his stall of New Things. A join point is any point in execution flow that AspectJ can identify and -- to get slightly ahead of ourselves -- execute some extra code. The most frequently used kind of join point being the call to a method. Pointcuts specify collections of join points; as a regular expression is to an instance of matched text, so a pointcut is to a matching join point. An advice (with horrid plural 'advices') is the code to be executed when a given pointcut is matched. If you are familiar with Eiffel's pre- and post-conditions, then you'll understand if I say that it is common for advices to run in the same way, topping and/or tailing the execution of a method. The differences are that aspects are specified from outside the method without touching the method or its class's code, and that aspects can be applied to multiple methods in one go. Mr Kiselev concludes this section of the book with a few simplistic examples of 'here is class A, here is class B' kind.

In Part II Mr Kiselev rolls up his sleeves and takes us through an extended, realistic example. I did wonder if perhaps it weren't a wee bit too realistic, as it is a miniature website application for news story submission and reading -- sort of Slashdot Ultralite -- all done using JSP and a MySQL database. Just explaining this setup, without even using any AspectJ, consumes a 15-page chapter. Since I am a C++ programmer who has not had any contact with JSP, I was initially anxious that I might not be able to follow this. However, recalling that www.[name withheld].com, the clumsiest, ugliest corporate website on the Internet, is programmed in JSP, I reasoned that if the dolts that programmed that site could understand JSP then it couldn't be very hard. So it proved.

The first example comprises adding password protection to the application. This is achieved by adding an advice that intercepts calls to doStartTag() methods. The advice can test if the user is logged in and, if he isn't, throw an exception that will dump him back at the login page. (Who says exceptions aren't 21st century gotos?) At this point Mr Kiselev admits that the cute 10-line implementation that he initially shows is in reality a non-starter; for one thing not all pages that must be secured define doStartTag() methods, for another the aspect can't reach an instance variable it needs to read because it is declared in protected scope. The second problem is easily overcome. AOP offers a mechanism by which extra classes can be bodged ('introduced' is the preferred verb in the AOP community) into the hierarchy as parents of existing classes. He uses this to add an accessor method for the field in question. The other problem is not so neatly smothered, and it is somewhat ruefully that Mr Kiselev produces his final, two-page solution. But I think that it is greatly to Mr K's credit that he does this - it tastes like programming in the real world as I have experienced it.

For the rest of Part II, Mr K demonstrates other applications of AOP using the AspectNews code. This includes Eiffelish design-by-contract stuff, improved exception handling, various debugging and tuning techniques (specifically logging, tracing and profiling) and a chapter on runtime improvements - stream buffering, database connection pooling and result caching - which show the AOP way to do things, usually where I would expect to be putting in proxy classes.

In part III we get down and dirty with the AspectJ language. This is the part where the book explains the obscure stuff: how to make a pointcut that picks up object preinitialization, or make an advice that goes off only when you are exiting a method on the back of an exception. I skimmed this bit - I guess it will become vital when I start using AspectJ in earnest. It looked good and clear on a flick through. A brief part IV contains some patterns, to give one a start when engaging AspectJ in earnest. Apparently it is horribly easy to create infinitely recursive situations, so if you here a faint popping sound from your machine it will be the stack colliding with the heap. There are seven appendices, supplying such things as a summary of the API in AspectJ's packages and hints on obtaining and using the Open Source supplementary tools mentioned in the book (Tomcat JSP container, MySQL database and Ant make replacement). AspectJ itself, now escaped from Xerox PARC, can be downloaded from the Eclipse website.

Complaints? None really. Oh all right, here's a nitpicklette because it's you: at page 75 Mr Kiselev adopts the irritating Internet habit of writing 'loosing' when he means 'losing'. Note to publisher SAMS proofreaders: do I win 25 cents?

For the rest, this is a lucid and readable book that describes the Next Big Methodology. I'm a bit alarmed at the prospect of squeezing new actions into the cracks of existing code, but I dare say I'll grow to love it.

A word of warning to the eager: since this technology is currently implemented as a species of preprocessor that relies on having all the source code available at once, so it is rather slow and probably isn't going into production shops for a while. There again, I seem to remember the comparable Cfront C++ compiler doing rather well, before we had platform-native C++ compilers.

And to the sceptics: if you think you can ignore AOP, don't forget the fate of the A and C type inhabitants of Golgafrincham, who having sent their B type telephone sanitizers into exile were all wiped out by a germ caught from a particularly dirty telephone.

You can purchase Aspect-Oriented Programming with AspectJ from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Verity Stob writes "There is a turning point in the emergence of a programming methodology. It doesn't matter how big and popular the website is, nor how many papers have been published in the ACM journals or development magazines, nor even whether the first conferences have been a sell-out. A methodology hasn't made really made it until somebody has published a Proper Book. With Aspect-Oriented Programming with AspectJ author Ivan Kiselev is bidding to drag AOP into the mainstream. He is motivated, he says in his introduction, by the recollection of the 25 odd years it took for the object-oriented concept to spread from its Simula origins in frosty Norway to being the everyday tool of Joe Coder. He aims to prevent this delay happening to AOP." Read on for Verity Stob's review of Kiselev's book. Aspect-Oriented Programming with AspectJ author Ivan Kiselev pages 274 publisher SAMS rating Excellent reviewer Verity Stob ISBN 0672324105 summary Introduction to a new programming technique using an extension to Java

He has divided the book into four parts. Part I provides a brief sketch of AOP and introduces its concepts. AOP builds on OOP, asserting that we need a new programming entity called, wait for it, an aspect. Mr Kiselev's explanation of aspects reminded me of that bit in The Hitchhiker's Guide to the Galaxy when the planet Golgafrincham divided its population into A types (who were the leaders, the scientists and the great artists), the C types (who were the people who did all the actual making of things and doing of things), and the B types, who comprised everybody left over: telephone sanitizers, advertising account executives and hairdressers. As I understand Mr Kiselev, the AOP view of things is that objects and classes (A type thinkers) and low-level procedures and APIs (C type doers) can be nicely encapsulated using traditional components. But aspects, software's little hairdressers, get their fingers into everything, and until now there has been no way to encapsulate them. This of course is what AOP in general and specifically the AspectJ superset of the Java language set out to do.

AspectJ's eponymous aspects are constructs not unlike ordinary classes. Mr Kiselev has not resisted the temptation to make an aspect Hello World example, and it looks reassuringly so-whatish:

package intro;

import java.io.*;

public aspect HelloWorldA
{
public static void main(String args[])
{
System.out.println(Hello, world!);
}
}

Mr Kiselev then lays out his stall of New Things. A join point is any point in execution flow that AspectJ can identify and -- to get slightly ahead of ourselves -- execute some extra code. The most frequently used kind of join point being the call to a method. Pointcuts specify collections of join points; as a regular expression is to an instance of matched text, so a pointcut is to a matching join point. An advice (with horrid plural 'advices') is the code to be executed when a given pointcut is matched. If you are familiar with Eiffel's pre- and post-conditions, then you'll understand if I say that it is common for advices to run in the same way, topping and/or tailing the execution of a method. The differences are that aspects are specified from outside the method without touching the method or its class's code, and that aspects can be applied to multiple methods in one go. Mr Kiselev concludes this section of the book with a few simplistic examples of 'here is class A, here is class B' kind.

In Part II Mr Kiselev rolls up his sleeves and takes us through an extended, realistic example. I did wonder if perhaps it weren't a wee bit too realistic, as it is a miniature website application for news story submission and reading -- sort of Slashdot Ultralite -- all done using JSP and a MySQL database. Just explaining this setup, without even using any AspectJ, consumes a 15-page chapter. Since I am a C++ programmer who has not had any contact with JSP, I was initially anxious that I might not be able to follow this. However, recalling that www.[name withheld].com, the clumsiest, ugliest corporate website on the Internet, is programmed in JSP, I reasoned that if the dolts that programmed that site could understand JSP then it couldn't be very hard. So it proved.

The first example comprises adding password protection to the application. This is achieved by adding an advice that intercepts calls to doStartTag() methods. The advice can test if the user is logged in and, if he isn't, throw an exception that will dump him back at the login page. (Who says exceptions aren't 21st century gotos?) At this point Mr Kiselev admits that the cute 10-line implementation that he initially shows is in reality a non-starter; for one thing not all pages that must be secured define doStartTag() methods, for another the aspect can't reach an instance variable it needs to read because it is declared in protected scope. The second problem is easily overcome. AOP offers a mechanism by which extra classes can be bodged ('introduced' is the preferred verb in the AOP community) into the hierarchy as parents of existing classes. He uses this to add an accessor method for the field in question. The other problem is not so neatly smothered, and it is somewhat ruefully that Mr Kiselev produces his final, two-page solution. But I think that it is greatly to Mr K's credit that he does this - it tastes like programming in the real world as I have experienced it.

For the rest of Part II, Mr K demonstrates other applications of AOP using the AspectNews code. This includes Eiffelish design-by-contract stuff, improved exception handling, various debugging and tuning techniques (specifically logging, tracing and profiling) and a chapter on runtime improvements - stream buffering, database connection pooling and result caching - which show the AOP way to do things, usually where I would expect to be putting in proxy classes.

In part III we get down and dirty with the AspectJ language. This is the part where the book explains the obscure stuff: how to make a pointcut that picks up object preinitialization, or make an advice that goes off only when you are exiting a method on the back of an exception. I skimmed this bit - I guess it will become vital when I start using AspectJ in earnest. It looked good and clear on a flick through. A brief part IV contains some patterns, to give one a start when engaging AspectJ in earnest. Apparently it is horribly easy to create infinitely recursive situations, so if you here a faint popping sound from your machine it will be the stack colliding with the heap. There are seven appendices, supplying such things as a summary of the API in AspectJ's packages and hints on obtaining and using the Open Source supplementary tools mentioned in the book (Tomcat JSP container, MySQL database and Ant make replacement). AspectJ itself, now escaped from Xerox PARC, can be downloaded from the Eclipse website.

Complaints? None really. Oh all right, here's a nitpicklette because it's you: at page 75 Mr Kiselev adopts the irritating Internet habit of writing 'loosing' when he means 'losing'. Note to publisher SAMS proofreaders: do I win 25 cents?

For the rest, this is a lucid and readable book that describes the Next Big Methodology. I'm a bit alarmed at the prospect of squeezing new actions into the cracks of existing code, but I dare say I'll grow to love it.

A word of warning to the eager: since this technology is currently implemented as a species of preprocessor that relies on having all the source code available at once, so it is rather slow and probably isn't going into production shops for a while. There again, I seem to remember the comparable Cfront C++ compiler doing rather well, before we had platform-native C++ compilers.

And to the sceptics: if you think you can ignore AOP, don't forget the fate of the A and C type inhabitants of Golgafrincham, who having sent their B type telephone sanitizers into exile were all wiped out by a germ caught from a particularly dirty telephone.

You can purchase Aspect-Oriented Programming with AspectJ from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

hardcorejon writes "Am I the only person who didn't notice that on November 18th 2002, the Apache Ant Project had migrated out from under the Jakarta Project umbrella to become a top-level Apache project, joining the ranks of the Apache HTTP Server Project? Well, for those of us who use Ant on a regular basis, this is great news. Ant is an incredibly powerful tool, increasingly a standard build system for many new projects."

hardcorejon writes "Am I the only person who didn't notice that on November 18th 2002, the Apache Ant Project had migrated out from under the Jakarta Project umbrella to become a top-level Apache project, joining the ranks of the Apache HTTP Server Project? Well, for those of us who use Ant on a regular basis, this is great news. Ant is an incredibly powerful tool, increasingly a standard build system for many new projects."

hardcorejon writes "Am I the only person who didn't notice that on November 18th 2002, the Apache Ant Project had migrated out from under the Jakarta Project umbrella to become a top-level Apache project, joining the ranks of the Apache HTTP Server Project? Well, for those of us who use Ant on a regular basis, this is great news. Ant is an incredibly powerful tool, increasingly a standard build system for many new projects."

rbowen writes "The Apache Software Foundation is pleased to announce the release of Apache 2.0.44, which addresses a number of security issues. Download it from your favorite mirror." Rich notes that it fixes some important security problems (under Windows) for the Windows version. Also interesting is that now there truly is a split between a development and regular releases, adopting the Linux kernel model, with 2.1 being the dev Apache tree and 2.0 being the release tree.

rbowen writes "The Apache Software Foundation is pleased to announce the release of Apache 2.0.44, which addresses a number of security issues. Download it from your favorite mirror." Rich notes that it fixes some important security problems (under Windows) for the Windows version. Also interesting is that now there truly is a split between a development and regular releases, adopting the Linux kernel model, with 2.1 being the dev Apache tree and 2.0 being the release tree.

cpfeifer writes "Building browser-based java applications has involved a mixed bag of server side technologies (servlets, JSPs), client side technologies (HTML, Javascript) and frameworks (webmacro, Struts, Taglibs, Velocity). As these technologies appeared and matured, "The Right Way" (tm) to build web applications evolved to be an application of the classic model-view-controller pattern." Below is Craig's review of Struts in Action, a book which attempts to illustrate a successful path to making sure that web applications are designed the right way. Struts in Action author Husted, Dumoulin, Franciscus, Winterfeldt pages 630 publisher Manning rating (11/10) it goes to 11 reviewer Craig Pfeifer ISBN 1930110502 summary More than just a book about how to use the Struts framework, covers the best practices of web application design and development. If you are building a java web application of any appreciable size, YOU NEED THIS BOOK.

What's Needed So it is generally acknowledged that using the MVC pattern is the proper way to build web applications, but with the large number of technologies and frameworks it can be a long road to figure what is the best solution for your application. What we need is a book that covers the best practices of web application design and development from both a technology/architecture perspective, and is written by a few folks who have deep understanding of the underlying problems of building robust web applications.

That's what I love the most about this book, it doesn't just talk about how to configure and develop with Struts. It's a web application manifesto. Anyone can write a book about how to use Struts to build a web application. That's not the point. This book is ~8 people-years worth of first-hend developer knowledge (4 authors x ~2 years of working on the Struts project) condensed down into 630 pages. It doesn't just teach you how to use Struts (and Velocity and Taglibs and Tiles), but why you should use them. That's the most important thing this book has to offer. If your project is looking at using Struts & other Jakarta technologies, you need this book. If your project is currently using Struts & other Jakarta technologies, you need this book.

What's Bad?

The Velocity coverage is pretty light. If you are more comfortable building logic with a quasi-shell script language instead of using markup tags, then you should look to the project's documentation for further reference before embarking on a prototype. The Jakarta Lucene project, is touched on in the sample application they build, but are left as an exercise for the reader to investigate. While it's good to bring in related technologies to flesh out your sample apps, you have to be careful not to get sidetracked from the primary topic. You could easily write several books about the other components developed by the Jakarta project.

What's Good?

The best part is that the 4 authors are all Struts authorities (one Jakarta project manager, 2 Struts committers, one principal consultant), so they know Struts and the other Jakarta web frameworks inside and out. More than that, these guys have been solving the problems involved with web applications for several years now. They have deep experience in the patterns and best practices of building robust and flexible web applications, and this book passes on their experiences to the reader.

So What's In It For Me?

With this book and a little bit of effort on your part, you will be a competent Java web application developer. With a little bit more effort, you will become a Java web application architect. It's worth the extra effort. This is a tremendous book that will set the standard for web application references and will continue to be useful for years to come. It reminds me of the first Manning book I read, Neward's Server-Based Java Programming in terms of it's scope. approach and usefulness.

You can purchase Struts in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cpfeifer writes "Building browser-based java applications has involved a mixed bag of server side technologies (servlets, JSPs), client side technologies (HTML, Javascript) and frameworks (webmacro, Struts, Taglibs, Velocity). As these technologies appeared and matured, "The Right Way" (tm) to build web applications evolved to be an application of the classic model-view-controller pattern." Below is Craig's review of Struts in Action, a book which attempts to illustrate a successful path to making sure that web applications are designed the right way. Struts in Action author Husted, Dumoulin, Franciscus, Winterfeldt pages 630 publisher Manning rating (11/10) it goes to 11 reviewer Craig Pfeifer ISBN 1930110502 summary More than just a book about how to use the Struts framework, covers the best practices of web application design and development. If you are building a java web application of any appreciable size, YOU NEED THIS BOOK.

What's Needed So it is generally acknowledged that using the MVC pattern is the proper way to build web applications, but with the large number of technologies and frameworks it can be a long road to figure what is the best solution for your application. What we need is a book that covers the best practices of web application design and development from both a technology/architecture perspective, and is written by a few folks who have deep understanding of the underlying problems of building robust web applications.

That's what I love the most about this book, it doesn't just talk about how to configure and develop with Struts. It's a web application manifesto. Anyone can write a book about how to use Struts to build a web application. That's not the point. This book is ~8 people-years worth of first-hend developer knowledge (4 authors x ~2 years of working on the Struts project) condensed down into 630 pages. It doesn't just teach you how to use Struts (and Velocity and Taglibs and Tiles), but why you should use them. That's the most important thing this book has to offer. If your project is looking at using Struts & other Jakarta technologies, you need this book. If your project is currently using Struts & other Jakarta technologies, you need this book.

What's Bad?

The Velocity coverage is pretty light. If you are more comfortable building logic with a quasi-shell script language instead of using markup tags, then you should look to the project's documentation for further reference before embarking on a prototype. The Jakarta Lucene project, is touched on in the sample application they build, but are left as an exercise for the reader to investigate. While it's good to bring in related technologies to flesh out your sample apps, you have to be careful not to get sidetracked from the primary topic. You could easily write several books about the other components developed by the Jakarta project.

What's Good?

The best part is that the 4 authors are all Struts authorities (one Jakarta project manager, 2 Struts committers, one principal consultant), so they know Struts and the other Jakarta web frameworks inside and out. More than that, these guys have been solving the problems involved with web applications for several years now. They have deep experience in the patterns and best practices of building robust and flexible web applications, and this book passes on their experiences to the reader.

So What's In It For Me?

With this book and a little bit of effort on your part, you will be a competent Java web application developer. With a little bit more effort, you will become a Java web application architect. It's worth the extra effort. This is a tremendous book that will set the standard for web application references and will continue to be useful for years to come. It reminds me of the first Manning book I read, Neward's Server-Based Java Programming in terms of it's scope. approach and usefulness.

You can purchase Struts in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cpfeifer writes "Building browser-based java applications has involved a mixed bag of server side technologies (servlets, JSPs), client side technologies (HTML, Javascript) and frameworks (webmacro, Struts, Taglibs, Velocity). As these technologies appeared and matured, "The Right Way" (tm) to build web applications evolved to be an application of the classic model-view-controller pattern." Below is Craig's review of Struts in Action, a book which attempts to illustrate a successful path to making sure that web applications are designed the right way. Struts in Action author Husted, Dumoulin, Franciscus, Winterfeldt pages 630 publisher Manning rating (11/10) it goes to 11 reviewer Craig Pfeifer ISBN 1930110502 summary More than just a book about how to use the Struts framework, covers the best practices of web application design and development. If you are building a java web application of any appreciable size, YOU NEED THIS BOOK.

What's Needed So it is generally acknowledged that using the MVC pattern is the proper way to build web applications, but with the large number of technologies and frameworks it can be a long road to figure what is the best solution for your application. What we need is a book that covers the best practices of web application design and development from both a technology/architecture perspective, and is written by a few folks who have deep understanding of the underlying problems of building robust web applications.

That's what I love the most about this book, it doesn't just talk about how to configure and develop with Struts. It's a web application manifesto. Anyone can write a book about how to use Struts to build a web application. That's not the point. This book is ~8 people-years worth of first-hend developer knowledge (4 authors x ~2 years of working on the Struts project) condensed down into 630 pages. It doesn't just teach you how to use Struts (and Velocity and Taglibs and Tiles), but why you should use them. That's the most important thing this book has to offer. If your project is looking at using Struts & other Jakarta technologies, you need this book. If your project is currently using Struts & other Jakarta technologies, you need this book.

What's Bad?

The Velocity coverage is pretty light. If you are more comfortable building logic with a quasi-shell script language instead of using markup tags, then you should look to the project's documentation for further reference before embarking on a prototype. The Jakarta Lucene project, is touched on in the sample application they build, but are left as an exercise for the reader to investigate. While it's good to bring in related technologies to flesh out your sample apps, you have to be careful not to get sidetracked from the primary topic. You could easily write several books about the other components developed by the Jakarta project.

What's Good?

The best part is that the 4 authors are all Struts authorities (one Jakarta project manager, 2 Struts committers, one principal consultant), so they know Struts and the other Jakarta web frameworks inside and out. More than that, these guys have been solving the problems involved with web applications for several years now. They have deep experience in the patterns and best practices of building robust and flexible web applications, and this book passes on their experiences to the reader.

So What's In It For Me?

With this book and a little bit of effort on your part, you will be a competent Java web application developer. With a little bit more effort, you will become a Java web application architect. It's worth the extra effort. This is a tremendous book that will set the standard for web application references and will continue to be useful for years to come. It reminds me of the first Manning book I read, Neward's Server-Based Java Programming in terms of it's scope. approach and usefulness.

You can purchase Struts in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cpfeifer writes "Building browser-based java applications has involved a mixed bag of server side technologies (servlets, JSPs), client side technologies (HTML, Javascript) and frameworks (webmacro, Struts, Taglibs, Velocity). As these technologies appeared and matured, "The Right Way" (tm) to build web applications evolved to be an application of the classic model-view-controller pattern." Below is Craig's review of Struts in Action, a book which attempts to illustrate a successful path to making sure that web applications are designed the right way. Struts in Action author Husted, Dumoulin, Franciscus, Winterfeldt pages 630 publisher Manning rating (11/10) it goes to 11 reviewer Craig Pfeifer ISBN 1930110502 summary More than just a book about how to use the Struts framework, covers the best practices of web application design and development. If you are building a java web application of any appreciable size, YOU NEED THIS BOOK.

What's Needed So it is generally acknowledged that using the MVC pattern is the proper way to build web applications, but with the large number of technologies and frameworks it can be a long road to figure what is the best solution for your application. What we need is a book that covers the best practices of web application design and development from both a technology/architecture perspective, and is written by a few folks who have deep understanding of the underlying problems of building robust web applications.

That's what I love the most about this book, it doesn't just talk about how to configure and develop with Struts. It's a web application manifesto. Anyone can write a book about how to use Struts to build a web application. That's not the point. This book is ~8 people-years worth of first-hend developer knowledge (4 authors x ~2 years of working on the Struts project) condensed down into 630 pages. It doesn't just teach you how to use Struts (and Velocity and Taglibs and Tiles), but why you should use them. That's the most important thing this book has to offer. If your project is looking at using Struts & other Jakarta technologies, you need this book. If your project is currently using Struts & other Jakarta technologies, you need this book.

What's Bad?

The Velocity coverage is pretty light. If you are more comfortable building logic with a quasi-shell script language instead of using markup tags, then you should look to the project's documentation for further reference before embarking on a prototype. The Jakarta Lucene project, is touched on in the sample application they build, but are left as an exercise for the reader to investigate. While it's good to bring in related technologies to flesh out your sample apps, you have to be careful not to get sidetracked from the primary topic. You could easily write several books about the other components developed by the Jakarta project.

What's Good?

The best part is that the 4 authors are all Struts authorities (one Jakarta project manager, 2 Struts committers, one principal consultant), so they know Struts and the other Jakarta web frameworks inside and out. More than that, these guys have been solving the problems involved with web applications for several years now. They have deep experience in the patterns and best practices of building robust and flexible web applications, and this book passes on their experiences to the reader.

So What's In It For Me?

With this book and a little bit of effort on your part, you will be a competent Java web application developer. With a little bit more effort, you will become a Java web application architect. It's worth the extra effort. This is a tremendous book that will set the standard for web application references and will continue to be useful for years to come. It reminds me of the first Manning book I read, Neward's Server-Based Java Programming in terms of it's scope. approach and usefulness.

You can purchase Struts in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cpfeifer writes "Building browser-based java applications has involved a mixed bag of server side technologies (servlets, JSPs), client side technologies (HTML, Javascript) and frameworks (webmacro, Struts, Taglibs, Velocity). As these technologies appeared and matured, "The Right Way" (tm) to build web applications evolved to be an application of the classic model-view-controller pattern." Below is Craig's review of Struts in Action, a book which attempts to illustrate a successful path to making sure that web applications are designed the right way. Struts in Action author Husted, Dumoulin, Franciscus, Winterfeldt pages 630 publisher Manning rating (11/10) it goes to 11 reviewer Craig Pfeifer ISBN 1930110502 summary More than just a book about how to use the Struts framework, covers the best practices of web application design and development. If you are building a java web application of any appreciable size, YOU NEED THIS BOOK.

What's Needed So it is generally acknowledged that using the MVC pattern is the proper way to build web applications, but with the large number of technologies and frameworks it can be a long road to figure what is the best solution for your application. What we need is a book that covers the best practices of web application design and development from both a technology/architecture perspective, and is written by a few folks who have deep understanding of the underlying problems of building robust web applications.

That's what I love the most about this book, it doesn't just talk about how to configure and develop with Struts. It's a web application manifesto. Anyone can write a book about how to use Struts to build a web application. That's not the point. This book is ~8 people-years worth of first-hend developer knowledge (4 authors x ~2 years of working on the Struts project) condensed down into 630 pages. It doesn't just teach you how to use Struts (and Velocity and Taglibs and Tiles), but why you should use them. That's the most important thing this book has to offer. If your project is looking at using Struts & other Jakarta technologies, you need this book. If your project is currently using Struts & other Jakarta technologies, you need this book.

What's Bad?

The Velocity coverage is pretty light. If you are more comfortable building logic with a quasi-shell script language instead of using markup tags, then you should look to the project's documentation for further reference before embarking on a prototype. The Jakarta Lucene project, is touched on in the sample application they build, but are left as an exercise for the reader to investigate. While it's good to bring in related technologies to flesh out your sample apps, you have to be careful not to get sidetracked from the primary topic. You could easily write several books about the other components developed by the Jakarta project.

What's Good?

The best part is that the 4 authors are all Struts authorities (one Jakarta project manager, 2 Struts committers, one principal consultant), so they know Struts and the other Jakarta web frameworks inside and out. More than that, these guys have been solving the problems involved with web applications for several years now. They have deep experience in the patterns and best practices of building robust and flexible web applications, and this book passes on their experiences to the reader.

So What's In It For Me?

With this book and a little bit of effort on your part, you will be a competent Java web application developer. With a little bit more effort, you will become a Java web application architect. It's worth the extra effort. This is a tremendous book that will set the standard for web application references and will continue to be useful for years to come. It reminds me of the first Manning book I read, Neward's Server-Based Java Programming in terms of it's scope. approach and usefulness.

You can purchase Struts in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Saqib Ali asks: "A Tomcat/Cocoon setup can be used as a framework for publishing XML content. I have this setup running in testing environment for about 5 months now, and would like to move it into production. Is anyone using a similar setup and can comment on Tomcat's ability in handling the load from a production environment, or should we look at other Java Servlet engines like BEA, Jetty or Resin? If Open Source solutions can't work under these kind of pressure what should we be looking at in terms of different commercial solutions for publishing XML content?" A similar question with respect to Tomcat and Jetty was discussed in this previous discussion. What effects does using Cocoon have on Tomcat-based environments?

Saqib Ali asks: "A Tomcat/Cocoon setup can be used as a framework for publishing XML content. I have this setup running in testing environment for about 5 months now, and would like to move it into production. Is anyone using a similar setup and can comment on Tomcat's ability in handling the load from a production environment, or should we look at other Java Servlet engines like BEA, Jetty or Resin? If Open Source solutions can't work under these kind of pressure what should we be looking at in terms of different commercial solutions for publishing XML content?" A similar question with respect to Tomcat and Jetty was discussed in this previous discussion. What effects does using Cocoon have on Tomcat-based environments?

semanticgap writes "The beauty of Python at Apache speeds! A couple of months after donation to ASF, a new mod_python is out under the Apache license. Main feature of this release is Apache 2.0 compatibility, including support for filters and connection handlers and many more enhancements. More info at www.modpython.org. Note that this release is not compatible with Apache 1.3."

Liam writes "Tomcat is a subproject of the Apache Software Foundation's Jakarta project, its purpose being to serve Java Servlets and JavaServer Pages. It's a complex piece of software and though the documentation is very comprehensive, it helps to have a good reference work to hand. There aren't many books on the subject to choose from, so a publisher could make a fast buck putting out an incomplete work lacking in depth. Fortunately Wrox Press has done a great job with its new publication Professional Apache Tomcat." Read on for the rest of Liam's review. Professional Apache Tomcat author Chanoch Wiggers et al pages 600 publisher Wrox Press Ltd rating 9 reviewer Liam ISBN 1861007736 summary Comprehensive guide to Apache's Tomcat server

The book covers every aspect of installing and configuring Tomcat in a great deal of depth, detailing its every aspect. From standalone use (where Tomcat is used as a general web server as well as for serving Java content), to integration with the leading web servers Apache (both Unix and Windows versions) and Microsoft's Internet Information Services, nothing appears to have been left out (however, integration with Netscape's Enterprise Server is mentioned in passing early on, but doesn't appear again).

Being only a month old, it's pretty much bang up to date, covering Tomcat 3.x, 4.0.x and 4.1.x with Apache 1.3.x and 2.0.x and IIS 4 and 5.

The book starts with an introduction to the Apache project, and Tomcat's place in the wider scheme of things. The historical progression in serving dynamic web content from CGI to Servlets and JSP is charted, and there's an overview of JSP tags and general web application architecture. This is interesting enough and useful as background, but as this book is intended for administrators, it's covered quickly in the first two chapters, and the main business of installing Tomcat gets underway in chapter 3.

Installation is discussed with both Windows and Linux users in mind, from both binary and source distributions. As the Tomcat source is usually built with Ant, build and installation of this tool is also discussed (Ant and Log4j, both also part of Jakarta, get chapters of their own later in the book). From there, basic configuration of the standalone server followed by detailed examinations of the components that make up Tomcat's architecture fills the next 200 or so pages.

Serious users of Tomcat will wish to employ Tomcat with an existing web server, and four chapters concentrate on this job. There is more emphasis on Apache than IIS, though given Apache's dominance of the web server field, this is understandable. There is inevitably a certain amount of detail aimed at Apache and IIS configuration, and a basic knowledge of both is assumed throughout. However, any necessary information is included in detail; for example the (Apache) connector modules mod_webapp and mod_jk/jk2 are given a thorough treatment, describing their use from source installation to configuration, together with the pros and cons of the various connectors available. Beyond that, we learn how to design larger-scale setups, with an explanation of load balancing techniques and scaling of the system, and performance testing with JMeter, yet another Jakarta project component.

As ever, security is a major concern and gets a lot of emphasis. Before client authentication and the use of SSL are discussed, there's an overview of basic system security with Unix and Windows. This should be teaching granny to suck eggs for a book aimed at administrators, but it's only a few pages and completes the subject. More interesting are the sections on security realms and user/client authentication. We are presented with examples of authenticating against a MySQL database with JDBC (database connectivity with JDBC is a big enough subject in its own right, and so gets a separate chapter too), and digest authentication. We then move on to encryption with SSL: using Tomcat itself with the JSSE and PureTLS Java SSL implementations, then later with Apache and SSL (setting up mod_ssl with Apache gets a very useful appendix of its own, taken from Professional Apache 2.0, another Wrox book). Again, there's lots of detail, right down to how to get hold of signed certificates for your server. Here the book's general emphasis on Apache over IIS is most apparent, as SSL with IIS is not discussed at all. However, I have no experience with IIS, so I can't say for sure how serious this omission might be.

There's a very brief appendix on setting up Apache's Axis SOAP toolkit, but without any mention of SOAP appearing elsewhere in the book. As other concepts are introduced so well, it's a curious addition.

With nine co-authors (though only four got onto the cover photograph - I wonder if they drew straws?), one might expect wildly different styles throughout the book, but each chapter is consistently and clearly laid out with diagrams and relevant configuration file fragments where necessary. There's little levity and it's all written in a very business-like manner, but then this is hardly a subject you'd choose for holiday reading.

Professional Apache Tomcat is surely the definitive book on the subject. I recently used it to integrate Tomcat 4 with an existing Apache 2 installation, and everything went very smoothly. More than just a set of tutorials, it offers a thorough description of the whole architecture, and makes an excellent companion to either of Wrox's Professional Apache books.

There's no CD with the book, but Wrox's website provides some support code, and there are lively forums for readers at p2p.wrox.com.

You can purchase Professional Apache Tomcat from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.