JProfiler

JProfiler is a java Applet Tool.

Use with creating a new session or with already saved session.

To create a new session

   select tomcat

give startup.bat

It will create stsrtup-jprofiler.bat which is used during running saved session.

We can drilldown here to know class level usage.

JMeter

• Java applet tool
• Open the test cases
• Provide proper Inputs
• Number of thread
• Run the Test ReportFor each thread there will be a new http thread. It is not the jvm actual thread

Production Performance tuning

Go to unix location where tomcat is running

su user pasword
bash

cd usr/jdk/bin
# To know the java apache process pid
ps -ef|grep java

JMap:
jmap -histo pid > output.txt
gives
number of instance size in byte classname
----------------------------------------
-----------------------------------------
total instance size in byte total class

jmap -heap pid

eden space(heap) usage -old generation (already used object %)
new genaration % -This is allcated at run time

jmap heapdump filename --> to get the heap dump .
We can download it locally and the checkwith heapdump walker.

Jconsole:
Jconsole will give 
-Thread memory usage
- CPU consumption
-Thread names and their staus
 -Perform GC

It will ask to analyse local and remote application.
One thing here is we will not be able to drill down  here.

Jthreadstack:
jthreadstack -pid
Gives all the thread and their state
        -runnable
        -waiting
        -blocked
thread dump using jstack

jstack -l <process_id> > thread_dump.txt

Best Development Tools

Tools: Benefits

PDM:  Finding if any connection is not closed.Gives report for set of java files.

Firefox plugin:

Rest Client: To test the Rest API

ColorZila: adds an eye dropper (color reader), color palettes, page zooming, and displays element information.

MeasureIt: to draw a ruler and measure pixel width and height

Confluence plugin:
Gliffy : Diagram/Architecture design :

IE testing: IETestser 

Google Drawing: For drawing and designing.You will always has controle over each compoennts.

Excel: Excel can be used to draw screens and spec with the help of its tools. 

XSS Attack and PCI

Cross Site Scripting (or XSS) is one of the most common application-layer web attacks attackers to inject client-side script into Web pages viewed by other users

Use Case Requirements: 

 Information security standard for organizations provides security standards .It certifys security over cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.

PCI (Payment Credit Interface) Compliance requires protection from XSS attack. Any payment related platform ensures that there site does not get attacked through Cross Site Scripting.

PCI People do not provide any specific tools which can be used by the application developer to ensure that their application is free from XSS attack.

PCI Organization conduct before providing the certificate which is a bit costly(2000$).

Tool to test XSS vulnerability: Netsparker

Solution:

To avoid XSS vulnerability we can use ESI API.

Script passed in request parameter should not be executed with the response. So we need to encode the request parameter with the ESS API

Gmail smtp Mail Server set up

<bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">
        <property name="host">
            <value>smtp.gmail.com</value>
        </property>
        <property name="port">
            <value>587</value>
        </property>
        <property name="protocol">
            <value>smtp</value>
        </property>
        <property name="username">
            <value>[gmail account]</value>
        </property>
        <property name="password">
            <value>[gmail password]</value>
        </property>
        <property name="javaMailProperties">
            <props>
                <prop key="mail.smtp.auth">true</prop>
                <prop key="mail.smtp.starttls.enable">true</prop>
                <prop key="mail.smtp.quitwait">false</prop>
            </props>
        </property>
    </bean>

Git useful commands

git pull origin

git push origin

git diff origin

clear

#see diff from master

 git diff master origin

 git status origin

 git show origin

 git diff origin --name-only

 git commit -m "commit description"

 Next line: d

 quit :q

discarding all uncommitted changes
git reset --hard

ignore file 
name: .gitignore
content: target
*.someextn
.abc

SVN:

Base lining:

svn cp ^/trunk ^/branches/NewBaseLine -m"- New Baseline"

Maven builiding SDK Jar

Here we are going to create a Jar file SDK from source file using maven:

POM should look like :

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.techyhouse</groupId>
    <artifactId>techyHouseSDK</artifactId>
    <version>1.0.0</version>
    <packaging>jar</packaging>

    <name>techyHouseSDK</name>
    <url>http://maven.apache.org</url>
    <build>
        <finalName>techyHouseSDK-1.0.0</finalName>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>2.3.2</version>
                <inherited>true</inherited>
                <configuration>
                    <source>1.6</source>
                    <target>1.6</target>
                    <excludes>
                        <exclude>**Test*.java</exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>
    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    </properties>

    <dependencies>

        <dependency>
        ...........
        ...........
        </dependency>

    </dependencies>
</project>

Factory pattern : When and How ?

 Factory pattern in Java is heavily used everywhere including JDK, open source library and other frameworks.

Advantages of using Factory pattern in Java:

1) Factory method design pattern decouples the calling class from the target class, which result in less coupled and highly cohesive code?
E.g.: JDBC is a good example for this pattern; application code doesn't need to know what database it will be used with, so it doesn't know what database-specific driver classes it should use. Instead, it uses factory methods to get Connections, Statements, and other objects to work with. Which gives you flexibility to change your back-end database without changing your DAO layer in case you are using ANSI SQL features and not coded on DBMS specific feature?

2) Factory pattern in Java enables the subclasses to provide extended version of an object, because creating an object inside factory is more flexible than creating an object directly in the client. Since client is working on interface level any time you can enhance the implementation and return from Factory.

3) Another benefit of using Factory design pattern in Java is that it encourages consistency in Code since every time object is created using Factory rather than using different constructor at different client side.

4) Code written using Factory design pattern in Java is also easy to debug and troubleshoot because you have a centralized method for object creation and every client is getting object from same place.

Advantage of Factory method Pattern in Java:

Factory pattern in Java is heavily used everywhere including JDK, open source library and other frameworks.In following are main advantages of using Factory pattern in Java:

1) Factory method design pattern decouples the calling class from the target class, which result in less coupled and highly cohesive code?
E.g.: JDBC is a good example for this pattern; application code doesn't need to know what database it will be used with, so it doesn't know what database-specific driver classes it should use. Instead, it uses factory methods to get Connections, Statements, and other objects to work with. Which gives you flexibility to change your back-end database without changing your DAO layer in case you are using ANSI SQL features and not coded on DBMS specific feature?

2) Factory pattern in Java enables the subclasses to provide extended version of an object, because creating an object inside factory is more flexible than creating an object directly in the client. Since client is working on interface level any time you can enhance the implementation and return from Factory.

3) Another benefit of using Factory design pattern in Java is that it encourages consistency in Code since every time object is created using Factory rather than using different constructor at different client side.

4) Code written using Factory design pattern in Java is also easy to debug and troubleshoot because you have a centralized method for object creation and every client is getting object from same place.

Some more advantages of factory method design pattern is:
1. Static factory method used in factory design pattern enforces use of Interface than implementation which itself a good practice. for example:

Map synchronizedMap = Collections.synchronizedMap(new HashMap());

2. Since static factory method have return type as Interface, it allows you to replace implementation with better performance version in newer release.
3. Another advantage of static factory method pattern is that they can cache frequently used object and eliminate duplicate object creation. Boolean.valueOf() method is good example which caches true and false boolean value.
4. Factory method pattern is also recommended by Joshua Bloch in Effective Java.
5 Factory method pattern offers alternative way of creating object.
6. Factory pattern can also be used to hide information related to creation of object.

That’s all on Factory design patten in Java for now. This is one of the most used patterns in Java library and different Java frameworks. Summary is try to use Factory pattern whenever you see an opportunity to encapsulate object creation code and see chance of creating different object in near future.

Sample:

interface Currency {
       String getSymbol();
}
// Concrete Rupee Class code
class Rupee implements Currency {
       @Override
       public String getSymbol() {
              return "Rs";
       }
}

// Concrete SGD class Code
class SGDDollar implements Currency {
       @Override
       public String getSymbol() {
              return "SGD";
       }
}

// Concrete US Dollar code
class USDollar implements Currency {
       @Override
       public String getSymbol() {
              return "USD";
       }
}

Read more: http://javarevisited.blogspot.com/2011/12/factory-design-pattern-java-example.html#ixzz1qhbGgBze


// Factroy Class code
class CurrencyFactory {

       public static Currency createCurrency (String country) {
       if (country. equalsIgnoreCase ("India")){
              return new Rupee();
       }else if(country. equalsIgnoreCase ("Singapore")){
              return new SGDDollar();
       }else if(country. equalsIgnoreCase ("US")){
              return new USDollar();
        }
       throw new IllegalArgumentException("No such currency");
       }
}

// Factory client code
public class Factory {
       public static void main(String args[]) {
              String country = args[0];
              Currency rupee = CurrencyFactory.createCurrency(country);
              System.out.println(rupee.getSymbol());
       }
}