Sunday, September 17, 2017
Java Coding Standards and Best practices and OWASP Secure coding practices
| 1 | Reduce memory usage in loops (for,while) - Avoid String Concatenation, Avoid unnnecessary object creation inside loops, Avoid string object creation inside loops, use literals |
| 2 | Consider negative values and zero when you are doing any calculations using integer and float values |
| 3 | Need more vigilance when using String concatenation : Check for double quotes and single quotes |
| 4 | Avoid Memory and Resource Leakages: Check whether you have closed resources, like, file, socket connections, db transactions etc., in all scenarios successful execution, handled exceptions, unhandled excepption and thread based situations. Always use finally block to handles these. |
| 5 | Avoiding code which will lead to Deadlock |
| 6 | Avoid usign ThreadLocal as it may consume more memory and lead to resource leakages |
| 7 | Reserve Proper memory for Java program. Setup proper minimum memory and maximum memory allocation |
| 8 | Handling Data and Time - Create 1 Single Utility class to handle all date and time manipulations. Else it will lead to differences. |
| 9 | Check for Null. When ever if you are not sure on any reference, then do null check before processing its values. Handle the anotehr scenario |
| 10 | Effective iteration and search in collections, array and strings : Use Java provided methods, collections methods and apache common untils classes to perform effective search, iteration, conversion, parsings and string parsing, string splits etc., |
| 11 | Effective usage of IO : most of
us dint get a chance to use all available classes and methods of IO
operations. Choose best effective class and method to perform. Also need to close all resources once they are done. |
| 12 | Handling of String Search. Please use String Regex and Pattern effectively |
| 13 | Lines of code per method. Do not write methods with more than 50 lines of code |
| 14 | Follow proper design principles like SOLID and Java Design petterns |
| 15 | Naming conventions : Give simple and self explanatory names to classes and methods Create a class which is targetted to perofrm only single and simple task. Split methods into multiple methods to perform single operation Move all common utility kind of codes to common class and use them. Make them utility classes Move all magical strings to common class - Constants Create ENUM instead usign magical strings |
Thursday, March 12, 2015
J2EE Versions and Features
| Features | J2EE 1.2 (Dec 1999) |
J2EE 1.3 (Sep 2001) |
J2EE 1.4 (Nov 2003) |
J2EE 5 (May 2006) |
J2EE 6 (Dec 2009) |
J2EE 7 (June 2013) |
| JDBC Standard Extension API | 2 | 4 | ||||
| Java Naming and Directory Interface Specification (JNDI) | 1.2 | |||||
| RMI-IIOP | 1.1 | |||||
| Java Servlet | 2.2 | 2.3 | 2.4 | 2.5 | 3 | 3.1 |
| JavaServer Pages (JSP) | 1.1 | 1.2 | 2 | 2.1 | 2.2 | 2.3 |
| JavaServer Pages Standard Tag Library (JSTL) | X | 1 | 1.1 | 1.2 | 1.2 | 1.2 |
| Expression Language (EL) | 2.2 | 3 | ||||
| JavaServer Faces (JSF) | X | 1.1 | 1.2 | 2 | 2.2 | |
| Debugging Support for Other Languages | 1 | 1 | ||||
| Enterprise JavaBeans (EJB) | 1.1 | 2 | 2.1 | 3 | 3.1 | 3.2 |
| Java Message Service API (JMS) | 1 | 1.1 | 1.1 | 1.1 | 2 | |
| Java Transaction API (JTA) | 1 | 1.1 | 1.1 | 1.2 | ||
| JavaMail API | 1.1 | 1.2 | 1.3 | 1.4 | 1.4 | 1.5 |
| JavaBeans Activation Framework (JAF) | 1 | 1.1 | 1.1 | |||
| Java API for XML Processing (JAXP) | X | 1.1 | ||||
| J2EE Connector Architecture | X | 1 | 1.5 | 1.5 | 1.6 | 1.7 |
| Java Authentication and Authorization Service (JAAS) | 1 | |||||
| Web Services for J2EE 1.1 | X | X | 1 | |||
| Java API for XML Processing (JAXP) | X | X | 1.2 | 1.3 | ||
| Java API for XML-based RPC (JAX-RPC) | X | X | 1.1 | 1.1 | 1.1 | |
| Java API for XML Registries (JAXR) | X | X | 1 | 1 | 1 | |
| Java Authorization Service Provider Contract for Containers (JACC) | X | X | 1 | 1.1 | 1.4 | 1.5 |
| Java Management Extensions (JMX) | X | X | 1.2 | 2 | ||
| Enterprise Edition Management API | X | X | 1 | 1.1 | 1.1 | |
| Enterprise Edition Deployment API | X | X | 1.1 | 1.2 | 1.2 | |
| Java API for RESTful Web Services (JAX-RS) | X | X | X | 1.1 | 2 | |
| Web Services | X | X | X | 1.2 | 1.3 | 1.3 |
| Java API for XML-Based Web Services (JAX-WS) | X | X | X | 2 | 2.2 | 2.2 |
| Java Architecture for XML Binding (JAXB) | X | X | X | 2 | 2.2 | |
| Web Services Metadata for the Java Platform | X | X | X | 2 | 2.1 | |
| SOAP with Attachments API for Java (SAAJ) | X | X | X | 1.3 | ||
| Streaming API for XML (StAX) | X | X | X | 1 | 1 | |
| Java APIs for XML Messaging (JAXM) | X | X | X | X | 1.3 | 1.3 |
| Java Persistence API (JPA) | X | X | X | 1 | 2 | 2.1 |
| Contexts and Dependency Injection for Java | X | X | X | X | 1 | 1.1 |
| Dependency Injection for Java | X | X | X | X | 1 | 1 |
| Bean Validation | X | X | X | X | 1 | 1.1 |
| Managed Beans | X | X | X | X | 1 | |
| Interceptors | X | X | X | X | 1.1 | 1.2 |
| Common Annotations for the Java Platform | X | X | X | 1 | 1.1 | 1.2 |
| Java Authentication Service Provider Interface for Containers (JASPIC) | X | X | X | X | 1 | 1.1 |
| Java API for WebSocket | X | X | X | X | X | 1 |
| Java API for JSON Processing | X | X | X | X | X | 1 |
| Batch Applications for the Java Platform | X | X | X | X | X | 1 |
| Concurrency Utilities for Java EE 1.0 | X | X | X | X | X | 1 |
| Web Services Metadata for the Java Platform | X | X | X | X | X | 1 |
Subscribe to:
Posts (Atom)