Performance Comparison Between Node.js and Java EE For Reading JSON Data from CouchDB


Node.js has impressed me several times with high performance right out of the box. In my last Node.js project it was the same: we beat the given performance targets without having to tweak the application at all. I never really experienced this in Java EE projects. Granted the project was perfectly suited for Node.js: a small project centered around fetching JSON documents from CouchDB. Still I wanted to know: how would Java EE compare to Node.js in this particular case? 

JavaOne Shanghai


This year July 24-27 I was invited to speak at the first JavaOne conference held in Shanghai, China. Over the four days the conference delivered a concentrated dose of Java and helped me get a good overview of the current state of Java across all versions. It also showed that the divide between where Oracle thinks Java is going and the reality as I see it day-to-day is getting bigger, with Oracle selling the image of a bright future for Java where I see Java slowly loosing ground against other programming languages.

Web Directions Code 2013

logoThe second incarnation of the Web Directions Code conference was this year on 2.-3. May, and I was fortunate enough to both attend and speak. The conference held in Melbourne Town Hall was the place to geek out about all things web: JavaScript, HTML5, and CSS3.  More than 250 web professional turned up to learn about new directions the web is taking. In this blog I will summarise those talks that left the biggest impression on me.

Simple Session-Sharing in Tomcat Cluster Using the Session-in-Cookie Pattern Part 2: Security

Apache TomcatIn my previous post I presented the basics of sharing sessions in a cluster by storing session data in a client-side cookie. In part 2, I’ll talk about the security aspects of this client-side cookie store, i.e. how to protect it from security threats.

To prevent attacks specific to client-side sessions, I’ll add  encryption, signing, and session timeout to the code. In addition, I’ll talk about solutions to protect against security threats common to any web application, such as Session Hijacking, Session Replay, and Cross-Site Scripting. The result will be an implementation of the Session-In-Cookie pattern that allows simple and secure session-sharing in a cluster.

Simple Session-Sharing in Tomcat Cluster Using the Session-in-Cookie Pattern Part 1: The Basics

Apache TomcatIn a recent project we needed to deploy application changes to a Tomcat cluster without outage to the end user. To accomplish this the Tomcat sessions needed to be shared across the nodes. We opted to implement a variant of the Session-In-Cookie pattern popular in the Rails framework, a simple solution to session sharing. This blog shows how to implement this Session-In-Cookie pattern in Java.

Learning About Risk Management at YOW! Conference 2012


This year was my first attendance at the YOW! Conference, and I am very happy I was able to go. The conference was well-organised with great speakers and thought-provoking presentations.

Fascinating to me was that several themes recurred in different presentations at YOW!, with each speaker giving it a unique angle. Watching several presentations from different experts in this conference setting lent itself to a meta-analysis of these themes. One that I found particularly interesting is risk management for software projects; specifically, how development processes can help businesses manage the risks.

A Good Look at Android Location Data

Getting started with the development of location-based services on Android is relatively easy thanks to the well documented location API. However, getting more serious shows there is still much uncharted territory. One such area concerns the accuracy of real-life location data, which I have recently taken a close look at. In short, location data can be far more accurate than Google’s conservative estimates – at least with the phone that I used.

Asynchronous Code Design with Node.js

The asynchronous event-driven I/O of Node.js is currently evaluated by many enterprises as a high-performance alternative to the traditional synchronous I/O of multi-threaded enterprise application server. The asynchronous nature means that enterprise developers have to learn new programming patterns, and unlearn old ones. They have to undergo serious brain rewiring, possibly with the help of electroshocks. This article shows how to replace old synchronous programming patterns with shiny new asynchronous programming patterns.

Node.js From the Enterprise Java Perspective

Node.js currently is getting much attention because it uses a concurrency model that shows great promise in scalability: event-driven asynchronous Input/Output. This model can handle thousands of concurrent user-requests and do that with a tiny memory footprint, things that cannot be done with the traditional multi-threaded concurrency model of Enterprise Java. This article explains this new approach from the viewpoint of an Enterprise Java developer.