When developing any system or software, it is important to test as much of that system as possible. Web frameworks are no exception; comprehensive, well-designed unit tests are critical for long-term success and maintenance. With the introduction of Contexts and Dependency Injection into the Java Enterprise framework (otherwise known as CDI – Weld, or Apache OpenWebBeans,) unit testing is as important as ever, but it would be nice to harness the power of dependency injection for use in unit tests, as well as in the production system!

Output buffering is a feature often desired but rarely properly implemented – Properly resetting the Response stream, preserving headers correctly, writing to disk so you don’t overflow the JVM memory space – in Rewrite, we hope to make this attainable for anyone seeking to do things like:

• Dynamic minification of HTML, JavaScript, and/or CSS files
• Modification of output HTML or content before it is sent to the client.
• Reduction of build and development complexity by transforming LESS or SASS files into CSS on the Server
• Got more ideas?… tell us.?

Now, using the Rewrite’s “OutputBuffer” API introduced in the new version 1.1.0.Final, you can finally achieve this in just a few lines of code, either by wrapping a stream, or simply modifying the contents directly!

Ever experience a wonderfully fantastic “green bar!” in Eclipse, NetBeans, or IntelliJ, only to find that when you run your ANT or Maven build, you get an equally catastrophic build failure? If you have, you’ve probably tried what most of us tried, and you’ve attempted to increase Maven’s heap capacity using MVN_OPTS: That would normally work fine if the error we received is something like: Unfortunately, though, this doesn’t solve the problem because Maven actually uses a separate JVM for each JUnit test execution! So while we have successfully enabled Maven to be a hog, our tests are still running in a constrained environment. What we need to do instead is increase the memory capacity of the Maven Surefire launcher:

According to a recent research paper by the Aspect Security Group, entitled The Unfortunate Reality of Insecure Libraries, “Eighty percent of the code in today’s applications comes from libraries and frameworks, but the risk of vulnerabilities in these components is widely ignored and under appreciated. A vulnerable library can allow an attacker to exploit the full privilege of the application, including accessing any data, executing transactions, stealing files, and communicating with the Internet. Organizations literally trust their business to the libraries they use.” When validating user input from forms and exposed services, we often ignore the URL or think to ourselves, “that information is validated later, it’ll be fine,” but when hacks like the following start turning up – in common web-frameworks – it’s time to start thinking seriously about URL validation. Fortunately, it’s easy to accomplish using a number of methods, but first, let’s look at how these attacks work.

Hello open-source fanatics! You may have noticed our recent move from ocpsoft.com to ocpsoft.org, and we would like to take a brief moment to explain this change. We have always been an open-source website, a group of technologists dedicated to the open-source programming model, but our domain name did not reflect this initiative. OCPsoft is an organization for shared open ideas, and in order to promote that reality, we have decided to take the risk at damaging our search rank in order to stay true to our ideals. If you would like to help us through this transition, you can do so by blogging about or linking to our new domain: ocpsoft.org, using the following HTML. Thank you for supporting open-source software! ~Lincoln, and The OCPsoft Team

I’m about to show you a pattern that will make your heart sing. I have to thank Brian Leathem for his original idea to use CDI events in the ValueChangeListener, but when combined with a little <f:ajax> magic, there’s almost no limit to what you can do without writing a single line of JavaScript. ValueChangeListeners are also the perfect opportunity to build an Event driven model into your application.

Lincoln Baxter, III speaks on the well and lesser known uses for URL-rewriting in modern web applications, how it can be used to increase security, enhance usability, and how it can supplement any new or existing application – no matter the language or technology.

It’s quite simple really. All you need to do is install Apache HTTPd, then set make sure you have a few modules installed and set up: Instructions below are for Ubuntu, Fedora, RHEL, or other Linux distributions. So what are you waiting for? Let’s get our JBoss / Apache love on.

When my family comes together for special occasions, it is official tradition to begin, fill, and end any given evening with a debate on social justice, politics, science, religion, or a combination of the above. This year was no different, with our post-feast discussion ranging from human rights to geological timelines of carbon fuel consumption rates. The topic that interested me the most, however, was HR 3261 – new “Anti-piracy” legislation from the MPAA and RIAA, currently making its rounds through congress.

The MPAA and RIAA are trying blacklist websites, block IP addresses, and change fundamental assumptions about the market we operate in – all under a new law that will tie the hands of the internet…

For those of you who are unfamiliar, this is a bill, quote, “To promote prosperity, creativity, entrepreneurship, and innovation by combating the theft of U.S. property, and for other purposes,” perhaps better known by its short name, the ” Stop Online Piracy Act.” It is an interesting piece of potential law, and in brief summary, increases the responsibility of internet companies to prevent copyright theft on their domains. It also stands to reason that because this bill was sponsored by representatives working with the MPAA and RIAA, that’s who’s going to use it, though I’m sure new powers and interested parties will line up to take advantage of the bill as soon as they find out how. But I’ve got news for you: Intellectual property is dying, and there’s nothing you can do about it.

We are proud to highlight Christian Kaltepoth, who gave a fabulous presentation on [[PrettyFaces]] at WJAX/JAXCon in Munich on Wednesday, November 10th – 2011. Christan presented with Andy Bosch, who gave a short intro of URL-rewriting, what it means for applications in general, and why you should do URL-rewriting.