Apr 30: On-boarding at Sun Microsystems
Apr 20: Java und die Ursprünge

Der xenjo bemitleidet mich - das finde ich nett. Er erinnert uns auch daran, dass Java für alles mögliche gedacht wurde, wer mehr will: James Gosling, mit dem ich ja im Januar zu Mittag war, hat das letztens auf Video kommentiert.
So genug der Werbung für den Arbeitgeber.
Apr 19: Building WebApps with JEE

For a university project I have to develop a web based application using Java Enterprise Edition which will be based on Apache Tomcat. Afterdoing some initial setup on my development machine I did some simple tests to see whether everything works. So my first JSP file looked something like this:
<html>
<body>
<%
out.println(request.getParameter("foo"));
%>
</body>
</html>
Coming from web security I knew this being a XSS security problem since the user data is directly given to the output stream. Of course this is simple test code but as a self proclaqimed web security expert I havbe to think about such issues before even starting with implementation of the real app - even though the real app is just for university. So I browsed through the JEE documentation to find some method to encode HTML output so I asked a few friends with more Java experience and the only solution I found was using Apache Commons' org.apache.commons.lang.StringEscapeUtils which is no part of the JEE framework, a framework which was created with web apps in mind. How can that be? Are JSP based applications supposed to be unsafe? - And people say PHP was unsafe, which really was made for "solving the web problem" and offers all the things you need in it's core API.
Apr 12: It's again this time of the year ...
After nearly a year it was time again: The Munich Fire Fighters just visited our house. I couldn't see why but it was a full fire brigade with 4 trucks and fire fighters wearing full protection and breathing masks. Rumors say it was the third floor, again.
Apr 10: PHP TestFest at Munich

Apr 2: GSoC Deadline extendend

Just a short note: The deadline for applying to GSoC has been extended by Google till April 7th! So we hope to get a few more great proposals! So what's a great proposal? It's a good idea (either from our ideas page or some own idea) Being creative and having an own idea which is acceptable might look harder on first sight as you have to come up with an idea, discuss it beforehand to see whether it's acceptable and maybe fine-tune it then before wasting too much time but applying for an idea from our ideas page means that there are other candidates who want to do the same which therefore means you have to show us why you are the perfect candidate for that task and are better than others.
So please contact to us (see ideas page) if you want to discuss your ideas and apply!
Read More