问题：在Cookie value中储存特殊字符并读取。

典型案例：email地址在cookie value中的存取。

解决方法：通过将Cookie value进行Base54编码后储存，读取，并解码。

环境：Java & Javascript

问题延伸：Javascript中读取Base64值错误的解决方法。

我个人认为使用email地址来作为用户帐户登录名称是一个比较不错的方法。首先email地址本身已经具备一定程度上的唯一性。通过一定的正则表达式判断或者直接使用现成的一些判断类和Service判断后可以使数据库中的该字段价值更高。其次在同一用户需要使用多个帐户的情况下，相比“用户名”来说，更加直接并且容易记忆。

使用传统的方式创建的cookie:

Cookie cookie = new Cookie(cookieName, cookieValue);
((BridgeExternalContext)context.getExternalContext()).addCookie(cookie); // icefaces中使用ExternalContext储存cookie

此时如果cookieValue的值是包含一些特定字符，比如空格，大括号，小括号，逗号，以及@等。用直接读取的方式将不能得到正确的值。

比如上面的代码中，String cookieValue = "sam@satech.com.au"

使用下面的代码直接读取：

Cookie[] cookies = ((HttpServletRequest)((BridgeExternalContext)FacesContext
	                .getCurrentInstance().getExternalContext()).getRequest()).getCookies();
for(int i=0;i<cookies.length;i++){
 if(cookies[i].getName().equals(loginCookieName)) {
 this.loginName = cookies[i].getValue();
}

你会发现，储存后在firefox的cookie查看器中能看到正常的值，而读取出来以后，值只剩下一个sam了。这显然不是我们所想要的。

最简单的解决方式，就是使用某种编码方式避开这些不能接受的字符，之后读取出来再进行解码。这里使用Base64编码来解决。其实使用任何编码方式都是可以的。

我的环境中有很多Base64类的继承类可以使用。比较常见的是

import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

其他一些继承类中的加密和解码方法，可以直接作为静态方法调用，比如Icefaces自己也在utility包里面包含了。Base64类，需要的朋友可以尝试使用，原理是一样的。我这里列出使用基本的sun的misc包中的BASE64Encoder & Decoder的方法。

编码

if (log.isDebugEnabled()) {
 log.debug("Encoding string: " + this.loginName);
 }
 byte[] encodedBytes = this.loginName.getBytes(); // convert String into byte[]
 BASE64Encoder base64encoder = new BASE64Encoder(); // Create encoder
 this.base64LoginName = base64encoder.encode(encodedBytes);
 Cookie nameCookie = new Cookie(loginCookieName, this.base64LoginName);
 nameCookie.setMaxAge(SECONDS_PER_YEAR);
 nameCookie.setComment("This is the cookie to store username");
((BridgeExternalContext)context.getExternalContext()).addCookie(nameCookie); // save cookie to context

解码

Cookie[] cookies = ((HttpServletRequest)((BridgeExternalContext)FacesContext
 .getCurrentInstance().getExternalContext()).getRequest()).getCookies();
 for(int i=0;i<cookies.length;i++){
 if(cookies[i].getName().equals(loginCookieName)) {
 this.base64LoginName = cookies[i].getValue();
 BASE64Decoder decoder = new BASE64Decoder();
 try {
 byte[] decodedBytes = decoder.decodeBuffer(this.base64LoginName);
 this.loginName = new String(decodedBytes);
 } catch (IOException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
 }

现在这个cookie value就能接受大部分的字符集了。但是，又发现一个问题。大部分的Base64都是以"="结尾。在纯Java环境中读取和储存都没有问题，但是某些时候会需要在Javascript中储存和读取这个值。在Javascript中读取已储存的Base64值的时候，最后面的"="会丢失，导致读取错误。

解决方案有2，第一，使用URLCodec urlCodec再次编码。第二，自己写一个判断函数来加上最后的"=" or "=="

方案一：

 public class CookieDecoder {

 private static final Log log = LogFactory.getLog(CookieDecoder.class);

 /**
 * @param cookieValue The value of the cookie to decode
 * @return Returns the decoded string
 */
 public String decode(String cookieValue) {
 if (cookieValue == null || "".equals(cookieValue)) {
 return null;
 }

 if (log.isDebugEnabled()) {
 log.debug("Decoding string: " + cookieValue);
 }
 URLCodec urlCodec = new URLCodec();
 String b64Str;
 try {
 b64Str = urlCodec.decode(cookieValue);
 }
 catch (DecoderException e) {
 log.error("Error decoding string: " + cookieValue);
 return null;
 }
 Base64 base64 = new Base64();
 byte[] encodedBytes = b64Str.getBytes();
 byte[] decodedBytes = base64.decode(encodedBytes);
 String result = new String(decodedBytes);
 if (log.isDebugEnabled()) {
 log.debug("Decoded string to: " + result);
 }
 return result;
 }
}

JS部分：

Encode:
var encodedValue = this.base64.encode(value); document.cookie = name + "=" + escape(encodedValue) + "; expires=" + this.expires.toGMTString() + "; path=" + this.path;

Decode:
var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i = 0; i < ca.length; i++) { var c = ca[i]; while (c.charAt(0)==' ') { c = c.substring(1,c.length); } if (c.indexOf(nameEQ) == 0) { var encodedValue = c.substring(nameEQ.length,c.length); return this.base64.decode(unescape(encodedValue)); } } return null;

方案二：padString()来解决最后那个等号。

 private static final Log log = LogFactory.getLog(CookieDecoder.class);

/**
 * @param cookieValue The value of the cookie to decode
 * @return Returns the decoded string
 */
public String decode(String cookieValue) {
 if (cookieValue == null || "".equals(cookieValue)) {
 return null;
 }

 if (!cookieValue.endsWith("=")) {
 cookieValue = padString(cookieValue);
 }

 if (log.isDebugEnabled()) {
 log.debug("Decoding string: " + cookieValue);
 }

 Base64 base64 = new Base64();
 byte[] encodedBytes = cookieValue.getBytes();
 byte[] decodedBytes = base64.decode(encodedBytes);
 String result = new String(decodedBytes);
 if (log.isDebugEnabled()) {
 log.debug("Decoded string to: " + result);
 }
 return result;
}

private String padString(String value) {
 int mod = value.length() % 4;
 if (mod <= 0) {
 return value;
 }
 int numEqs = 4 - mod;
 if (log.isDebugEnabled()) {
 log.debug("Padding value with " + numEqs + " = signs");
 }
 for (int i = 0; i < numEqs; i++) {
 value += "=";
 }
 return value;
}

JS部分：现在在JS中就可以按照正常方法读取了

 var encodedValue = this.base64.encode(value);
document.cookie = name + "=" + encodedValue +
 "; expires=" + this.expires.toGMTString() +
 "; path=" + this.path;

至此，基本解决问题。

关心JDK7中将会出现的NIO.2 File system的朋友。

http://java.sun.com/developer/technicalArticles/javase/nio/

根据Jim White从本次JAVAONE带回来的报道。新的Java 7 以及Java EE 6将分别于，2010年二月和2009年10月发布。

在本次JAVAONE中同时公布了一些新的JAVA 7和JAVA EE6将要支持的新特性，包括：

1. modules (allowing you to customize the features of Java you need for your app and finally killing the classpath)
2. null check operator/conditional - "?:"
3. Strings in switches
4. multiple exception catches in the catch block (using "")
5. diamond operator to allow the generics to be more easily used.
   //For example...
   HashMap> map = new HashMap>();
   //becomes
   HashMap> map = new HashMap<>();

没有在本次JAVAONE公布但是有传言将会支持的新特性：

1. closures
2. SQL expression checking

新的JAVA EE 6将会有如下的主要变更：

1. JAX-RS (support for RESTful web services)
2. JSF 2.0
3. Asynch servlets
4. Bean validation (adding validation to JavaBeans that can be used to validate property data anytime they are used).
5. Web.xml is gone (at least it can be gone) with the use of annotations and/or web.xml fragments.
6. Web beans - essentially session beans in the WAR file.

JAVA 7将会在今年9月份结束最后一个Milestone版本，该版本将会包括正式版JAVA 7中的所有新特性。而JAVA EE 6的最后一个Milestone版本将会在今年9月份发布。

另外，Jim White在本次JAVAONE中带回的新消息还包括，Eclipse IDE的下一个版本“Eclipse Galileo”将会在六月24日发布，该版本会有非常大的变动，支持了Eclipse社区新增的33-48个新的projects。

并且Spring会公布一个全新的项目“Spring Roo”。

最近太忙了，资料堆积了看不完，暂时在这里列举一下，有空了会补上。

• J2ee without application server (j2ee is easy!) 一篇不错的系统结构研究的白页。推荐!
• 一套新的ajax框架，echo3发布beta版本，大概看了一眼，近期一个呼声比较高的东西，从开发起就用到不少新的创新。还是蛮不错的。主页这里，Demo这里，以及Serverside的帖子。
• Parallel Processing in Java EE 5
• Java Performance Talk
• JSR 316: JavaTM Platform, Enterprise Edition 6 (Java EE 6) Specification | JSR 318: Enterprise JavaBeansTM 3.1
• EJB 3.1 的新内容 by Reza Rahman Part1 & Part2
• Web Services with Spring 2.5 and Apache CXF 2.0
• ICEFaces 写的一篇 ICEfaces and Spring 2.5 in Java EE
• J2EE Applications Performance Monitoring using insideApps

OK，暂时这些。情绪是一种比较烦人的东西，但你又不能没有。

Agile tools for Agile development By Jack Vaughan from SearchSoftwareQuality.com

and an old article about Migrating JDBC data access objects to use EJB3, kinda old but maybe will helpful later, save it here for sometime.

This seems like a nice one. “Java EE 5 Development using GlassFish Application Server” written by David R. Heffelfinger has recently been published by Packt Publishing and is intended to guide developers “through the development and deployment of Java EE 5 compliant applications on GlassFish version 2″.

The book assumes that the reader has experience of Java but no previous knowledge of Java EE or J2EE. As such, this is a great book for developers who are new to this arena.

The book starts with an overview of what GlassFish is, what its competitors are and why we should use GlassFish. The introduction continues to provide details of how to download, install and verify GlassFish and finishes by exploring some of the management tasks associated with GlassFish such as managing domains, creating connection pools and configuring datasources.

Several sections of the book cover web development, including chapters on Servlets, JSPs, the JSP standard tag library and JSF. These chapters take the reader from initial concepts such as “What is a servlet?” and gradually build up on their knowledge by describing how to build JSF applications.

Database connectivity is covered in the book, however this assumes that the reader has some experience of SQL. The book starts by covering JDBC and how this can be used from within Java EE applications, and continues to discuss the Java Persistence API (JPA). This includes details on how to configure entity relationships with JPA, such as one-to-one and many-to-many relationships. After details and examples on how to use JPA, the reader is shown how to integrate JSF and JPA.

Moving away from web development, the book describes the Java Message Service (JMS) and how queues and topics can be defined within GlassFish and then accessed via Java code. This is taken further in the section on enterprise beans where the book discusses Message Driven Beans and how they interact with the application server. This section on enterprise beans also includes details about session beans and discusses life cycles, transactions and security.

Security is discussed in detail and explanations are provided regarding what security realms are within GlassFish and how they can be configured. Details are included about the file, certificate, LDAP, Solaris, JDBC and custom realms.

The final aspect of Java EE discussed within the book is web services. This chapter discusses how to create, deploy and test JAX-WS web services and includes details on sending attachments from web service methods and securing web services.

The final chapter of the book takes the reader beyond the Java EE standard and describes additional 3rd party technologies, namely Facelets, Ajax4jsf and Seam and describes how applications developed with these technologies can be deployed to GlassFish.

This is a highly recommended book for developers who are new to Java EE 5 development and the GlassFish Application Server.

More about this book. here

Since March 13, 2007, the FCKeditor has supported the new method setCustomConfigurationsPath(String url) that you can specify the url of the custom configuration .js file. You do not need to modify the fckconfig.js inside the fckez.jar any more. Please see FCKeditor Configurations File for details on what can be customized.So here is the new way to create a new toolbar set for the FCKeditor.
点击浏览文章的全部内容 »

Configurations File

The editor comes with a rich set of configurations that makes it possible to customize its appearance, features and behaviors. The main configuration file is named “fckconfig.js“.

You can either edit the main configuration file or just override the stuff you want to change in a separate file. JavaScript syntax is used to configure FCKeditor.

点击浏览文章的全部内容 »

How to Get the Best Performance Out of a Java Persistence Implementation by Rahul Biswas

A nice article of teach you tuning the performance of Java Persistence with Glassfish.

Simplifying EJB Development with EJB 3.0 by Debu Panda

Quite a out of date article, but illustrated some of the main differences between EJB3 and 2.1

LaLiLuna - Tutorials of JavaEE

Most of tutorials here are about using eclipse, xDoclet under a JBOSS enviroenment.

MyEclipse Educational Material

Got lots of nice video and text tutorials about features of MyEclipse IDE

PetShop Example on Glassfish by Carol McDonald

Sample Application using JSF, Seam, and Java Persistence APIs on Glassfish

After investaged in a period of time, we realized that there is no easy way that can make hibernate becomes a replacement of the traditional Glassfish JPA.

Reasons are listed from:

When can I use hibernate as EJB3 persistence provider in GlassFish by Sahoo

and a post from Java forum here.

As a result, instead of move on to the popular Spring+hibernate architecture, we decided to stay with the basic JavaEE5(EJB3 + Toplink) at the first.

The installation guide of catalog sample. Some of the configurations are
nice to a Java EE newbiew, like me, *grins*

点击浏览文章的全部内容 »

Allen せんせい read this article when you have time~

ZK is what we are about to use as the front-end technology in our
project. This article compares some of the current ajax frameworks, offers a
comprehensive analyse and tutorial of this ajax framework.

ZK rich client framework and agile development

MyFaces Core 1.2.x is a JavaServer(tm) Faces 1.2 implementation as
specified by JSR-252. MyFaces Core has passed Sun’s JSR-252 TCK and is 100%
compliant with the JSR-252 specification.

examples of the new version can be acquired from here:

http://www.irian.at/myfaces/home.jsf

Project home here:

http://myfaces.apache.org/

Still cannot see anything new.

provides a natural migration path for Swing applications by providing automatic conversion to AJAX. Virtually without modifications the existing Swing based front end can be deployed as a thin client. Our product supports every standard Swing component by providing an AJAX version that runs in the browser.

Amazing stuff, never know if it really works for myself. It is also a nice evidence that the traditional SWING based client-side application can be implemented by browser-based web application functionally.

点击浏览文章的全部内容 »

转篇文章，蛮不错的，仔细的说明了oc4j的很多结构和使用上的问题。
By Steve Callan, stevencallan@hotmail.com