Skip to main content

Worthless Practices (IBM's list)

I just saw via InfoQ that IBM maintains a list of Java EE best practices.

Now I've never really been good with bile, but there is just so many things wrong with this list on so many levels. Just listen to the title: "IBM WebSphere Developer Technical Journal: The top Java EE best practices". A bit of paradoxial, isn't it?

Let's take a quick look through the list and comment on each point:

1. Always use MVC.
Yeah, right. Always use MVC. Remember to design a rigid 3-tier architecture upfront no matter what sort of application you are going to build. Use Struts, right? Right.

2. Don't reinvent the wheel.
Well, duh. Struts, right? Right.
3. Apply automated unit tests and test harnesses at every layer.
I'd actually support this one if I could append "if possible".

4. Develop to the specifications, not the application server.
Well that certainly was a good tooting from the wrong horn, coming from the deranged nit-wits that gave us WSAS and WSAD.

5. Plan for using Java EE security from Day One.
Yes, and build it into your whole application using WebSphere Application Server's Java EE security(tm). There is no better way to tie yourself to your application server than using the embedded access control and security mechanisms.

6. Build what you know.
Well, duh. Struts, right? Right.

7. Always use session facades whenever you use EJB components.
How bout never using EJB components?

8. Use stateless session beans instead of stateful session beans.
Sounds a lot like Struts action thinking to me. Drink you own poison any way you like, EJB suckers.

9. Use container-managed transactions.
Uh. Yeah, using WSAS Transcation Management(tm)!

10. Prefer JSPs as your first choice of presentation technology.
Indeed! Never mind that JSPs is the most designer and developer unfriendly templating language around. I love having to compile my templates into servlets, then loading them into the application server!

11. When using HttpSessions, store only as much state as you need for the current business transaction and no more.
No kidding. I'll try to remember that session actually uses memory somewhere.

12. Take advantage of application server features that do not require your code to be modified.
Wait, isn't this the same as point 4? Except that it binds you to the functionality of an application server and thereby invalidates the point.

13. Play nice within existing environments.
I guess this means that we should use WSAS. Period.

14. Embrace the qualities of service provided by the application server environment.
Really, how much more of this list is going to be about WSAS ball-licking?

15. Embrace Java EE, don't fake it.
And buy our fully Java EE compatible application server today! Seriously, tell this to the thousands of developers who have uneccesarily suffered under EJB's.

16. Plan for version updates.
Yes, there will always come a patch for your WSAS installation. Usually the one that fixes the bug in WSAS which is paining your development. And the techies will tell you they can't install the patch before 6 months.

17. At all points of interest in your code, log your program state using a standard loggingframework.
Yeah.. WSAS logging is just lovely to look at and modify.

18. Always clean up after yourself.
Now this is the point where I really start getting annoyed. How bout you guys cleaning up after yourself? Your company is largely responsible for soddling the development of Java EE into the state it is today!

19. Follow rigorous procedures for development and testing.
Yes, develop and test as rigorously as the application server and the web framework forces you to. Make sure you have a 100 page testing plan that lines up the procedures.



Summary: Buy IBM, use WSAS and use Struts.

Bile being done, the text actually has some good principles and points, but the concrete solutions so provided are a bit too much 2002 for my taste.

Labels:

Comments

  1. Thommy Bommen19/2/07 19:07

    Haha, I love the post Thomas!

    I could not agree more on that IBM really want you to be application server dependent. We also have problems with WSAS and RAD. RAD being IBM Rational Application Developer, where they have an old version of eclipse which they have ruined with a lot of wizards and clodding it up with WSAS integration. It is really a pain to not being able to generate code that you can trust.. We even have to fix generated code after we deploy.. This so a call to DB2 do not fail..

    We would maybe keep using WSAS if we had got any feedback and information from IBM, but as the reality is different we are migrating to JBoss instead.

    ReplyDelete

Post a Comment

Popular posts from this blog

Open source CMS evaluations

I have now seen three more or less serious open source CMS reviews. First guy to hit the field was Matt Raible ( 1 2 3 4 ), ending up with Drupal , Joomla , Magnolia , OpenCms and MeshCMS being runner-ups. Then there is OpenAdvantage that tries out a handful ( Drupal , Exponent CMS , Lenya , Mambo , and Silva ), including Plone which they use for their own site (funny/annoying that the entire site has no RSS-feeds, nor is it possible to comment on the articles), following Matt's approach by exluding many CMS that seem not to fit the criteria. It is somewhat strange that OpenAdvantage cuts away Magnolia because it "Requires J2EE server; difficult to install and configure; more of a framework than CMS", and proceed to include Apache Lenya in the full evaluation. Magnolia does not require a J2EE server. It runs on Tomcat just like Lenya does (maybe it's an idea to bundle Magnolia with Jetty to make it seem more lightweight). I'm still sure that OpenAdvant
6 comments
Read more

Encrypting and Decrypting with Spring

I was recently working with protecting some sensitive data in a typical Java application with a database underneath. We convert the data on its way out of the application using Spring Security Crypto Utilities . It "was decided" that we'd be doing AES with a key-length of 256 , and this just happens to be the kind of encryption Spring crypto does out of the box. Sweet! The big aber is that whatever JRE is running the application has to be patched with Oracle's JCE  in order to do 256 bits. It's a fascinating story , the short version being that U.S. companies are restricted from exporting various encryption algorithms to certain countries, and some countries are restricted from importing them. Once I had patched my JRE with the JCE, I found it fascinating how straight forward it was to encrypt and decrypt using the Spring Encryptors. So just for fun at the weekend, I threw together a little desktop app that will encrypt and decrypt stuff for the given password
Post a Comment
Read more

What I've Learned After a Month of Podcasting

So, it's been about a month since I launched   GitMinutes , and wow, it's been a fun ride. I have gotten a lot of feedback, and a lot more downloads/listeners than I had expected! Judging the numbers is hard, but a generous estimate is that somewhere around 2000-3000 have listened to the podcast, and about 500-1000 regularly download. Considering that only a percentage of my target audience actively listen to podcasts, these are some pretty good numbers. I've heard that 10% of the general population in the western world regularly listen to podcasts (probably a bit higher percentage among Git users), so I like to think I've reached a big chunk of the Git pros out there. GitMinutes has gathered 110 followers on Twitter, and 63, erm.. circlers on Google+, and it has received 117 +'es! And it's been flattr'ed twice :) Here are some of the things I learned during this last month: Conceptually.. Starting my own sandbox podcast for trying out everythin
Post a Comment
Read more

The academical approach

Oops, seems I to published this post prematurely by hitting some Blogger keyboard shortcut. I've been sitting for some minutes trying to figure out how to approach the JavaZone talk mentioned in my previous blog-post. Note that I have already submitted an abstract to the comittee, and that I won't publish the abstract here in the blog. Now of course the abstract is pretty detailed on what the talk is going to be about, but I've still got some elbow room on how to "implement" the talk. I will use this blog as a tool to get my aim right on how to present the talk, what examples to include, what the slides should look like, and how to make it most straightforward and understandable for the audience. Now in lack of having done any presentations at a larger conference before, I'm gonna dig into what I learned at the University, which wasn't very much, but they did teach me how to write a research paper, a skill which I will adapt into creating my talk: The one
1 comment
Read more

Managing dot-files with vcsh and myrepos

Say I want to get my dot-files out on a new computer. Here's what I do: # install vcsh & myrepos via apt/brew/etc vcsh clone https://github.com/tfnico/config-mr.git mr mr update Done! All dot-files are ready to use and in place. No deploy command, no linking up symlinks to the files . No checking/out in my entire home directory as a Git repository. Yet, all my dot-files are neatly kept in fine-grained repositories, and any changes I make are immediately ready to be committed: config-atom.git     -> ~/.atom/* config-mr.git     -> ~/.mrconfig     -> ~/.config/mr/* config-tmuxinator.git       -> ~/.tmuxinator/* config-vim.git     -> ~/.vimrc     -> ~/.vim/* config-bin.git        -> ~/bin/* config-git.git               -> ~/.gitconfig config-tmux.git       -> ~/.tmux.conf     config-zsh.git     -> ~/.zshrc How can this be? The key here is to use vcsh to keep track of your dot-files, and its partner myrepos/mr for o
Post a Comment
Read more