Win a copy of Bad Programming Practices 101 (e-book) this week in the Beginning Java forum!

Mike Degteariov

Ranch Hand
+ Follow
since Oct 03, 2007
Mike likes ...
Java Mac MySQL Database Ubuntu
Toronto, Canada
Cows and Likes
Cows
Total received
8
In last 30 days
0
Total given
0
Likes
Total received
23
Received in last 30 days
0
Total given
3
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Mike Degteariov

Hey Mithun Ms,

No, actually I did not.
The Java EE 7 New features did not require any pre-requisite courses back than.
Hey ranchers,

We run a legacy application that uses Java 6. Recently, our partners notified us that they are going to drop support of TLS versions older than TLS 1.1.
This means that after the upgrade our outbound HTTPS connections to these partners will stop working.

The application is big, runs on old JBoss 5.1, uses a number of old components that we know will be incompatible with JDKs 7 or 8, and thus we are not considering the major JDK upgrade.

We tried to use the latest non-public release of Java 6 that we downloaded from restricted section of Oracle site (jdk-6u113).
Although release notes for this release of Java 6 say that TLS1.1 is available, it is not enabled out of the box,
there is nothing in there saying about how to enable it via changes in configuration, and an attempt to establish a
connection to the endpoint which does not support pre-TLS1.1 results in SSLHandshakeException

Now I am trying to enable TLS1.1 in jdk-6u113
So far I have tried a couple different options:

  • Adding a property deployment.security.TLSv1.1=true to deployment.properties file in .java folder for the user who runs java
  • Including -Ddeployment.security.TLSv1.1=true system property to the java command line.

  • Neither option seem to work; it appears that deployment.security.TLSv1.1 property is only used by never version of Java.

    Please can someone let me know how we should enable TLS1.1 by means of changing the configuration ?

    Also need to say that the application in question is quite big, and making change in the code in order to enable TLS 1.1 is something we would like to avoid.
    2 years ago
    You outta draw sequence diagrams, not generate them. Sequence diagram is about interaction, and class diagram is about static OO relationship - you cannot deduce one from another.
    Hi Vijaya,

    I also had a Team Doctor assignment and also had to change the relationship in a few places.
    It worked out

    Vijaya Raghava wrote:Isn't it mean we should not mention the Softwares / Hardware Product Names we were planning to use for this assignment in the hardware / Software Requirements section ?



    You may, at your own risk, but seriously, you don't have to.

    The more vendor-neutral your deployment diagram is, the more portable is your solution.
    In my diagrams, I did not include any names.
    Hi Vijaya,

    1. For the Sequence Diagrams part, am I suppose to add Stereotype for all of the components in the diagram ?? is it mandatory ? I added stereotype to only a few of them. But in the class diagram I mentioned stereotype for all of the classes /interfaces / JSFs. Please advice.


    Stereotypes are not mandatory - I did not use the stereotypes in sequence diagrams and only used them where necessary in the class diagram.

    2.Despite being asked to provide 3 Top Risks and Mitigations, I added a few more, because I just feel important so to add them. Putting the top 3 on the top list. Please let me know if i can keep all of them as it is or else, am I need to only provide top 3.


    Having more than 3 risks is fine, but do try to come up with genuine, preferably security or availability related risks as top three. Please note that you not only have to provide the description of risks, but also you have to show how your proposed solution handles these risks.

    3. Is there any strategy to be followed for selecting the type of LDAP Server, DNS Server, Load Balancer as a part of Deployment Diagram ? For a simple example, for the LDAP Server I can either opt for a Apache Directory Server or else Oracle Identity Manager (formerly SUN LDAP). Please advice.


    I think that providing names for products to use as part of implementation bring more harm than benefits, especially if these names are not owned by Oracle. I mean, "Directory Server" is OK, "Apache Directory Server" is not. I did not use product names in my deployment diagrams at all.

    4. Now coming to the contents of the assignment, I created only one index.html and included all the content and images inside it (of course I created separate folders for images and css ). Is it the best practice ? Why because, Sequence Diagrams are considerably bigger ones to be displayed. Will it be wise to display them in another HTML file popup when we click on the Sequence Diagram link on the index.html


    You did it right. Just make sure that your submission bundle has all the proper links - to verify, copy the bundle to another computer, un-jar it, and click all your links starting from index.html to make sure none are broken.

    Congratulations Marwan !
    Hi Mimmo,

    I think the the answer to ""Message attachments are secured without the need for a dedicated API"" is "YES", since WSS is not an API.
    Hi Marwan,

    The grading time can vary wildly; here at the forum I read about people who waited for the results for 9 weeks; on the other extreme, my result arrived in two days.
    The Oracle says that "The grading process can take 4-6 weeks from the completion of your essay" and I would probably not bother Oracle before the end of 6th week of waiting.
    There is no logic or pattern behind how long the grading would take in any particular case; all you can do is to be patient.
    Hi Lily,

    Do your use cases involve some kind of security, authentication or authorization ?
    Does your domain model have notion of user, customer, consumer or something like that ?

    If the answer is yes, then most probably you should introduce a user, login and appropriate security mechanism.

    In all OCMJEA assignment scenarios I heard of, the users, security and login procedures were always necessary.
    Excellent rate, congrats !
    Hi K. Tsang,

    You did it ! Congrats !!
    Congrats Sergio !
    Awesome mark !
    In my case, it took even less - I wrote an essay at around noon on Saturday and received an email from Oracle at 6AM next Tuesday. It's less than 3 days.