Win a copy of Spring Boot in Practice this week in the Spring forum!

Drago Z Kamenov

+ Follow
since Oct 17, 2009
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Drago Z Kamenov

Andrew Monkhouse wrote:As such, a question such as "Did you use Visual Basic or Java" should be something that you should be able to answer quickly and easily. But if a cheater was able to take the submission with them, then they could look up the answer to that question while there.

Thanks Andrew, I had no idea it was that easy. I thought I had to explain and justify the architectural and design decisions.
Do they give you access to your submitted solution at the test center and, if not, can I/should I bring my own copy.
It seems like a handy thing to have when you are trying to defend your solution....
I certainly hope not. This is implemented at the JVM level, so we don't know for sure.
Is your RMI server on the open Internet? It would normally be behind another firewall, which you would have to traverse, this time from the outside in.

RMI supports tunneling over HTTP out of the box, but not without significant performance penalty. Take a look at this (scroll down to "Firewall Issues")
This begs the question, if you are going to tunnel RMI over HTTP or HTTPS, why not just use a web service? The only reason would be if you have to talk to an existing service you do not have control over (like a different company).

External server and protocol should be depicted on deployment diagram.

Hope this makes sense.

I think you should include the Actor in the sequence diagram. Boundary, Control & Entity are Rational/IBM concepts as is the concept of "Use case realization" so they are not part of the UML standard. Specifically, in Rational Rose they use different UML representation for those types of classes. If you do decide to use "Boundary/Control/Entity", make sure you represent them as classes (maybe strereotyped) and not using the Rose notation. That's what I am doing anyway.

Hope this helps.

Hi Santosh,

I can only speak about part 1 - that's what I have taken so far. Basically, you would approach it no differently than a university/college exam. Print out the objectives and start reading up until you cover them all. Once you cover all the material, try an exam simulator, according to most people Whizlabs is the best and very close to the actual exam (although I find the wording of some questions confusing). It also includes good (if not very detailed) study notes. These mock exams will show your weaker areas, then just go back and read up on them again. The most important and most difficult areas in my opinion are Common Architectures and patterns. For patterns, read the two GoF and J2EE Patterns books to make sure you understand each pattern. But then for the exam you only need to know applicability (when to use) and consequences/benefits, especially as they apply to the eight Service Level Requirements (system capabilities).

good luck,

Authentication and encryption are two different things. Even if neither party presents a certificate, public/private key pairs are generated and public keys are exchanged as part of the SSL handshake, so the entire conversation is still encrypted. If the client does not have a certificate, the identity of the client has to be established in a different way - usually a username/password. These credentials are still transmitted via HTTPS. Most often the HTTPS server has a certificate since it is easier and cheaper to obtain and maintain one on the server machine. A client certificate would have to be installed/uninstalled on each client machine, renewed regularly, revoked if stolen, etc. Which is why in practice it's only done in highly controlled environments where security is of utmost importance, such as military, other government, big financial corporations, etc.

Prabu Senthyl Arumugam wrote:
2. How do I create the .jar?
a - use winzip or some zip software and rename the extension to .jar (or)
b - use eclipse and .jar the .html and image files

c- command line:

jar -cvf scea-XXXXXXXXX.jar index.html <other files separated by spaces>
sure, if you come across anything, let me know.

1. The second edition of the official Sun guide is about to be published:
The first edition is very good but is somewhat dated for this version of the exam: It does not cover all sections of the exam though.
2. The GoF book is a must have for any aspiring architect or even mid-level developer - "Elements of Reusable Object-Oriented Software"
3. Same for this one: "Core J2EE Patterns: Best Practices and Design Strategies (2nd Edition)"

There are a couple of good books that can be downloaded for free:
4. "Mastering Enterprise JavaBeans 3.0" by Rima Patel Sriganesh, Gerald Brose, and Micah Silverman - very detailed on EJB and JPA. Make sure you don't get one of the earlier editions (Roman).
5. "The Java EE 5Tutorial" (Sun Microsystems) - surprisingly good and comprehensive. My primary source on JSF.

Finally a couple of books that could be useful for the assignment (Step 2):
1. "UML Distilled" (Fowler)
2. (optional) "Building J2EE Applications with the Rational Unified Process" Although RUP is not required, some of its ideas will help you structure your project (and your thoughts) better. Specifically use case realizations (sequence diagrams) and domain model. Reading up on Software Architecture Document also gave me a lot of food for thought. However, be warned that following the entire process to the letter can lead to "process paralysis" even on a real project.
Hi Sri,

Thanks for your suggestion. If I was doing this for a real client, I would do that without hesitation,
but it's not UML compliant and the project will be judged on UML comliance among other things...

Greetings ranchers,

Does anyone have an idea how to properly depict firewalls/DMZ on a deployment diagram? When it comes to network topology, UML seems a little lacking.
Also, any ideas on depicting clusters will be appreciated. After a long deliberation, I have settled on using a node with a <<cluster>> stereotype along with a tagged value for the number of nodes, e.g "{min nodes=2}'