Angus MacCuish

Greenhorn
+ Follow
since Nov 21, 2001
Java 1.0.2 veteran
London
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Angus MacCuish

Check out
http://www.cs.ust.hk/~lzhang/teach/java03/slides/17security.ppt
and
http://www.securingjava.com/chapter-three/chapter-three-7.html
I think the Sun document you're quoting (from the SCEA links page) is describing the default behaviour of Applets. The Java 2 security architecture is supposed to let you go 'beyond the sandbox' with the
'java.policy' permissions file.
If you search for applets on the web you'll notice some will tell you to add entries into this policy file to grant 'SocketPermission' for other hosts.
I haven't written an Applet since 1998 I hasten to add! Interestingly enough, that particular project used a signed applet to connect to other hosts (an Oracle database via JDBC).
Cheers
Gus
You can only use Container Managed Transactions (CMT) with Entity Beans
in EJB 1.1 - see the EJB Spec for details.
Cheers
Gus
Have a read of this.
I would have automatically said 'no' to your question, unless of course the browser's security policy has granted permission. It looks like a JDK1.1 signed applet would work though (assuming no firewall issues).
In the context of the SCEA exam, I believe the answer would be 'no', as they are testing your knowledge of the new applet security architecture.
Cheers
Gus
[ March 17, 2004: Message edited by: Angus MacCuish ]
Did anyone ever get a J2EE Core Pattern question ?
I think mine were all GoF, not sure though.
The exam objectives explicitly mention Gamma et al.
One exception is the Data Access Object pattern (in the EJB section):
"Identify costs and benefits of using an intermediate data-access
object between an entity bean and the data resource".
Cheers
Gus
Here is the recent response I got from Sun Education regarding this.
So it's EJB1.1 for now (at least for SCEA Part I).
This is an important issue for lots of the scenario based questions, where you usually have to go for Bean Managed Persistence to optimise performance and handle complex data types. However once the exam moves to EJB2.0 you will need to consider the possibility of using Container Managed Persistence, Container Managed Relationships and local bean interfaces.
Cheers
Gus
> Hello,
>
> Thank you for inquiring about our Java Architect
> Exam. The current architect
> exam was written for J2EE 1.2 which covers EJB 1.1.
> The objectives are listed on
> the following website:
>
>
http://suned.sun.com/US/certification/java/java_exam_objectives.html#architect
>
> Please also visit the Sun Certification website.
> http://suned.sun.com/US/certification
>
> Also, for further study material, Sun endorses "Sun
> Certified Enterprise
> Architect for J2EE Technology," by Mark Cade and
> Simon Roberts.
>
> We will be updating this exam within the next 12
> months, however we do not have
> a specific release date at this time. Please stay
> posted to our Certification
> URL for any updates.
>
> Best of luck,
>
> The Certification Team
Yes - you will normally get a couple of questions on UML and they are pretty easy if you are familiar with UML.
Cheers
Gus
It's still based on the EJB 1.1 spec.
I got a recent email from Sun saying they were planning to upgrade it sometime 'in the next 12 months'.
Cheers
Gus
You need to know about things like screen scraping, JNI and RMI-IIOP / CORBA.
Regarding JCA, I reckon you need to know what it is, but not in any great detail.
Cheers
Gus
Yes, just to confirm - I was specifically talking about the multiple choice exam in Part I.
Cheers
Gus
What is the current status of the SCEA exam ?
As far as I can gather it still covers EJB 1.1, does anyone know if there is an EJB 2.x version in the pipeline ?
Cheers
Gus
I was thinking about whether or not to explicitly use Struts or not recently - I'd like to but it's probably safer to just represent the design patterns as you say.
Cheers
Gus
I've used JAAS with JBoss recently - you can configure the server to use a JAAS implementation to authenticate the user ("Principal"). The identity of the user can be found using the getCallerPrincipal() method, and you can check authorisation using isCallerInRole(). I was thinking about using this for the assignment but will probably go for the usual application level security as described in the PetStore docs.
Cheers
Gus
I highly recommend the Whiz Labs mock exam - it did have a few annoying features but overall it was well worth buying.
Gus
Mark,
I used the popular package breakdown:-
suncertify.client
suncertify.db
suncertify.server
I did flirt with the idea of a suncertify.net or suncertify.rmi package for a while but I just left it alone in the end.
The turning point in this assignment for me was when I read (probably from yourself) that people had not worried too much about clients crashing and leaving db locks, etc. I'd finished the coding ages ago but I used to spend a lot of time thinking about all these scenarios. In the end I've made an attempt to avoid this using the Unreferenced interface, but I don't think it's part of the requirements.
Gus
20 years ago