clone a postgresql database for testing cleanly
I’m looking at writing integration tests for the back end of JavaRanch‘s JForum install. A few “pesky” requirements/constraints Multiple developers all over the word have their own local test databases...
View Articlejunit suite wide setup (not @BeforeClass)
Problem How do I run setup/teardown for my whole suite, not just one class/test? Impact of Problem JUnit offers @Before to run a method before each test and @BeforeClass to run a method once before a...
View Articleprocess builder to run multi-platform postgres import
We saw how to clone a postgresql database for testing cleanly in an earlier blog post. The next step is to do so from Java so it can be part of an integration test. How to run each of 4 DDLs: Running a...
View Articlepostgresql – selecting maximum for each group
I had a requirement to return the thread with the most replies in each forum at JavaRanch‘s Coderanch forums. In Postgresql 8.4, this would be very easy – just use the window functions....
View Articlepostgresql and jdbc
In postgresql – selecting maximum for each group, we saw the actual stored function. That was the easy part. Then there was dealing with Postgresql and JDBC. I encountered a few surprises while...
View ArticleTSS Symposium Preview – Throw Away All The Rules. Now What Process Do You...
As previously mentioned, Scott and I are both be presenting talks at TheServerSide Java Symposium in March. In preparation for the conference, we are providing sneak peaks of talks this week on the...
View Articlemore postgres tuning in jquery
A teammate installed a new feature on CodeRanch JForum that uses a 4,515,409 row table. When dealing with over a million rows, scans become a huge performance drain. To the point where one query was...
View Articlecsrf – extending the owasp solution and “interesting” IE javascript bugs...
While implementing CSRF for JForum, I needed to extend the OWASP solution. Let me tell you, they don’t make it easy to extend. Lots of final. Here’s what I did – linked to code on github. To read...
View Articlecsrf – jforum cleanup and problems
See part 1for how we got here and part 2 for how we changed the OWASP filter. Code cleanup and problems There is some poorly written code in JForum that CSRF now prevents from working. In these...
View Articlefixing csrf for jforum and csrf filter analysis (part 1)
This post goes through how we fixed CSRF (cross site request forgery) in JForum, issues encountered and approach. It is useful reading for anyone who needs to protect against CSRF on their website....
View Articlecsrf for JForum without javascript
In February, I wrote a three part series on how we fixed JForum on coderanch to protect from CSRF. In included; Analysis Extending OWASP Problems Remaining problems Unfortunately, there were three...
View Articlefixing clickjacking and brute force login for jforum
I’ve been blogging about some of the security fixes we’ve made in the CodeRanch fork of JForum such as XSS with quotes and CSRF. Today it is time to write about Clickjacking and preventing brute force...
View Articlecontrast security plugin for eclipse
I recently learned that Contrast Security has a free plugin that tests your application against the OWASP Top 10. We’ve tried to fix these already. You can read about how we fixed Clickjacking, CSRF...
View Articlefinding out when Oracle changes the certification objectives
As Scott and I noted in the introduction of our book, Oracle tends to fiddle with the duration, number of questions and passing score of their certification exams. They also fiddle with the exam...
View Articlehow not to migrate from subversion to git
You know how you typically read blog posts of what to do that works. And not all the things people tried that didn’t work. This post is dedicated to what didn’t work. Also see: Main migration blog post...
View Articlemigrating tags from a large coderanch repository from svn to git
To review, this repository has just under ten thousand commits and just under 400 tags. Migrating with “git svn clone” would have taken over 48 hours. Since the majority of the time was going to...
View Articlemigrating coderanch from svn to git
CodeRanch has been using SVN for a long time for the forum software. It’s high time to switch. We have just over 20 projects in our one SVN repository. Most are small/inactive so it wouldn’t be...
View Article