Tuning Garbage Collection for Mission-Critical Java Applications

I recently had the opportunity to test and tune the performance of several shop and portal applications built with Java and running on the Sun/Oracle JVM, among them some of the most visited in Germany. In many cases garbage collection is a key aspect of Java server performance. In the following article we take a look at the state-of-the-art advanced GC algorithms and important tuning options and compare them for diverse real-world scenarios.

Read the rest of this entry »  |   Share

Securing your Password Database with bcrypt

Do you also spend sleepless nights because you have saved the passwords of your users in clear text or near-clear text (MD5)? We will show you a simple method how you can smoothly migrate your password database to a much more secure format. The transition is transparent to the users and instant, i.e. as soon as you have implemented the process, your passwords are safe. If you still store your passwords in an insecure format, you should convert them to a secure format as soon as possible. Do it now!

Read the rest of this entry »  |   Share

On the Quality Benefits of Formal Domain Specific Languages

One of the assets of mgm is dedicated quality for software, including especially portal technology for applications with high-safety and reliance demands. In the first blog within this series, “Using Domain Specific Languages to Implement Interactive Frontends“, we described an approach using a specification language (DSL) family on customer level to specify valid inputs and frontend compu­tations for forms-based interactive or batch systems. Let us continue and focus on the quality benefits of this approach.

Read the rest of this entry »  |   Share

Mobile Dashboard Reporting powered by JAX-RS and Highcharts

When we developed this sales reporting solution for the insurance sector, we went for a mobile, browser-based dashboard that renders the reports on the client-side and thus enable a high degree of interactivity. That means that once the reporting data is delivered, the client should be able to e.g. drill down into the data or slide along the time axis. This article focuses on the technical aspects of the data delivery in JSON format and interactive charting in the browser.

Read the rest of this entry »  |   Share

How KICKZ uses Facebook for a better Customer Experience

The KICKZ online store is our latest e-commerce project that has gained a deep integration with Facebook. This blog article presents the four ways to utilize Facebook for a better and smoother customer experience. First we show how customers can use their Facebook accounts for registration and login into the online store using the OAuth 2.0 protocol. Next we discuss accessing the customer data from Facebook’s Open Graph (if user’s permission is given) in order to prefill registration and order forms. And finally, we deal with product reviews and forwarding customer Facebook posts to the Facebook wall of the online store.

Read the rest of this entry »  |   Share

Integrating FredHopper into a hybris Marketplace

In this blog article we discuss how Fredhopper, an advanced site search and merchandising product, can be integrated into the hybris eCommerce suite not only to search for products, but to create cross selling and campaigns as well. In the used scenario hybris is the foundation of a marketplace with a few million products from thousands of vendors.

Read the rest of this entry »  |   Share

PL/SQL Unit Testing with DBUnit

My colleague Slavomír Jeleň and I are currently working on a logistics management application for an international food retailer. It’s a data-oriented application that performs pre-calculation steps on billions of rows with PL/SQL stored procedures. In order to ensure the correctness of these calculations, we devised a solution for unit testing the stored procedures in Oracle based on DBUnit.

Read the rest of this entry »  |   Share

Possibly the most malicious Regular Expression

This is the next of my episode on regular expressions. Today, we look at the worst regex you can possibly come up with, although it looks innocent and simple. You will learn about this backtracking trap that let’s you easily wait for 10^30 steps, as an example of an errant email regex will illustrate. One possible solution we investigate is the use of possessive quantifiers.

Read the rest of this entry »  |   Share

Regular Expressions: Splitting Pipes

It’s a common saying in IT: “I had a problem and used regular expressions to solve it. Now I’ve two problems”. We want to offer help in a series of mgm “Hacking Java Puzzler” blog entries and demonstrate how regular expressions can be useful anyway. In this first episode we will focus on splitting CSV lines.

Read the rest of this entry »  |   Share

Building a scalable Web-based Call Center CTI Solution

My project was part of our customer’s effort to replace all of the enterprise applications with web applications based on a standardized technology stack. In this strategic move, the call center integration was a crucial step. As it turned out, the technical design of the new call center telephony solution was quite challenging. We did not only learn a lot about CTI; we also had to implement the system to be scalable and ensure that it handles more than 1000 call center agents.

Read the rest of this entry »  |   Share

Consequences when using Mutable Fields in hashCode()

We start our new series with an informative HashSet puzzler. It’s about a bug that gave us quite a headache since its root cause was hard to identify. This subtle bug has without doubt crept into many code bases, so a detailed discussion should interest every Java coder. I will also discuss code inspection tools that detect this violation (sadly, only few). And by the way, what we learned about HashSet also makes a good topic in our job interviews.

Read the rest of this entry »  |   Share

Using Domain Specific Languages to Implement Interactive Frontends

For many years we have dealt with the challenges that frontends with interactive forms pose w.r.t. validation, test data and quality. Describing the requirements in formal Domain Specific Languages (DSL) became the way of choice to create a specification that gives a twofold benefit: first, the customer understands it better, and secondly, the software engineers use the specification not only to implement more resilient software, but also to improve quality assurance. This new series will explain how we do it and why we think it’s the best approach.

Read the rest of this entry »  |   Share

Ultra-Performant Dynamic Websites with Varnish

This article describes how we configured and used the Varnish web cache for the popular German online shop www.lidl.de. Varnish gave us a tremendous performance boost. With this new caching setup, we easily achieve request rates of several thousand pages per second, which are quite common during marketing campaigns like special offers.

Read the rest of this entry »  |   Share

Practical Customer Participation in JIRA Workflows

This second part of our blog series continues with the topic of direct involvement of customers and gives some practical examples of when, where and how to introduce and include your customer into JIRA. We will then discuss two of mgm’s proven real-world workflows and use them as case studies about appropriate modes for successful customer participation. You will also learn about our recommended ways of keeping the complexity of huge JIRA projects from the customer.

Read the rest of this entry »  |   Share

Successfully Embracing JIRA in the whole Project Lifecycle

This two-part series shows how JIRA can be used for other things than just bug tracking and presents mgm’s experiences with embracing JIRA in nearly all parts of traditional and agile project lifecycles, resulting in a number of customized, optimized JIRA workflows and processes. In this first part, I will give you an overview of challenges we faced over the years and how we adapted JIRA to meet them. You will get a taste of the vast variety of uses we have found for JIRA and understand why we decided to use only one tool instead of many.

Read the rest of this entry »  |   Share