Java servlet on browsers: dying or kicking ?

[Arne Vajhøj]

It is alive.

Well? It is far behind several alternatives in usage.

In theory it should have a chance for a come back
give that:
- JavaFX is coming as new GUI framework
- MS are dropping SL
- Adobe are moving slightly from Flash towards HTML5
but I doubt that any major change will happen.

Arne

 

[Arved Sandstrom]

On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

But let's say they put all the business rules in the Business Layer
implemented in a Java or C# class. Who is going to inforce thos rules
from
PHP Perl or Python access?

This is a spurious argument. Any organization that allows unfettered
access to it's data by random clients written in unsupported languages
deserves everything it gets.

Putting it another way, this is not a technical issue.

Keeping business logic in a single place is all about maintainability.

How do you define "single place"? Method? Class? Package? Logical
subsystem? (Gets a bit circular here).

I'm not being absurdist, simply pointing out that "single place" is an
unhelpful, vague description.

Fact is, if you were into SOA principles, and had true small-s services,
that vertical slice of inventory mgmt logic that cuts right down from
workflows in the process layer right at the application boundary,
through inventory mgmt business rules at the lower levels of the domain
layer, right down to constraints on tables related to inventory mgmt,
would be an acceptable and maintainable "single place".

Providing meaningful access to the most valuable asset your organization
has is exactly what good design is all about.
The logical extension of your argument is to do everything in the
database. You're not a DBA by any chance are you ?

I have no objection to using referential integrity constraints as a
backup to a good understanding of your business model but I can see no
situation where scattering business logic over multiple
tiers/layers/whatever is anything other than poor/lazy design.

If you use a characterization like "tiers/layers/whatever" you are not
in a position to discuss the problem.

Flexibility comes from providing a meaningful interface to your business
state so that clients can access it using whatever means they desire be
this Python or Ada or Eiffel of Haskell or any one of an apparently
unending stream of 'latest greatest' languages.

lipska

AHS

 

[Arne Vajhøj]

On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

But let's say they put all the business rules in the Business Layer
implemented in a Java or C# class. Who is going to inforce thos rules
from
PHP Perl or Python access?

This is a spurious argument. Any organization that allows unfettered
access to it's data by random clients written in unsupported languages
deserves everything it gets.

I thought the idea of solving IT complexity by having one language,
one database etc. died 20 years ago.

One size does not fit all.

And even if it did then we could not convert systems as fast as
companies spin-off, acquire, merge etc..

Keeping business logic in a single place is all about maintainability.

Yes or no.

Business logic relating to some specific purpose should be in one
place.

But all business logic does not need to be in the same place.

Providing meaningful access to the most valuable asset your organization
has is exactly what good design is all about.
The logical extension of your argument is to do everything in the
database. You're not a DBA by any chance are you ?

I have no objection to using referential integrity constraints as a
backup to a good understanding of your business model but I can see no
situation where scattering business logic over multiple
tiers/layers/whatever is anything other than poor/lazy design.

I would tend to agree for simple solutions, but for more
complex solutions it does not hold true.

In a SOA world each service will be responsible for its
own business logic.

Arne

 

[Arved Sandstrom]

On 05/01/13 00:22, Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

But let's say they put all the business rules in the Business Layer
implemented in a Java or C# class. Who is going to inforce thos rules
from
PHP Perl or Python access?

This is a spurious argument. Any organization that allows unfettered
access to it's data by random clients written in unsupported languages
deserves everything it gets.

Putting it another way, this is not a technical issue

You argue that putting all the business rules in a single layer [of some
system] is bad because it does not prevent other access methods from
doing bad things with your business[data]

No, that wasn't any argument of mine.

I'm not saying that putting all business _logic_ (not rules, logic -
there's a clear difference, one is a subset of the other) in one layer
is bad, I'm saying that it's very uncommon to find all B.L in one
*tier*, and I'm also saying that anyone who purports to have a logical
B.L. layer that contains all business logic may as well define that
layer as being the *entire* app.

I'm saying ultimately that of all the possible layer labels and
characterizations, I don't find "business logic layer" to be very useful.

I can only assume then that as far as you are concerned the only
solution to any data centric business problem is to put all the business
logic in the database.

No, that's actually retarded.

How else can you avoid people doing stuff with your data that you don't
want them to do ?

Oh, wait a minute, how about "effective management"

I think you're not a good reader, and I think you're inventing arguments.

If you say so.

lipska

I do say so. If you don't get that distinction what else don't you get?

AHS

 

[Lew]

Richard Maher wrote:

On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

But let's say they put all the business rules in the Business Layer
implemented in a Java or C# class. Who is going to inforce [sic] thos [sic]rules
from PHP Perl or Python access?

That same "Business Layer [sic]", of course.

This is a spurious argument. Any organization that allows unfettered
access to it's [sic] data by random clients written in unsupported languages
deserves everything it gets.

The programming language is immaterial. Don't know why it's mentioned here.

Putting it another way, this is not a technical issue

You argue that putting all the business rules in a single layer [of some
system] is bad because it does not prevent other access methods from
doing bad things with your business[data]

That's not what he said.

I can only assume then that as far as you are concerned the only

You can only assume it because there's no evidence for that.

solution to any data centric business problem is to put all the business
logic in the database.

Put words in his mouth much?

How else can you avoid people doing stuff with your data that you don't
want them to do ?
Oh, wait a minute, how about "effective management"

Oh, wait a minute, how about standard architectures, well documented, that
solve this issue?

If you say so.

It's a conclusion based on the stated evidence. Your use of imprecise language,
hand-waving and misstatement of others' points does not provide evidence that
you are in a position, or possess the knowledge, to discuss the problem.

Your use of the cited expression, especially the "whatever", does provide
evidence that you are not.

 

[Arved Sandstrom]

On 05/01/13 00:22, Richard Maher wrote:
news:[email protected]...

[snip]

In a SOA world each service will be responsible for its
own business logic.

One definition of an SOA is that

Services are unassociated, loosely coupled units of functionality that
have no calls to each other embedded in them <wikipedia>

This being the case then it will be even more important to manage the
possible combinations of what will effectively be calls on your business
logic. You can't simply allow your various departments to publish a
random collection of services and let anyone combine them in any way
they like.

Of course not. There's nothing magical about services per se. You'd no
more do what you just described than put a bunch of CORBA interfaces out
there and let just anyone pound on 'em, or deploy a JMS messaging
provider and let just anyone use it.

Complete applications in the SOA world consist of all the orchestration
and choreography required to automate processes and have services
interact, plus the lower-level services themselves. As applications they
should be subject to the same SD discipline as any other.

As I see it a SOA while providing maximum flexibility

clientside will be even more dependent on some central repository of
rules that will need to be applied at some stage in the interaction
lifecycle. Allowing different interpretations of critical business
process will surely be an invitation to chaos and disaster.

Or maybe I'm being over cautious.

lipska

You're not being overly cautious, this is where the top layer of a SOA
app comes in, whether a workflow engine or a web app, with maybe an ESB
thrown in for good measure.

Having said all that, it's not like public (or internal organizational)
exposure of services, and letting people combine them as they like, is
always bad, it simply depends on the nature of the service. You may have
noticed things like mashups and the tens of thousands of web APIs out
there. And the API providers in those cases purposefully don't care
about API combinations.

AHS

 

[Arne Vajhøj]

On 05/01/13 00:22, Richard Maher wrote:
news:[email protected]...

[snip]

In a SOA world each service will be responsible for its
own business logic.

One definition of an SOA is that

Services are unassociated, loosely coupled units of functionality that
have no calls to each other embedded in them <wikipedia>

This being the case then it will be even more important to manage the
possible combinations of what will effectively be calls on your business
logic. You can't simply allow your various departments to publish a
random collection of services and let anyone combine them in any way
they like. As I see it a SOA while providing maximum flexibility
clientside will be even more dependent on some central repository of
rules that will need to be applied at some stage in the interaction
lifecycle. Allowing different interpretations of critical business
process will surely be an invitation to chaos and disaster.

It is definitely not SOA if the service provider want to
dictate how the service consumer uses the service.

Arne

 

[Arne Vajhøj]

On 05/01/13 00:22, Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

But let's say they put all the business rules in the Business Layer
implemented in a Java or C# class. Who is going to inforce thos rules
from
PHP Perl or Python access?

This is a spurious argument. Any organization that allows unfettered
access to it's data by random clients written in unsupported languages
deserves everything it gets.

I thought the idea of solving IT complexity by having one language,
one database etc. died 20 years ago.

One size does not fit all.

No one is suggesting it does.

You seems to want to limit the usage of programming languages.

The solution to maintaining control over your data is all about good
management of your resources. And by management I mean managing who and
what you allow to access your data, because in the end, that is what we
are talking about isn't it, data integrity.

If you allow anyone or anything using any language to do anything that
you don't have ultimate control over then then you are asking for trouble.

You will never have ultimate control.

Arne

 

[Arne Vajhøj]

Arved Sandstrom wrote:
lipska the kat wrote:
Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

It's a conclusion based on the stated evidence. Your use of imprecise
language,
hand-waving and misstatement of others' points does not provide
evidence that
you are in a position, or possess the knowledge, to discuss the problem.

And here we are again.

In my many years of experience working in software teams using many
different languages, methodologies and processes,

Do you think anyone is impressed by posters that post
anonymously and claim experience?

If you do, then you are wrong. It make them look
rather silly.

Arne

 

[Arne Vajhøj]

On 06/01/13 14:29, Arved Sandstrom wrote:
On 01/06/2013 06:27 AM, lipska the kat wrote:
On 05/01/13 00:22, Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

But let's say they put all the business rules in the Business Layer
implemented in a Java or C# class. Who is going to inforce thos rules
from
PHP Perl or Python access?

This is a spurious argument. Any organization that allows unfettered
access to it's data by random clients written in unsupported languages
deserves everything it gets.

Putting it another way, this is not a technical issue

You argue that putting all the business rules in a single layer [of some
system] is bad because it does not prevent other access methods from
doing bad things with your business[data]

No, that wasn't any argument of mine.

but ... but ... please allow the the indulgence of quoting you

"But let's say they put all the business rules in the Business Layer
implemented in a Java or C# class. Who is going to inforce thos rules
from PHP Perl or Python access"

You are quoting Richard Maher.

I'm not sure how else to interpret this, maybe you could help me out !

I doubt that Arved can explain what Richard meant.

Arne

 

[Twirlip of the Mists]

lipska the kat wrote:
Arved Sandstrom wrote:
lipska the kat wrote:
Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:
[snip]

It's a conclusion based on the stated evidence. Your use of imprecise
language,
hand-waving and misstatement of others' points does not provide
evidence that
you are in a position, or possess the knowledge, to discuss the problem.

And here we are again.

In my many years of experience working in software teams using many
different languages, methodologies and processes,

Do you think anyone is impressed by posters that post
anonymously and claim experience?

You mean, like you? (What's that you say? "Arne Vajhøj" is your real name?
It's just as opaque an identification token to me as if you'd called
yourself "Gurmax the Conqueror" or "User23125" -- you have exactly as much,
or as little, reputation when I first see your newsposts. So I'd have had
the same prior probability distribution regarding your techie expertise
with any name you'd used. Higher than average for the wider population,
because you a) use usenet and b) post routinely to a comp.* group. Elevated
more when I see your posts where you seem to know a fair bit about Java.
Somewhat lowered when I see you take a sometimes arrogant and overbearing
tone, which may mean you're puffing yourself up some, and lowered further
if you make a serious mistake or a particularly silly argument on a
technical matter. Quiet, non-overweening confidence without arrogance would
have the opposite effect and mistakes are made up for by accurate technical
material later (as judged either against superior knowledge, official
reference materials, or because when it's tested it works, with the latter
being the final court of appeal for either side).)

 

[Arne Vajhøj]

On 06/01/13 17:53, Lew wrote:
lipska the kat wrote:
Arved Sandstrom wrote:
lipska the kat wrote:
Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

It's a conclusion based on the stated evidence. Your use of imprecise
language,
hand-waving and misstatement of others' points does not provide
evidence that
you are in a position, or possess the knowledge, to discuss the problem.

And here we are again.

In my many years of experience working in software teams using many
different languages, methodologies and processes,

Do you think anyone is impressed by posters that post
anonymously and claim experience?

You mean, like you? (What's that you say? "Arne Vajhøj" is your real name?
It's just as opaque an identification token to me as if you'd called
yourself "Gurmax the Conqueror" or "User23125" -- you have exactly as much,
or as little, reputation when I first see your newsposts. So I'd have had
the same prior probability distribution regarding your techie expertise
with any name you'd used.

If you say so - I can not argue against you when it comes to how
you think.

But most people have better information seeking skills.

Arne

 

[Twirlip of the Mists]

On 1/6/2013 1:21 PM, lipska the kat wrote:
On 06/01/13 17:53, Lew wrote:
lipska the kat wrote:
Arved Sandstrom wrote:
lipska the kat wrote:
Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

It's a conclusion based on the stated evidence. Your use of imprecise
language,
hand-waving and misstatement of others' points does not provide
evidence that
you are in a position, or possess the knowledge, to discuss the problem.

And here we are again.

In my many years of experience working in software teams using many
different languages, methodologies and processes,

Do you think anyone is impressed by posters that post
anonymously and claim experience?

You mean, like you? (What's that you say? "Arne Vajhøj" is your real name?
It's just as opaque an identification token to me as if you'd called
yourself "Gurmax the Conqueror" or "User23125" -- you have exactly as much,
or as little, reputation when I first see your newsposts. So I'd have had
the same prior probability distribution regarding your techie expertise
with any name you'd used.

If you say so - I can not argue against you when it comes to how
you think.

But most people have better information seeking skills.

What the hell is that supposed to mean?

That there's a bunch of stuff out there findable with Google saying "Arne
Vajhøj is the bee's knees"? Why should I consider that especially credible?
Or presume that someone posting to some newsgroup as "Arne Vajhøj" from a
public NNTP server is the same Arne Vajhøj? First of all, it could be a
fake. I could post from there as "Albert Einstein" and not magically be an
expert on relativity physics, but hope to fool someone into thinking I was.
Secondly, maybe "Arne Vajhøj" is the "John Smith" of your country and every
third person there is named that. So there's no need to even assume bad
faith. Oh, are you still a bit sore that I insinuated that maybe you might
be someone trying to ride on someone else's reputation, before saying I
don't actually think so? Well, that ought to make up for your insinuating
that I have poor google-fu then.

 

[Arne Vajhøj]

On Sun, 06 Jan 2013 21:07:14 -0500, Arne Vajhøj wrote:

On 1/6/2013 1:21 PM, lipska the kat wrote:
On 06/01/13 17:53, Lew wrote:
lipska the kat wrote:
Arved Sandstrom wrote:
lipska the kat wrote:
Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

It's a conclusion based on the stated evidence. Your use of imprecise
language,
hand-waving and misstatement of others' points does not provide
evidence that
you are in a position, or possess the knowledge, to discuss the problem.

And here we are again.

In my many years of experience working in software teams using many
different languages, methodologies and processes,

Do you think anyone is impressed by posters that post
anonymously and claim experience?

You mean, like you? (What's that you say? "Arne Vajhøj" is your real name?
It's just as opaque an identification token to me as if you'd called
yourself "Gurmax the Conqueror" or "User23125" -- you have exactly as much,
or as little, reputation when I first see your newsposts. So I'd have had
the same prior probability distribution regarding your techie expertise
with any name you'd used.

If you say so - I can not argue against you when it comes to how
you think.

But most people have better information seeking skills.

What the hell is that supposed to mean?

That there's a bunch of stuff out there findable with Google saying "Arne
Vajhøj is the bee's knees"? Why should I consider that especially credible?
Or presume that someone posting to some newsgroup as "Arne Vajhøj" from a
public NNTP server is the same Arne Vajhøj? First of all, it could be a
fake. I could post from there as "Albert Einstein" and not magically be an
expert on relativity physics, but hope to fool someone into thinking I was.
Secondly, maybe "Arne Vajhøj" is the "John Smith" of your country and every
third person there is named that. So there's no need to even assume bad
faith. Oh, are you still a bit sore that I insinuated that maybe you might
be someone trying to ride on someone else's reputation, before saying I
don't actually think so? Well, that ought to make up for your insinuating
that I have poor google-fu then.

I think you just proved that.

Arne

 

[Twirlip of the Mists]

On 1/6/2013 9:18 PM, Twirlip of the Mists wrote:
On Sun, 06 Jan 2013 21:07:14 -0500, Arne Vajhøj wrote:

On 1/6/2013 1:21 PM, lipska the kat wrote:
On 06/01/13 17:53, Lew wrote:
lipska the kat wrote:
Arved Sandstrom wrote:
lipska the kat wrote:
Richard Maher wrote:
On 12/29/2012 09:43 PM, Arne Vajh�j wrote:

[snip]

It's a conclusion based on the stated evidence. Your use of imprecise
language,
hand-waving and misstatement of others' points does not provide
evidence that
you are in a position, or possess the knowledge, to discuss the problem.

And here we are again.

In my many years of experience working in software teams using many
different languages, methodologies and processes,

Do you think anyone is impressed by posters that post
anonymously and claim experience?

You mean, like you? (What's that you say? "Arne Vajhøj" is your real name?
It's just as opaque an identification token to me as if you'd called
yourself "Gurmax the Conqueror" or "User23125" -- you have exactly as much,
or as little, reputation when I first see your newsposts. So I'd have had
the same prior probability distribution regarding your techie expertise
with any name you'd used.

If you say so - I can not argue against you when it comes to how
you think.

But most people have better information seeking skills.

What the hell is that supposed to mean?

That there's a bunch of stuff out there findable with Google saying "Arne
Vajhøj is the bee's knees"? Why should I consider that especially credible?
Or presume that someone posting to some newsgroup as "Arne Vajhøj" from a
public NNTP server is the same Arne Vajhøj? First of all, it could be a
fake. I could post from there as "Albert Einstein" and not magically be an
expert on relativity physics, but hope to fool someone into thinking I was.
Secondly, maybe "Arne Vajhøj" is the "John Smith" of your country and every
third person there is named that. So there's no need to even assume bad
faith. Oh, are you still a bit sore that I insinuated that maybe you might
be someone trying to ride on someone else's reputation, before saying I
don't actually think so? Well, that ought to make up for your insinuating
that I have poor google-fu then.

I think you just proved that.

OK, it's obvious you have little else to offer tonight but childish
name-calling.

TTFN.

 

[Arved Sandstrom]

On 1/6/2013 5:27 AM, lipska the kat wrote:
On 05/01/13 00:22, Richard Maher wrote:

[snip]

In a SOA world each service will be responsible for its
own business logic.

One definition of an SOA is that

Services are unassociated, loosely coupled units of functionality that
have no calls to each other embedded in them <wikipedia>

This being the case then it will be even more important to manage the
possible combinations of what will effectively be calls on your business
logic. You can't simply allow your various departments to publish a
random collection of services and let anyone combine them in any way
they like. As I see it a SOA while providing maximum flexibility
clientside will be even more dependent on some central repository of
rules that will need to be applied at some stage in the interaction
lifecycle. Allowing different interpretations of critical business
process will surely be an invitation to chaos and disaster.

It is definitely not SOA if the service provider want to
dictate how the service consumer uses the service.

Arne

I know where you are coming from, Arne, but in practise there are truly
public services and there are controlled ones. As an example of the
latter, a web service exposed through an ESB (abstraction layer), with a
real service in Java, and the entire kit and kaboodle is an API for
renewing vehicle permits and related vehicle/driver information, for a
government MV registry.

This WS/service requires pre-payment, and a larger system which manages
notifications.

In practise such a service will always be called in a controlled
fashion, usually via a website, or by vetted applications.

AHS