Mar 262008

First off, let me just say that I don’t like any rich text editors very much. They are all a messy mix of HTML, JS, CSS, etc. There isn’t anything out there that is truly clean, feature rich and performs well. FCK has always been my least favorite, but I thought I would try 2.6 BETA and I was surprised at how much they added and updated things. This release has better dialogs and a smoother JavaScript experience. It is also less static and easier on AJAX apps.

Anyways, back to the point. JCatapult applications all use SiteMesh for templating and decoration. They actually have to because of our componentization model, otherwise components would be coupled to specific decoration or worse require tons of configuration (anyone interested in this concept contact me directly). Well, SiteMesh decorates your HTML using the GoF decorator pattern. Essentially the servlet container renders your JSPs or FTLs. That HTML is written out to the output stream, which SiteMesh has nicely intercepted being as it is a Filter. Once all the other Filters and servlets in your app complete, SiteMesh post processes the request, parse the HTML and decorates it. Very simple. The issue is that FCK editor uses HTML, JS, and CSS inside iframes in order to work its magic. Very ugly. What happens is that SiteMesh might end up decorating requests for FCK files. FCK REALLY doesn’t like this and usually you’ll end up with one of these symptoms:

  • No edit area, just the toolbar
  • Empty dialog boxes
  • Totally borked drop-shadows on dialogs

The quick fix, just tell SiteMesh to ignore FCK. You can accomplish that inside decorators.xml using an exclude:

Mar 252008

I’m setting up a shared database server in a data center and I don’t have any direct connections between the machines that are local (i.e. meaning they only connect between boxes and don’t let external traffic in), no firewalls, no routes or any networking goodies. These machines only have a single ethernet card that accepts connections from anywhere. So, my concern is that my new database server needs to allow the other servers in the cluster access to MySQL without opening it up to everyone in the world, which might allow hackers access. Instead, I want to lock things down so that only certain machines can connect to MySQL and everyone else is rejected.

In order to pull this off, I’m making use of iptables, which allow me to control how IP packets are handled by the kernel. There are loads of materials out there on iptables, so I won’t go into how it works exactly. Instead, I’ll just show you all how I did it. All these commands are run as root (via sudo or as root directly):

This allows access on port 3306 (MySQL default) to only two IP addresses and drops all other traffic on the floor. I can add as many IPs as I want by repeating the second command with a different IP.

Mar 072008

With Grails, Rails, Python, etc offering developers the chance to change code, hit refresh and see the changes I often wonder if reload truly a feature that is a must have these days? It seems like it is one of the main selling point by most of the folks pushing those frameworks.

I think this is not a requirement, and doesn’t really increase productivity. Here’s why:

  • This promotes less tested code as you can code an entire app without testing at all by simply hitting refresh
  • The testing cycle is lengthy by nature, so you do any testing during development, it is going to take some time
  • Rather than using reload, if you use the development cycle of write, test, run or test, write, run, than starting up the application incurs minimal overhead in addition to running the tests
  • So, what are we really trying to accomplish while developing? Better code, less code, better tests, faster development. These things seem to imply great conventions and excellent extensibility and not reloading.