Welcome!

Duncan Mills

Subscribe to Duncan Mills: eMailAlertsEmail Alerts
Get Duncan Mills via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Duncan Mills

Application security - the art of applications defending themselves - represents an important line of defence in an overall in-depth security strategy. Web applications that follow the Model-View-Controller (MVC) architecture can, and should, have security implemented on all three layers. Normally it's the controller component that handles page authorization in MVC, the view layer that hides controls and information based on user authorization, and the model that enforces the business rules and input validation. However, it's up to the developer, based on an individual security policy and the programming technology used, to decide where to put security. Using pluggable validator components in JavaServer Faces (JSF), for example, developers may decide to verify user input on the view layer as well as on the model layer.  JavaServer Faces, the new J2EE standard for b... (more)

i-Technology Viewpoint: Thoughts on the Java Community

Community was a recurring theme at JavaOne, this year, and indeed at many of the Java User Groups that I've participated in recently. The Java Community (with a big C): a global tribe converging on programming nirvana where all is open, free and yet somehow affords us all a decent living. The community vision itself is not something I have a beef with, indeed I like to belong, I like to contribute, and importantly I can afford to - so I do. The community raised me, so to speak, nurturing me through technology transitions, and delivering timely advice through the "Village Voice" of ... (more)

J2EE vs .NET: Where Is Application Development Going?

Where is application development going? What's the next cool thing? You may have answers to these questions, your answers may be the same or different to mine or anyone else's. The point is we just don't really know, and that's a problem. Saying to the manager of enterprise development shops "Oh yes just standardize on J2EE and everything will be fine" is not going to cut it. These folks are savvy enough to know that J2EE is a minefield of choice in standards and APIs. They need and deserve more direction than that. So you can make a suggestion as to a good set of technologies to u... (more)

XML Heaven or XML Hell?

"With proper markup/logic separation, a POJO data model, and a refreshing lack of XML..." So begins the introduction to one of the current crop of open source Web application frameworks on its Web site. Sadly this seems to be a common sentiment within the Java framework development community; the phrase "XML Hell" is thrown around with the same vehemence once reserved for the "DLL Hell" so characteristic of early versions of Microsoft Windows. Is this wisdom genuine or apocryphal? In this article I will examine some of the reasons why anti-XML sentiment is misguided. The Roots o... (more)