JavaOne 2012 roundup

My first JavaOne ever is over. Had a great time there. San Francisco is a great city, and the weather was perfect, a least the first couple of days. I did enjoy all keynotes, especially of course the Java Community Keynote with James Goslings‘ surprise visit and presentation. Most sessions I‘ve attended were really great. […]

Total failure of Java security

Wow, that’s a sentence I believed I would never write in my professional life: deactivate Java in your web browser immediately! In any browser and on any operating system. Instructions are e.g. available here and normally on your browser manufacturer home page. Turning it off does not have an impact on normal Java applications, those […]

Nasty NullPointerException in org.springframework.beans.factory.BeanDefinitionStoreException

I had a lot of trouble with Camel 2.9.2/Spring 3.0.7 projects lately (though the issue is related to Spring, not Camel). During development, a lot of server starts (I used VMware vFabric tc Server Developer Edition v2.7, but others seem to be affected as well) failed with a really nasty exception: org.springframework.beans.factory.BeanDefinitionStoreException: Unexpected exception parsing […]

Integrating Jenkins build results into JIRA issues

After linking Subversion (or Git) with JIRA, the build server looks like a worthwhile target too. Aim of the JIRA integration for Jenkins is to link JIRA issues with the resulting build artifact and to answer the question “Which build contains the bug fix for issue 1234?”. The Jenkins JIRA plugin therefore updates the JIRA […]

Get ready for the Java Forum Stuttgart 2012

July 5th 2012 is coming closer, and with that the Java Forum Stuttgart as well as my (German) session Sichere Software vom Java-Entwickler. This session will give you some ideas and recommendations for all of the problems and risks mentioned in the current OWASP Top 10. Since 10 is quite a number for 45 minutes, […]

Security is every developer’s job

In one of his latest blog posts published in the OWASP feed, Dinis Cruz points out, that secure development and application security itself must be invisible to developers. I can’t completely agree to that. On one side, Dinis is right: The frameworks we use must be way more secure out of the box and way […]