Posts

Showing posts from April, 2011

Java ThreadLocal and It's use

Have you ever wondered about accessing you HTTPServletRequest object (or any other contextual/scoped object) in a non web class? What I mean by non web class is any class that does not goes through a web request/response initialization life cycle. HttpServlet is a web class because web container initializes and provides the HttpServletRequest and HttpServletResponse objects.
Let’s say you have a POJO and you want to initialize few properties/variables of it from request object/parameters. Since the POJO is plain class it by default does not have access to the request object, then how to get access if current request Object? We have two options:
1.Override the public constructor of POJO class to accept HttpServletRequest as an argument e.g. public MyClass(HttpServletRequest request) { }
When we are forcing a class’s constructor to accept an Object, we always need to make sure that we are passing it and the class is tightly coupled with the underlying implementation. Also, we can not instan…

Sling Authentication

Image
User authentication is core of any application; it can be a desktop application, a web application or a web service. CQ is a tool that is mainly used for building component based web sites and provides content management capabilities. The underlying frameworks Apache Felix and Sling together provide the foundation for CQ’s authentication capabilities.
Let’s explore the web authentication in brief and then I’ll try to explain the CQ’s authentication in detail. Authentication for web application mainly works on request/response headers, session and cookies.
Request/response based authentication: When a page is requested from a web server, the server looks for some specific information in header (to be specific in request “Authorization” header) and if information is available in header then that information is used by server to validate a user. So Authorization header can contain the credentials in Basic form or Digested form. The basic authentication header has following format:
Authoriza…

CQ - Component Design/Development best practices

Image
One of the main aims that CQ focuses on is, component based development. In my last post I have tried to give an overview of components and in this post I am going to explain some best practices that we can follow for designing/developing CQ components.
Following are the main points that we should consider before developing a component: 1)What is the main function of a component? 2)Is the component going to be only UI component or is there some business logic associated with it? 3)If a component has some business logic associated with it then is it going to be same for all websites? 4)Is this component is abstract i.e. component itself does not provide any functionality but other components will be inheriting from it and will be adding their own logic (UI or business)?
Once we have decided purpose of component we need to jump on developing it (by writing JSP, CSS, JS and Java code). So, while developing components we should try to follow some best practices and conventions that helps our pe…