Arquivo da categoria: Java

Notes About Clouds

Which of the following are reasons that username/password logins and session cookies are not ideal for mobile clients?
It isn't possible to easily revoke access to a single app
Changing your password can revoke access to every app that uses it

Which of the following analogies is most appropriate for describing OAuth 2.0?
A valet key for a car

What is the purpose of a password grant in OAuth 2.0?
To obtain a token required for access to one or more resources on the system
To authenticate the user

How is a bearer token used?
It is provided in the Authorization header of a request to prove a client's identity

Which of the following is an example of horizontal scaling?
Adding a new server to support additional load for an application

Which of the following are accurate statements about stateless applications?
They typically allow requests to be routed to any node running an application instance

What is auto-scaling?
Automated addition or removal of computing resources to adapt to changes in an application's load, failures, etc.

Enjoy
Marcos Carvalho

Notes About Spring e Retrofit

Which of the following are true statements about the Retrofit library?
It can be used to provide strong typing for interactions with HTTP-based cloud services
It can automatically marshall Java objects into HTTP request bodies

Which of the following are reasons to use dependency injection?
To reduce the amount of manually written configuration code that is needed to "wire" an application together
To help decouple one or more classes from their dependencies

What is @Autowired used for?
To indicate that one or more of a class' dependencies should be automatically provided through dependency injection

Which of the following are true of object relational mapping?
It is used to aid in persisting instances of Java objects into a database

Which of the following statements are true of the code shown below:

@RequestMapping("/some/path")
public @ResponseBody List<Video> findVideos(@RequestParam("title") String videoTitle){
String query = "select * from video where video.title = '"+videoTitle+"'";
return executeDatabaseQuery(query)
}

@RequestParam will NOT filter the title parameter and the code could suffer from an SQL injection attack
Arbitrary logic could potentially be injected into the query

Which of the following are true of Spring JPA Repositories?
The implementations of repository interfaces are automatically created by Spring

Enjoy
Marcos Carvalho

Notes about Spring Dispatcher

Which of the following are true of Java annotations?
They can be used to provide metadata for methods and other Java constructs.

 

Which of the following are true statements regarding the Spring DispatcherServlet?
It is used to route requests to Spring Controller objects.
It can invoke different methods on a Controller object depending on the request path.

 

Which of the following are uses of the @RequestBody annotation?
To indicate to Spring that the body of an incoming HTTP request should be unmarshalled to provide the value for a parameter of a method annotated with @RequestMapping.

 

@RequestParam can be used if the HTTP request has a multipart body.

 

Which of the following are true of @ResponseBody?
@ResponseBody helps to decouple Controller method logic from HTTP-specific protocol details.
@ResponseBody indicates that the return value from a Controller method should be used to produce the body of the HTTP response.

 

Which of the following are true statements about an Application class, such as the Application class in the examples?
It can be used to provide configuration information to Spring.
It does not have to inherit from a Spring-specific super class.
With Spring Boot and the appropriate annotations, it can be used to setup a Dispatcher servlet.
It can provide a main() method to launch Spring Correct.

 

Which of the following are true statements about JSON?
It can be used to express the state of a Java object.
It can be used to express arrays of objects.
It is a text-based format.

 

Enjoy
Marcos Carvalho

Notes About HTTP and Servlets

Which of the following are correct statements regarding HTTP polling?
Since a client does not have direct access to any server-side state, the client may waste resources by polling the server for updates when there are none.
Dynamically adapting the polling interval is one approach to reducing unnecessary HTTP requests.
Polling can generate excess load on a server if the polling interval is too short.

 

Which of the following are true of Push Messaging?
If the state that needs to be pushed to a client is extremely sensitive, a "push to poll" model where the server sends a push notification and then the client polls for a state update is most appropriate
If the state that needs to be pushed to a client is extremely large (e.g., multiple megabytes), a "push to poll" model where the server sends a push notification and then the client polls for a state update is most appropriate
Push messaging relies on a persistent connection between a mobile device and a push messaging system's servers

 

Which of the following are true statements about Servlets?
A servlet has doXXXX methods for each type of request method that can be sent to the server

 

Which of the following is true about handling client input data in a servlet?
A servlet can access url encoded parameters placed in the body of a request sent by a client
A servlet can access URL query parameters sent by a client

 

Which of the following are true statements regarding request routing and servlets?
A web.xml file can be used to specify which requests should be routed to which servlets
Requests can be routed to different servlets based on the resource path specified in the request

 

Which of the following could lead to an injection attack?
Failing to verify that the type of data sent to the server is what was expected
Storing client-provided data without filtering it and then resending it to other clients
Allowing client-provided data to control an execution path involving sensitive data
Echoing executable client-provided data back to the client without filtering it

 

Which of the following are true statements regarding client-provided data?
None of the below are correct:

  • Careful filtering of client-provided data is not needed if only one type of client is expected to ever use a cloud service
  • Careful filtering of client-provided data is not needed if the same developer writes the mobile client and the cloud service
  • Because client-provided data is so hard to filter, a cloud service should never accept a body in an HTTP request
  • Client-provided data in URL query parameters is always safer than the same data provided in a URL encoded request body

 

Enjoy
Marcos de Carvalho Oliveira

Exceptions Java

  • Exceptions thrown by JVM

1. ArrayIndexOutOfBoundsException
Thrown when attempting to access an array with an invalid index value (either negative or beyond the length of the array).
Example :
int[] ia = new int[]{ 1, 2, 3}; // ia is of length 3.
System.out.println(ia[3]); //exception !!!

2. ClassCastException
Thrown when attempting to cast a reference variable to a type that fails the IS-A test.
Example :
Object s = “asdf”;
StringBuffer sb = (StringBuffer) s; //exception at runtime because s is referring to a String.

3. NullPointerException
Thrown when attempting to call a method or field using a reference variable that is pointing to null.
Example :
String s = null;
System.out.println(s.length()); //exception!!!

4. ExceptionInInitializerError
Thrown when any exception is thrown while initializing a static variable or a static block.
Example :
public class X { int k = 0;
static{
k = 10/0; //throws DivideByZeroException but this is wrapped into a
//ExceptionInInitializationError and thrown outside.
}
}

5. StackOverflowError
Thrown when the stack is full. Usually thrown when a method calls itself and there is no boundary condition.
Example :
public void m1(int k){
m1(k++); // exception at runtime.
}

6. NoClassDefFoundError
Thrown if the Java Virtual Machine or a ClassLoader instance tries to load in the definition of a class (as part of a normal method call or as part of creating a new instance using the new expression) and no definition of the class could be found. The searched-for class definition existed when the currently executing class was compiled, but the definition can no longer be found.
Example :
Object o = new com.abc.SomeClassThatIsNotAvailableInClassPathAtRunTime(); // exception at runtime.

 

  • Exceptions thrown by Application Programmer

1. IllegalArgumentException
Thrown when a method receives an argument that the programmer has determined is not legal.
Example:
public void processData(byte[] data, int datatype)
{
if(datatype != 1 || datatype != 2) throw new IllegalArgumentException();
else …
}

2. IllegalStateException
Signals that a method has been invoked at an illegal or inappropriate time. In other words, the Java
environment or Java application is not in an appropriate state for the requested operation. Note that this is
different from IllegalMonitorStateException that is thrown by JVM when a thread performs an operation
that it is not permitted to (say, calls notify(), without having the lock in the first place).
Example:
Connection c = …
public void useConnection()
{
if(c.isClosed()) throw new IllegalStateException();
else …
}

3. NumberFormatException
It extends from IllegalArgumentException. It is thrown when a method that converts a String to a number
receives a String that it cannot convert.
Example:
Integer.parseInt(“asdf”);

4. AssertionError
Thrown to indicate that an assertion has failed i.e.when an assert statement’s boolean test expression returns false.
Example:
private void internalMethod(int position)
{
assert (position<100 && position >0) : position;
}

Enjoy
Marcos Carvalho