I’m a huge fan of code generators. I’ve seen them used successfully in many different ways. In the Java world, for example, the Xdoclet parser is commonly used to generate object code and ORM mappings based on database schema — a huge timesaver. I’ve also seen creative uses of XSTL transforms and Velocity templates for handily generating all kinds of program code. There are generally two ways to take advantage of code generators. One is for software developers to invoke the code generators on demand, as they program. The other is to incorporate code generators as part of a “daily build” (i.e. some automated build process using Ant, Maven, another build tool, or handcrafted scripts/batch files). Lately, I’ve gotten soured on the latter. Continue Reading »

Read more: Software Development | Comments Off

Something to watch out for with initialization code is that “final” has three different meanings depending on where it’s used, and it’s easy to get confused. For example, a common mistake is that setting a Collection to final doesn’t make the contents immutable, only the reference to the collection is immutable.

Read more: Programming | Comments Off

On Role-Based Security and Segregation of Duties

Jim Fleischmann is a security consultant who audits companies for Sarbanes-Oxley compliance [defined]. He and I recently compared notes. As a software developer who has often worked on role-based security systems, it was wonderful for me to get his perspective on where the rubber meets the road. As you might imagine, his feedback was quite different from the usual feedback I’d get through channels (QA bug reports, customer service support tickets, etc.) The following is my recollection of what we covered. I’ll start with Jim’s observations, and then follow up with my own.
Continue Reading »

Read more: Architecture and Design | Comments Off