Recently Java EE 7 specification goes into final. Next week (June 12) oracle going to release the Java EE 7 specification and Glass Fish 4 as reference implementation to general availability.
Java EE 7 adds more features like JSF 2.2, Servlet 3.1, Json Processing, websocket support, etc..
click here about the spec.
In this post i'm going walk through in JSF 2.2
JSF 2.2 is added more features, and JSF as a main presentation layer of Java EE platform. compare to JSP, jsp is not getting more feature, they just add maintenance release.
Features of JSF 2.2
This is most awaited feature in JSF, now we can build the file upload feature in web application without any 3rd party libraries.
i am going to cover this topic in another post.
Faces flows provides to create the JSF web application in modular way, each module is self contained pages , own backing beans and entry and exit points. Its make the module more reusable.
Faces flows are inspired from Spring Web Flows and Oracle Task Flows
Arun Gupta described his post about Faces Flows
HTML5 is future of the web, old JSF libraries are doesn't support HTML5 tags and attributes like placeholder attribute in input field tag, etc.
<h:inputText value="#{backingBean.field}" p:placeholder="Enter text" />
CSRF is one kind of security attack, Its make the request on existing session.
For example i opened the Tomcat Manager web application and i logged in, now i try to open another web site in different tab, now that website try to execute the code like
http://localhost:8080/manager/html/stop?path=/app1
then browser make the request to that server (localhost:8080), browser already have session, so that server stop the application.
so we need to add CSRF protection token for every request, if token is not found or invalid then that request is not proceed further, server ignores the request
tomcat 7 uses own CSRF token
http://localhost:8080/manager/html/stop?path=/app1&org.apache.catalina.filters.CSRF_NONCE=CEF9F082EF983140038CF804CA81F29E
here tomcat 7 adds the CSRF token
now JSF 2.2 we can declaratively add the CSRF token to protecting the resources from CSRF attacks
Multi Templating is another feature to add more templates (Layout, skins), to web applications.
so we can change the template in run time like wordpress we can change the themes,
just put the theme jar file in classpath, Java platform discovered and apply the templates.
If u have any comments welcomed
Java EE 7 adds more features like JSF 2.2, Servlet 3.1, Json Processing, websocket support, etc..
click here about the spec.
In this post i'm going walk through in JSF 2.2
JSF 2.2 is added more features, and JSF as a main presentation layer of Java EE platform. compare to JSP, jsp is not getting more feature, they just add maintenance release.
Features of JSF 2.2
- File Upload Component
- Faces Flow
- HTML5 Support
- Cross Site Request Forgery Protection (CSRF)
- Multi-Templating
File Upload Component
This is most awaited feature in JSF, now we can build the file upload feature in web application without any 3rd party libraries.
i am going to cover this topic in another post.
Faces Flows
Faces flows provides to create the JSF web application in modular way, each module is self contained pages , own backing beans and entry and exit points. Its make the module more reusable.
Faces flows are inspired from Spring Web Flows and Oracle Task Flows
Arun Gupta described his post about Faces Flows
HTML5 Support
HTML5 is future of the web, old JSF libraries are doesn't support HTML5 tags and attributes like placeholder attribute in input field tag, etc.
<h:inputText value="#{backingBean.field}" p:placeholder="Enter text" />
Cross Site Request Forgery Protection (CSRF)
CSRF is one kind of security attack, Its make the request on existing session.
For example i opened the Tomcat Manager web application and i logged in, now i try to open another web site in different tab, now that website try to execute the code like
http://localhost:8080/manager/html/stop?path=/app1
then browser make the request to that server (localhost:8080), browser already have session, so that server stop the application.
so we need to add CSRF protection token for every request, if token is not found or invalid then that request is not proceed further, server ignores the request
tomcat 7 uses own CSRF token
http://localhost:8080/manager/html/stop?path=/app1&org.apache.catalina.filters.CSRF_NONCE=CEF9F082EF983140038CF804CA81F29E
here tomcat 7 adds the CSRF token
now JSF 2.2 we can declaratively add the CSRF token to protecting the resources from CSRF attacks
Multi - Templating
Multi Templating is another feature to add more templates (Layout, skins), to web applications.
so we can change the template in run time like wordpress we can change the themes,
just put the theme jar file in classpath, Java platform discovered and apply the templates.
If u have any comments welcomed