In association with heise online

JSON as a working partner

For the latter option, the Java API for JSON Processing is now available as a tool for working with JSON (JavaScript Object Notation). It offers both a streaming API (JsonParser, JsonGenerator) and a DOM API (JsonReader, JsonWriter). While the first API is event driven, the second can be used to work on the object level. Only JsonGenerator is required to write JSON to System.out via the Streaming API:

JsonGeneratorFactory factory = Json.createGeneratorFactory();
JsonGenerator gen = factory.createGenerator(System.out);

Individual objects can be added directly to the output:

gen.writeStartObject().write("Java EE", "7").write("The H",

The JsonWriter can also go beyond this and allow for the writing of specialised JSON data types:

JsonArray jsonArray = new JsonArrayBuilder().add(new JsonObjectBuilder()
.add("Java EE","7")).add(new JsonObjectBuilder()
.add("The H","Developer")).build();

On the surface

In keeping with the aim to support modern web technologies, JSF is now able to communicate with HTML5-compliant markup. Previously, the JSF components discarded custom data-* data attributes without rendering them. A new JSF tag is available to provide this functionality.

<h:inputText value="#{}">
<f:passThroughAttribute name="data-length" value="10"/>

All JSF components understand the new approach, and numerous further changes have arrived together with this small modification. Among the most important changes are the new view actions that can bind request variables to the model, an AJAX-based file upload component, the introduction of stateless views, and a revised CDI (Contexts and Dependency Injection) integration complete with scope adjustments. Faces Flow is one of the major new feature packages and provides navigation extensions that make it easier to present guided dialogs to users. These "wizards" allow for a developer to include a defined dialog sequence as well as a custom data validity range. Flows can be directly used in Facelets via the <f:metadata> tag, but they can also be program-generated. Like implicit navigation components, they are started directly as actions, for example via:

<h:commandLink value="Enter flow" action="someFlowName" />

If defined, an associated JavaBean will be available during the flow:

@FlowScoped(id = "someFlowName")
public class SomeBean {
public String someReturn() {
return "/somePage.xhtml";

At your service

Behind the new Servlet version are, mainly, three minor extensions. The most important aspect is the implementation of the protocol upgrade that has been possible since HTTP 1.1 (RFC 2616) – this mechanism is what makes the new WebSockets specification possible. It is handled by the new javax.servlet.http.HttpUpgradeHandler. Specification lead Shing Wai Chan provides a nice example on his blog.

Changes have also been made relating to security. For example, the specification previously only protected HTTP methods that were explicitly defined in web.xml. This often only included GET and POST. The rest (HEAD, PUT, DELETE etc) remained unprotected, at least by default. This process can now be reversed to protect everything that hasn't explicitly been made available (<deny-uncovered-http-methods/>). The specification leads have also introduced new "each authenticated user" semantics to simplify checking the sum total of all roles. There is one differentiation: "*" refers to any role that is defined in web.xml, while "**" refers to each authenticated user.

Much is gained

Significant improvements have been made relating to the cooperation with the Bean Validation specification. Method parameters can now be validated not just with standard validators (@NotNull) but also via custom, user-defined constraints. This describes the most important new Bean Validation aspect. In addition to method validations, it is now possible to conduct constructor validations, and the developers have also improved the integration into the CDI specification accordingly, for example, it is now possible to use @Inject in validators. Developers can now use expression language components in messages, which creates a significantly more flexible display.

javax.validation.constraints.DecimalMax.message= Must be less
${inclusive == true ? 'be equal to ' : ''}{value}

Version 3.0 of the Expression Language (EL) supports new operators as well as collections and Lambda expressions. However, the latter will only be available under Java SE 8. The EL can now be used on its own:

ELProcessor el = new ELProcessor;
Object result = el.eval("'Hello, ' +");

It is also possible to add custom resolvers or classes. Custom type converters and EvaluationListeners complete the picture and turn the EL into a fully independent and powerful specification.

Next page: Concurrency, WebSockets, JMS, batches

Print Version | Permalink:
  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit