JavaOne starts next Monday

If nothing goes wrong I’ll be next week in San Francisco "attending" JavaOne. "Attending" means I’ll just go to the RedMonk Unconference on Monday CommunityOne and networking at the evening parties (as usual)

I’ll drive from LA to SF on Friday or Saturday and back the next weekend, hopefully doing some sightseeing, anyone around for a drink during the weekend ?

AJAX with Yahoo UI components and DWR

I’ve been playing lately with YUI, the Yahoo User Interface library. So far I’ve used the autocomplete and treeview components, and I have to say they are quite easy to use and very complete. I had used autocomplete before, but YUI autocomplete has a lot of configuraiton options and all of them really well documented, like caching or being able to easily use it as a normal dropdown when the user just clicks on the field without typing anything. Event handling is also pretty easy.

DWR in the other side is a really easy way to expose your service interfaces through javascript. It is included in Appfuse if you want to see examples.

This is an example configuration that uses Spring to get the myService bean and exposes its getEmployeesByPartialName method. You can also use DWR with Spring namespaces from Spring version 2

    <create creator="spring" javascript="MyService">
      <param name="class" value="com.acme.MyService" />
      <param name="beanName" value="myService" />
      <include method="getEmployeesByPartialName"/>
      <convert converter="bean" match="com.acme.Employee"/>

Cool, isn’t it? now prepare to be scared. If you expose a method in your service through javascript users can do all kinds of nasty things. If the user needs to be logged in, not too bad, but still you will most likely need some security framework that can secure java objects and not just http request. Spring Security AKA Acegi can do that using the AOP MethodInvocation interceptor, you just need to configure what permissions needs each method.

A tricky part was integrating YUI with DWR, at least for me that haven’t done much javascript in my life. Here you can see how the html looks like for a employees dropdown that lists the ones that match what you type in the input box, querying the service for the values. The values received can be any object, not just strings, in populateArray you can see how the values to display and the ids are stored for later retrieval.

<input type="text" id="employeeList" />
<div id="employeeListAutocomplete" class="autocomplete"></div>
<script type="text/javascript">
     <!-- populate suggestions array -->  
     function populateArray(dataFromServer, dataFromBrowser){
      for (var i = 0; i < dataFromServer.length; i++) {
       <!-- each employee object has a firstName and lastName property -->
       dataFromBrowser.push([dataFromServer[i].firstName + ' ' + dataFromServer[i].lastName, dataFromServer[i].partyId]);
     <!-- call dwr remote method and returns suggestions --> 
     function getEmployees(sQuery){
      var aResults = [];
      var callbackProxy = function(results){
          populateArray(results, aResults); 

      <!-- disable async req ! --> 
      var callMetaData = { callback:callbackProxy, async:false}; 
      <!-- Call remote method --> 
      MyService.getEmployeesByPartialName(sQuery, callMetaData); 

      return aResults; 

    var managerAutoComp;

    YAHOO.example.ACJSFunction = new function(){
        <!-- Instantiate JS Function DataSource -->
        this.employeesDS = new YAHOO.widget.DS_JSFunction(getEmployees);
        this.employeesDS.maxCacheEntries = 50;
        <!-- Instantiate Employee AutoComplete -->
        this.employeeAutoComp = new YAHOO.widget.AutoComplete('employeeList','employeeListAutocomplete', this.employeesDS);
        this.employeeAutoComp.minQueryLength = 0;
        this.employeeAutoComp.maxResultsDisplayed = 50;
        this.employeeAutoComp.prehighlightClassName = "yui-ac-prehighlight";
        this.employeeAutoComp.useShadow = true;

        <!-- autocomplete on employee field focus without typing anything -->
            var sInputValue = YAHOO.util.Dom.get('employeeList').value;
            if(sInputValue.length === 0) {
                var oSelf = this;

        <!-- handler for employee selections -->
        this.employeeAutoComp.itemSelectEvent.subscribe(function(sType, aArgs){
            var aData = aArgs[2]; <!-- array of the data for the item as returned by the DataSource [value,id] -->
            var selectedId = aData[1];
            alert('you have selected id: ' + selectedId);

        <!-- Preload content in the container

Happy AJAX coding!

Update: fixed the code listing, I hate Roller!

JavaOne summary

The word most used was open, specially by Sun, trying to
push OpenJDK, OpenSolaris and all their other open projects.
The openness of the conference made my head go around. That’s
related to the second most used word that was…. community.
Interesting how all the big companies talk about their communities,
in which most (all?) of the people is paid by them. Two examples, the Redmonk Unconference celebrated the day previous to the conference in
the CommunityOne section, first you have to register, then they don’t
let some people in because problems with the card readers. Second,
the servlet talk from Sun where they revealed their road map for 3.0
while the some
other members of the expert group
saw it there for first time.

Besides the political movements, there were some interesting
discussions about community (again), open source and repositories at
the Unconference, that I think it was the only educative
session I went to. I don’t mean that’s the only worth, I mean it’s
the only I went to 😉 We ended at the Thirsty Bear to continue the
evangelization, and the usual (and some new) jokes about the
new company name
while drinking Albario
from home!

Tuesday was marked at the booth by an avalanche of people to get
the stamp for the Eclipse Foundation t-shirt, people really fought
for it. Hani decided to come by the booth so I told Dave to attack
and that’s why we ended
being evil
, although not individually ;). The day ended at the
Tangosol party, some kind of bachelor party after their marriage with
Oracle. After a short stop in the Irish pub for some shots the day
almost goes completely wrong for listening to some guy Club
suggestions’, that we decided to ignore and return to the hotel for
security reasons after getting there and see the people lining.

Wednesday, well, I have some gaps in my memory, I know for sure we
went to the Eclipse party, although it looked more like an Apache
party, followed by the Google party at the W hotel where things
started to go wrong. We managed to pass the Google Engineering Filter
(TM), or what it’s the same, the Google engineer playing doorman. Get
a job at Google to end at the door of a party, too sad. Even more
jokes about our
new name
, including domain registrations (what is the limit for a
geek party?), and some serious conversations with Lauren (as serious as they could be given the circumstances)
including some French practice.

After enough beer and wine we made the move for more serious
drinks to the House of Shields, while somebody of our team (don’t
ask names please) was offered a wheelchair by the hotel staff given
his conditions as we would know the following day. At the next bar I
could practice the few Russian words I know (why wouldn’t I have
listened more carefully when I was learning them!). One of the top
moments was when Dan
was randomly bitten by some drunk girl in a place
that you’ll have to imagine. What he forgot to say is that he bit her
back in the same place.

Thursday, well, let’s go to the interesting part, after a short
stop in the Thirsty Bear enjoying Spanish wine and paella and trying
to stop Debbie from stealing
my jacket, which by the way was a great success among with the gold
. We were convinced to move to another place where the
Cenqua guys were having dinner… and some more fun. As Matt

“To protect the innocent, and perhaps not so innocent, I
won’t go into too much details about who we managed to drag along.
Let’s just say it involved a little obfuscation. There were some
abstractions in the design that definitely did
leak, no matter how hard we looked.”

Which basically means that the Cenqua guys have some kind of
visual problem, or a strange taste. Well, the Cenqua guys and
Bileblog Hani, target of very embarrassing pictures, and who lost
200$ in a bet with us and will be donated to a charity of his choice.
After the unnameable place we move on to the Starlight room at the
top of the Sir Francis Drake hotel, were some random guys recognized
or very famous Sebastian
and more drinks followed until we were kicked out. Gregor
offered to continue the party on his place but it seemed wise to call
the night before getting in front of his camera. Unfortunately James
wasn’t wise enough

At the end, the usual suspects as last year, with the exception of
the Spring guys, maybe they
were too busy counting money
;). Somebody said, there are
thousands of people in this conference, but no more than 200 that
really matter. And I would add, from those 200 you get the most
networking opportunities after the conference, at the bar. Good to
meet you all, it was fun!

See you at JavaOne

I’ll be at JavaOne next week in San Francisco, starting Monday at Redmonk Unconference, and through the week around the DevZuz booth or in any of the parties.

I may blog if I have the time, but it’s pretty likely that the preferred communication method this time it’s going to be twitter, with all these crazy people using it, how sad is that? But not at the bar, that’s for sure, there the only option will be face to face.

Acegi Security 1.0.2 released

Acegi Security 1.0.2 is out, Ben was kind enough to push this
one. Good news for Maven 2 users is that Acegi can be built now with
Maven 2, ensuring that the poms in the repository are right.

From the announcement:

This release is mostly a bug fix release. Existing users can
upgrade with a simple JAR drop, although please first review the
upgrade note at SEC-340.

Some community members have inquired regarding our release roadmap:

  • We will continue to support Spring 1.2.x stream users in the
    Acegi Security 1.0.x release series. Whilst no new features will be
    added, any reported bugs will be corrected and backported to
  • New features will be incorporated into Acegi Security 1.1.0,
    which we are aiming to release prior to The Spring Experience in
    December 2006. Acegi Security 1.1.0 will also be renamed to Spring
    Security at this time, and it will require Spring 2.0 to leverage
    namespace capabilities.

Please visit the detailed changelog.

The project’s web site at
provides additional information on Acegi Security’s features, access to
online documentation, and links to download the latest release.

Acegi Security 1.0.1 released

As Ben Alex is travelling around Europe (lucky you!) I had the task of releasing the bug fix release 1.0.1, as many people were waiting for SEC-281, due to Acegi 1.0.0 requiring Spring 2.x and breaking under 1.2.x.

One of the differencies with previous releases is that this one does not provide signed jars, instead PGP signatures have been provided.

Check the detailed changelog. This release is a drop in replacement, so no upgrade steps are required.

It won’t be available through the normal Sourceforge download page (for now), the preferred method is through the Maven repository which contains the jars, javadocs and sources, with corresponding signatures.

The Acegi repository is mirrored to the central ibiblio repository, so you don’t need any extra configuration in your project.

You can still get the binary zip distribution and sources.

The Acegi web site provides additional information on Acegi Security’s features and access to online documentation.

And now back to the World Cup and the Formula 1 race 😉

Post-Javaone II – podcasting

Back from JavaOne I realised that have some pretty funny media. I’ll start a series of podcasts, starting with Rich (no names for protect 😉 ), about him around 20 years ago when he went to Spain for university and tried to ask his roommates for drawers to put his stuff. Listen to Rich in Spain. The quality of the sound is not too good as we were in a bar (as all nights).


It was a very nice week in San Francisco. It was not due to the sessions because I didn’t went to any 😉 but it was really interesting meeting people, some already well known from mailings and new ones.

From the second group it was really good to see how more and more people use Maven, and those that still don’t use it know a lot about it. The reasons not to use it also moved from other years from “my build is fine with ant” or “I don’t like the standards that Maven imposes” to “it’s something we want to do but still didn’t have the time”. The good news is that now Mergere is offering Maestro, a user friendly bundle with Maven, Continuum, a sample application, with user documentation, the “Better Builds with Maven” book, a nice installer and using a faster repository, which many people would appreciate, as the fact that everything is completely free and open source (which is not always the same).

From the first group aka “the usual suspects”, I’d like to point out that after some drinks geeks start being more talkative ;). The ones that deserve special mention for their abilities with the glass are Rob Harrop (Spring), Gregor Hohpe (Google), Dan Diephouse (XFire) aka seXFire, Hani (The Bile Blog), and the ever present David Blevins (Geronimo), Dain Sundstrom (Geronimo) , James Strachan (LogicBlaze), Hiram Chirino (LogicBlaze),… I’m sure I forget people but I have an excuse… I was trying to keep up with them!

Also wednesday I went to see the Champions Leage final, playing Barcelona-Arsenal. It was a lot of fun watching it with the guys as I was the only spaniard around against a bunch of britons, but of course at the end we won 2-1. A really good game.

Sun jars available in Maven repo

Kohsuke has uploaded Activation 1.1 and JavaMail 1.4 to the Maven 1 repository in

I uploaded them to the Maven 2 repo at iBiblio, improving the poms: activation and javamail, if you want to use them you can add one of the following dependencies to your pom. You only need one because javamail depends on activation and brings it in.


Make sure your project uses these versions so your users don’t need to download the jars from Sun.