Advanced Java Programming

Duration: 4 days

Who benefits? Intermediate to advanced level developers. Ideally students should have taken at least Core Java Programming, or should have an equal level of Java programming experience. Familiarity with an object-oriented language is required, and real world programming experience is a must.

• explore the Java Virtual Machine (JVM)
• explore the primary phases and benefits of the class loading mechanism in Java 2
• list possible metrics for measuring software performance
• explain the effect of OO design on software performance
• list and describe types of benchmarks and the criteria that should be considered when constructing a benchmark plan
• explore the most useful targets for profiling, and the most common tools/techniques for profiling
• describe two strategies for improving performance as a result of profiling data
• list and explain the five most common problem areas for good performance with Java
• use the JDK to collect runtime profiling data
• successfully read the profiling data generated by the JDK to detect performance bottlenecks
• instrument your own code to collect method execution time data
• learn code optimization techniques
• use zip I/O streams
• understand how to structure and the advantages of jar files
• understand and implement Internationalization and Localization techniques
• explore and understand JNI
• interface to a C function from Java
• exchange data from a JVM to a C function
• JMX Architecture
• implement a security policy
• use authentication inside java applications
• spply authorization inside your applications
• use a PKI

Course content

Session 1: Writing High-Performance Applications

Lesson: Performance: Process and Issues

• List four possible metrics for measuring software performance
• Explain the effect of OO design on software performance
• Explain where performance tuning resides in the overall OOSD cycle

• List and describe the two types of benchmarks
• Describe the criteria that should be considered when constructing a benchmark plan
• Name the three most useful targets for profiling
• List four common tools/techniques for profiling
• Describe two strategies for improving performance as a result of profiling data
• List and explain the five most common problem areas for good performance with Java

• Use the JDK to collect runtime profiling data
• Successfully read the profiling data generated by the JDK to detect performance bottlenecks
• Instrument your own code to collect method execution time data

• List three potential problems with strings
• List two ways to optimize loops
• Describe the advantages of private and final methods
• List two advantages of Java 1.2 collections over vectors and hashtables
• List 4 other code and system optimizations

• List five ways to optimize Java program design

Session 2: JAAS

Lesson: JAAS Overview

• Recap Java Security
• Explain the concept of a Protection Domain
• Recap enforcing code-based (including signature) authorization
• Understand the role of the AccessController and the AccessControlContext
• Understand the role of the Protection
• Understand the sequence of events for permission
• Understand permission checking and the (call) stack
• Understand the concept of PrivilegedAction and its effect on the permission checking sequence
• Introduce the JAAS concept
• Introduce the JAAS Authentication architecture
• Understand the role of login modules
• Understand the Subject and the relation with Principals
• Introduce the JAAS Authorization architecture
• Understand how Java security is enhanced to support principal-based authorization

• Understand how to configure a JAAS configuration file
• List the standard LoginModule implementations
• Understand the different between the different requirement flags set on a login module declaration
• Understand how to initiate the login process
• Understand the Callback and CallbackHandlers
• Be able to implement a CallbackHandler
• How to configure principal-based Authorization
• Understand different ways of associating a Subject with an AccessControllContext
• Understand the difference between doAs and doAsPrivileged

• Understand the steps to develop a custom login module
• Understand in more detail the login sequence of JAAS
• Understand the semantics and proper implementation of the LoginModule methods

Session 3: Java Object and Class management

Lesson: Class loaders

• Understand the responsibilities of a Java class loader
• Understand class loader hierarchy
• Understand the class loading sequence
• Understand the related security
• Understand how to use class loaders in your design/architecture
• Understand how to re-load classes into the JVM
• Write your own class loader
• Understand how to write a class loader in a security enabled environment (SecurityManager)

• Understand the garbage collector's responsibilities
• List the kinds of object references available in Java
• Understand the Weak, Soft and other references.
• Implement a caching collection using weak references

Session 4: The Regular Expression API

Lesson: The Regular Expression API

• Introduce the Java Regular expression API
• Explain the use of Pattern objects
• Explain the use of Matcher objects
• Give an overview of Regular expressions

Session 5: Overview of Reflection

Lesson: Reflection

• Explain the advantages and disadvantages of Reflection
• Dynamically load classes
• Become familiar with the Class class
• Use Reflection to discover properties of a class
• Dynamically invoke methods of a class
• Dynamically set and get values of fields
• Become familiar with the Method and Field classes
• Understand the Modifier class
• Explain the different between Integer.class and Integer.TYPE
• Use the java.beans.Introspector and java.beans.BeanInfo classes

Session 6: JNI

Lesson: Java Native Invocation (JNI)

• Understand the JNI architecture
• Understand the capabilities of JNI
• Interface to a C function from Java
• Exchange data from a JVM to a C function

Session 7: Advanced Threading

Lesson: Java SE Concurrency API

• Understand the Lock API
• Use Condition objects
• Understand and use Semaphores
• Understand and use the CountDownLatch
• Understand and use the CyclicBarrier
• Appreciate the Exchanger
• Appreciate the Executor framework
• Start and manage tasks
• Understand how to schedule task execution
• Work with the Callable interface
• Appreciate Future
• Use and configure thread pools

Session 8: NIO

Lesson: NIO packages

• Introduce the Java NIO API
• Explain the use of Buffers
• Explain the use of Channels
• Write a file using the FileChannel
• Provide an overview of SocketChannels

Appendix 1: Developing JMX MBeans

Lesson: Brief overview of JMX

• Explain the JMX three level architecture
• Understand the role and relationships for each level
• Get an understanding of MBeans and the different ways of implementing them
• Understand the relation between an MBean Server and its MBeans
• Discuss different MBean deployment scenarios
• Understand the concept of an MLET
• Introduce JBoss sar files
• Understand the JBoss -service.xml file

• Understand the three different ways of developing standard MBeans
• Understand what aspects of a standard MBean are considered static, and which are dynamic
• Understand the registration process of an MBean on a local MBean Server
• Discuss the limitations of local MBean Server registration
• See a real-life application of JMX to monitor a web application
• Develop a real-life application of JMX to manage document caching in a J2EE environment

• Understand the rational behind Dynamic MBeans
• Understand the need to a metamodel
• Explain how a Dynamic MBean exposes its behavior
• Correctly handle attribute support implementation
• Correctly handle constructor and operation support implementation
• Describe how MBeans can acts as event sources
• Understand how to support notifications
• Introduce proper exception handling for Dynamic MBeans

• Discuss the two different mechanisms for clients to work with a server
• Contrast Adapters and Connectors
• Understand what JSR160 (JMX Remoting) adds to the JMX arena
• Understand the different mechanism of connecting with a JMX MBeanServer using JMX Remoting
• Understand client configuration to connect with a remote server
• Understand the two ways of connecting a client with the server using connectors
• Understand the way URLs are described.
• Understand the relation between JMX and technologies such as LDAP, Jini and SLP
• Describe the role of JMXMP
• Understand what a JMX client can do, when connected
• Briefly describe the query mechanism
• Understand how a client can operate with the MBeans on the server
• Discuss class loading and registration of MBeans
• Understand how to listen to notification

Appendix 2: Java Encryption (JCA and JCE)

Lesson: Overview of Encryption

• Set the context for encryption and related security technologies
• Understand the different technologies
• Introduce the different algorithms used in encryption technologies
• Understand symmetric encryption and what to use it for
• Understand asymmetric encryption and what it used for
• Understand the role and concept of Message Digests
• Understand the role and concept of Digital signatures
• Understand the role and concept of Message Authentication Code (MAC)
• Understand the role and concept of Certificates
• Understand the role and concept of key agreement technologies
• Introduce PKI architectures

• Introduce basics of implementing cryptographic functionality in Java (focus on keys and ciphers)
• Understand on a high-level the security architecture in J2SE
• See a few examples of how to achieve concepts explained in the previous lesson
• Generate a symmetric key
• Generate asymmetric (private/public) key pairs
• Configure key generation
• Understand encryption modes (such as CBC, ECB, CFB, OFB and PCBC)
• Understand padding modes (such as ISO10126Padding, OAEP, PKCS 1 and 5 Padding)
• Configure ciphers
• Perform encryption/decryption using different strategies
• Understand how to encrypt/decrypt files
• Understand how to digest a message
• Understand how to produce a MAC
• Understand how to sign and verify digital signatures