Peter Stampede wrote:
Shai Almog wrote:
In the book I go through this in steps. Building a command line app in pure Java. Then as we proceed we go through a spring boot webservice, thymeleaf then to an SPA in JavaScript which connects back to the webservice. I think this process helps new developers understand the evolutionary process we went through historically.
That is so cool that you traverse the history of Java and the web. Understanding where things originated from always interests me.
Looking between a pure javascript webapp and one with a Java in any part of the stack, is one significantly more performant than the other? What are Java's strengths in the modern web?
Not to be overly direct or rude but I would like to understand your thoughts about, With the abundance of javascript frameworks out there, why should I learn Java? It feels like typescript, react, and python among many others are stealing the show with modern web apps and maybe Rust and web assembly grabbing a slice of high performance applications. Where does Java fit in and what is it's future?
I can only agree on that.
For me following are mostly always missing I would love to see covered in a (series of) book(s):
1. Security at service levels are often described with ACL, but mostly never with RBAC or similar concept (ABAC, PBAC, ...)
2. Security at data level (row + column) is almost never considered
3. Security with inheritence concept
4. Time period for security (access day x from till day y)
5. Working hours (from 8h to 17h)
6. Delegation of rights
7. Calendar of rights Delegation (during holidays, etc)
8. Auditing of service access (who did what when)
9. Auditing of data access (who had access to what when)
10. History of changes (who changed what when)
11. Performance, security, audit monitoring at service level
12. Performance, security, audit monitoring data layer level
13. Rules definitions for monitoring (critical level definitions, notifications, ...)
14. AI analysis of monitorings with automatic resolution actions
15. AI analysis of service access (ex: high frequency access to data, abnormal activity, ...)
17. Code readability optimisation (loombok, ...)
18. Declarative programming (annotation for caching, security, logging, auditing, ...)
19. Licensing. How to make optionnal some part of the application, how to secure it)
20. Code obfuscation
21. Microservices with all above included
22. Versionning of (micro)service deployed (ex: service X version 1 and 2 running same time having client v1 and v2 accessing). This allow to update the clients step by step. Mandatory in big infrastructures.
23. DDD + oignon approach with all above included
24. Integration with Graphana (or similar) of all monitored data
25. Maven (or similar) integration
26. Continuous integration (with most used tools)
27. Auto Installation packaging
28. Auto and manual Deployment platform
29. Monitoring platform multi installation
I probably miss lot of points... but this is for me all jobs that a full stack developer should know.
I never found any (series of) book(s) that touch all of this.
Challenge accepted ?