This week's book giveaway is in the Android forum.
We're giving away four copies of Head First Android and have David & Dawn Griffiths on-line!
See this thread for details.
Win a copy of Head First Android this week in the Android forum!

Srinivas Bitla

Ranch Hand
+ Follow
since Nov 10, 2003
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Srinivas Bitla

Hi All,

I have come up with a little different version of this program to understand how synchronized keyword works. I have written this program such that the program exits when the values of i and j are out of sync in SyncData object. If the program doesn't exit then it meens that the values of i and j are in sync.

Though the sync() method is synchronized, the program exits after executing for some time. I don't understand why those values are going out of sync though the sync() is synchronized. Does anyone have any idea?

Following is the program. Just compile and run it.

Thanks,
Srinivas.




package com.test;

public class Controller {

public static void main(String args[]) {

// JVM will have only one instance of SyncData, i.e data
SyncData data = SyncData.getInstance();
Worker w1 = new Worker(data, true);
w1.kickStart();
Thread.yield();
Worker w2 = new Worker(data, false);
w2.kickStart();
Thread.yield();
while(true) {
if(data.inSync()) {
System.out.println("In Sync, i = " + data.getI() + " and j = " + data.getJ() + " continuing...");
}
else {
System.out.println("Not in Sync, i = " + data.getI() + " and j = " + data.getJ());
w1.terminate();
w2.terminate();
break;
}
}
}
}

class Worker implements Runnable {

private SyncData data;
private boolean forward;
private Thread theThread;

public Worker(SyncData data, boolean forward) {
this.data = data;
this.forward = forward;
}

public void kickStart() {

if(theThread==null) {
theThread=new Thread(this);
theThread.start();
}
}

public void terminate() {

theThread=null;
}

public void run() {

double d = 0.0D;
while(theThread==Thread.currentThread()) {

if(forward) {
d = d + 1;
}
else {
d = d - 1;
}
this.data.sync(d);
}
}
}

//Its a singleton, to make sure JVM has only one instance of it.
class SyncData {

private static SyncData data;
private SyncData() {
}

public static SyncData getInstance() {
if(data == null) {
data = new SyncData();
}
return data;
}

private double i = 0;
private double j = 0;

// Makes sure that i and j are always in sync.
// This is synchronized to make sure i and j are always in sync.
// But doesn't seem to work.
// What am I missing?
public void sync(double syncValue) {
synchronized (this) {
System.out.println("Sync called with " + syncValue);
this.i = syncValue;
// Kill some time. Don't yeild.
for(int x=0; x<1000; x++) {
new Object();
}
this.j = syncValue;
}
}

public boolean inSync() {
return i==j;
}

public double getI() {
return i;
}

public double getJ() {
return j;
}
}
This is because yeild() method pauses execution of the current thread and allows other threads to execute. We don't know how long it pauses the execution of the current thread. So, the amount of time the other thread, which prints out "going ard in loops", gets by JVM may be different for each execution of the program and prints different number of lines of output.
Hi Herb,

I didn't understand how does calls 1 thru 4 mess up the message? The calls seem to be perfectly fine to me.

Can you explain how it messes up the message?

Thanks,
Srinivas.
Hi Seshagiri Rao,

I agree with your statement "If we store credit card details in database securing password is very important." Yes, in such a case we have to employ a highly secure architecture.

But if the business requirements demand the storage of Creditcard No.s, then I do not hesitate to persist them in a database and provide a secure architecture.

Thanks,
Srinivas.
Hi Seshagiri Rao,

Your main concern as I understood from your postings is that, why should we give a hacker a chance to hack the system or databse.

If an architect takes a back step because the system can be compromised by the hackers then no system exists, because nothing is 100% secure. As an architect you can only garuntee that the system is 99.99% secure at the best.

A hacker can do anything if the system is not secure enough. A hacker can steal passwords, Credicard No.s or other sensitive information.

Can you tell me how a Creditcard No. is more critical than password in shopping cart? According to me, If the Creditcard No. alone is compromised then the hacker can use only that Creditcard No. to place orders. But if the password is compromised then the hacker can use all Creditcard No.s of the customer, whose password is compromised, to place orders and can also access other sensitive information.

Give your thinking a broder scope.

Thanks and Regards,
Srinivas.
Hi Seshagiri Rao,

Your statements are very conflicting.

You are saying that by storing Creditcard No. in the database there are chances of Creditcard No. being compromised. But we store passwords also in the database which are more sensitive than Creditcard No. If you do not want to store Creditcard No. in the database then you should not store passwords also in the database because when Creditcard No. can be compomised when stored in the database then passwords can also be compromised. So if you do not persist passwords then you need to employ a highly secured system that might use digital certificates for each customer to authenticate himself to the server, which is highly difficult. If you are a security expert then you agree that even these digital certificates are not 100% secure.

I also did not understand whome are you refering to by saying "he" and "your" in the statement "he will see your records and may try to make purchase on his name but he can't make it becuase he doesn't know your credit card details."? I guess "your" might be refereing to the customer but who is "he" refering to? If "he" is refering to one who has stolen the customer's password, then "he" can infact place an order with customer's Creditcard No. If the customer's password is compromised then it happened because of customer's mistake and not because of system's mistake. Customers who use internet are aware that passwords are more sensitive and should be secured.

And regarding taking the Credicard No. online, without persisting in the database, yes you can do so. We are persisting Creditcard No. only to improve the Customer's shopping experience by not entering his Credicard No. everytime he shops and also to avoid human errors that might occur while entering the credicard no. in the browser.

Thanks,
Srinivas.
Hi Seshagiri Rao,

If Creditcard is not persistent then how do you want to design it? By saying "risking the customer", do you mean that there are chances of Creditcard No. being compromised? If that is your concern then all customer passwords are also persistent in the database. These passwords are more sensitive than Creditcard No. Such sensitive information will be encrypted and then stored in a persistent store.

Please comment.

Thanks,
Srinivas.
Hi Peter Bergoff,

I do not have any documentation to support my thought, but given that scenario this is how I would design.

Thanks,
Srinivas.
Hi,

One way of finding a solution to this is to think how can we model these classes in a relational database. If we have Customer and Creditcard, then it is likely that we will have two tables Customer and Creditcard, because these are two entities.

Then solution to this problem resides in how do we represent a relationship between these two tables. Because a Creditcard belongs to only one Customer, it is easier to represent this relation as a foreign key from Creditcard to Customer. It is very difficult to represent this relation as a foerign key from Customer to Creditcard, because we need to have an arrey of CreditcardIds (or a similer mechanism) in Customer table as a foreign key refering to Creditcard table.

With this database design, given a CustomerId we can find his all Creditcards and given a CreditcardId we can find the Customer to whome Creditcard belongs to.

The database design might have driven the authors to have a relationship from Creditcard to Customer. Same applies to Order and Customer.

What are your thoughts?

Thanks,
Srinivas.
Thank you very much Ramon.
Can some one answer this question?

Thanks in advance,
Srinivas.
Can some one answer this question?

Thanks in advance,
Srinivas.
Hi Phoonix,

1) I think you do not have to worry much about the speed of the system now, because which is actually achieved with clustering and load balencing.

2) The requirements clearly say that we need to interface with mileage system only to make the content available to the customer and travel agent. So we get data from it and dont update to it. When customer wants to update his mileage he will log into frequent flyer mileage system or call the frequent flyer mileage system agent to update his mileage.

Hope this clarifies

Regrds,
Srinivas.
Hi Harvey,

I have a question about your class diagram. You said you had only one class diagram with 15 classes and 5 subsystems. What do you mean by 5 subsystems here? Do you mean 5 stateless session beans?

Thanks in advance,
Srinivas.
Hi All,

Can some one elaborate the following statement from Mark Cade case study, third paragraph page no. 170?

"Because the Shipping, Payment and Accounting systems have Java technology APIs and the data is not persisted, you have direct access from the OrderProcessor as opposed to encapsulating the requests in a DAO."

I couldn't understand that statement completly. I am not sure what does he mean by "the data is not persisted". Does he mean that the data is not persisted in the system being developed?

In the following situations, when can I go for a DAO and when can I use a Processor to talk to the subsystem?

1) The subsystem has a Java technology APIs and the data is not persisted?(Cade says we should go for Processor)

2) The subsystem has a Java technology APIs and the data is persisted?

3) The subsystem does not have a Java technology APIs and the data is not persisted?

4) The subsystem does not have a Java technology APIs and the data is persisted?

Thanks in advance,
Srinivas.