Comparison of JSF libraries

Today I received an email regarding a comparison of JSF related libraries that I couldn’t resist to share. In this article, very well written, Primefaces, Richfaces and Icefaces are compared using different comparison views and each may be better for your own use, depending on what you have to do it. Interesting…


LPIC 1 – On its way

This past week, I reached about half of the preparation book. I’m on chapter 5 and all my tests range 75 to 90%. However, I’m feeling lost some times as it seems to me too much information and too many details to remember for the final exam. Additionally, I’m afraid that I really get it in theory but not exactly in practical terms. Therefore, I’m also making my own tests and experiments to complement my study. For instance, this week, I created a basic but still useful bash script, to parse a file and generate a new one (based on the previous) with added contents, namely generated passwords and some strings shown differently. More and more, I feel that getting more skills in systems administration will make me a better developer, complimenting my programming skills, and making me a better software architect as well.
We’ll see..
Continue reading “LPIC 1 – On its way”

Zás Publications

Zás@ICSOFT – 2006

In 2006, I published the first short paper about my MSc project, Zás – Aspect-Oriented Authorization Services (unofficially named Zenida Authorization Services) in the ICSOFT Conference.

“This paper proposes Zás, a a novel, flexible, and expressive authorization mechanism for Java. Zás has been inspired by Ramnivas Laddad’s proposal to modularize Java Authentication and Authorization Services (JAAS) using an Aspect-Oriented Programming (AOP) approach. Zás aims are to be simultaneously very expressive, reusable, and easy to use and configure. Zás allows authorization services to be non-invasively added to existing code. It also cohabits with a wide range of authentication mechanisms.Zás uses Java 5 annotations to specify permission requirements to access controlled resources. These requirements may be changed directly during execution. They may also be calculated by client supplied permission classes before each access to the corresponding resource. These features, together with several mechanisms for permission propagation, expression of trust relationships, depth of access control, etc., make Zás, we believe, an interesting starting point for further research on the use of AOP for authorization.”

Download the the full paper here.

Zás@IBM Contest – 2007

Later, I participated in an IBM contest for innovative research projects and, although my work was not the winner, the technical report was an improvement to the previous short paper that had been published. You can download that technical paper (in portuguese, however), here.

Zás MSc – 2008

Finally, in 2008 my MSc was published and it is available at ISCTE’s document repository for download

“Traditionally, access control system architectures are based on the abstract reference monitor model proposed by Anderson, which tries to separate the access control logic from the logic of applications.
The implementation of this model has been difficult since access control presents itself as a crosscutting concern, i.e., it crosscuts the functionalities of applications. However, the developments of the techniques that support the separation of concerns, particularly aspect oriented programming, have been enabling the development of systems in which the access control code is not scattered through the code of the application. Nevertheless, these solutions are still too specific to a given application.
This work presents an access control framework for Java applications, named Zás, which can be reused and that applies the abstract reference monitor proposed by Anderson. This framework supports access control policies using different kinds of context information and allows them to be changed at runtime. Zás was developed in the aspect oriented programming language AspectJ and it uses Java 5 annotations.
We used Zás in several small applications since its inception, so as to gain experience and insight from its application. Nevertheless, to evaluate the performance and applicability of the final version of the Zás framework prototype, we integrated it in a very large Web application called Fénix, which brought us very interesting results, such as showing the easiness of applicating Zás to already existing applications, and also the main caveats and limitations of Zás.”

My professional certification path…


Two years ago, I proposed myself the challenge of getting some professional certifications. I concluded that I was used to reading many technical books during the year and, although I could use the insight knowledge from those readings in my daily work, I wasn’t taking full advantage of that study. Back then, I realized that I could take a step forward and use that study to achieve one or more related certifications.

Therefore, I started reading some technical books (the same way I used to do before) but with a more specific goal: to certify my knowledge and skills on some specific areas.

From October 2010 till November 2012, I was able to get all 6 Java certifications I was interested in (in increasing date order):

  1. OCT-2010 – Oracle Certified Professional, Java SE 6 Programmer
  2. MAR-2011 – Oracle Certified Master, Java EE 5 Enterprise Architect
  3. AUG-2011 – Oracle Certified Professional, Java EE 5 Web Services Developer
  4. JAN-2012 – Oracle Certified Expert, EE 6 Java Persistence API Developer
  5. AUG-2012 – Oracle Certified Professional, Java EE 5 Business Component Developer
  6. NOV-2012 – Oracle Certified Expert, Java Platform, EE 6 Web Component Developer

From those, the most challenging ones were, without question, the Java EE 5 Enterprise Architect and the Java EE 5 Web Services Developer, for different reasons.

Taking the Enterprise Architect is a real challenge for busy people (specially, when you are married and have small kids) because the way I usually study (reading while commuting) is not enough to take the second step in that certification path, which consists in a hands on for the definition of an architecture that solves a particular case scenario problem, followed by an essay on its regard. For instance, when I started the preparation for that certification, we created a group of people to take it. I needed about 1 month of full power, mind availability and effort (none of those would be possible, though, if I hadn’t had the necessary support from my wonderful wife – thank you, baby! 🙂 ) to complete the assignment but I made it.

The Web Services Developer, on the other hand, was a very hard exam (at least, in my humble opinion) and I had the real bad experience of using one of Oracle’s study guides to get prepared for the certification. Trust me, people: it really sucks (it’s too bad that, in Oracle Website, the only study sources they recommend are those from Oracle itself) – I believe there were 2 or 3 slides talking about WS-I Basic Profile in that study guide and my exam was about 50/60% WS-I Basic Profile related questions…

In 2013, I realized that I had to define new challenges. Thus, to be able to get more focused, I googled for the top IT certifications in 2013 but the results were terrible. For instance, according to the Global knowledge website, the following were the top 15 paying certifications for 2013:

  1. PMP: Project Management Professional
  2. CISSP: Certified Information Systems Security Professional
  3. MCSD: Microsoft Certified Solutions Developer
  4. MCDBA: Microsoft Certified Database Administrator
  5. CCDA®: Cisco Certified Design Associate
  6. MCAD: Microsoft Certified Application Developer
  7. VCP-DV: VMware Certified Professional Datacenter Virtualization
  8. CNE: Certified Novell Engineer
  9. ITIL v3 Foundation
  10. CCA: Citrix Certified Administrator – Citrix XenServer 6
  11. MCITP: Database Administrator
  12. MCTS: SQL Server 2005
  13. MCT: Microsoft Certified Trainer
  14. CCNP®: Cisco Certified Network Professional
  15. CCA: Citrix Certified Administrator – Citrix XenDesktop 5

So, only project management related certifications (I am a certified project manager from IPMA but I am still not in the mood to be only a project manager – I like developing too much to be there yet!), networking and systems administration, or Microsoft related certifications (ouch!), or yet, ITIL. From those, I realized that I am a Java developer and not a systems administrator but, as an architect, I have the obligation of knowing a lot more about a system’s architecture than what I know at the moment. Therefore, and although I did not choose any of the listed certifications above, I decided to start the path of getting more knowledge and experience with systems administration concepts, specifically Linux systems. Therefore, I started, in the beginning of February of 2013, the preparation for the LPIC (Linux Professional Institute Certification) 1 and, after nearly 15 days of study, suddenly some things I use to hear from systems administrators, all made much more sense to me now. So, this is one of my first advises for any developer reading this post: do not neglect your systems administrations skills. They will be handy sometime near in the future 😉