Sunday, October 24, 2010

A brief description of JSF and Facelets



JSF and Facelets

Attempt to combine JSF and JSP is like trying to make foot hard into the glove: It may do, but there is a better solution before an expedient measure. In this article, JSF enthusiastic supporter of Rick Hightower introduces his favorite on the content of Facelets: easy HTML-style templating and reusable composite components.

As the recent Java? Server Appearance (JSF) project work, I am very fortunate for the first time using Facelets. About Facelets, my favorite is that it allows me to create reusable composite components. Be able to come up with a page (for example, JSP) and turn it into components, for my JSF development is really a great advantage. My conclusion is what? If not Facelets, then JSF can not be obtained from the largest gains.

JSF and Java Server Pages technology mismatch between, JSF development is a serious problem. The question is how to integrate JSP's dynamic content JSF component-based model. JSP attaches great importance to generate dynamic content output, but JSF requires JSP to coordinate the component model. For this task goes beyond the original purpose of JSP, so had a Distance.

Most JSF developers simply learn to deliberations to address these problems, but it is like a pillow on the hammer, injuring his head will eventually fall. Facelets is a more comprehensive solution: for JSF component model tailored templating language.

Facelets has the following attractive features:

鈼?Templating (like Tiles)

鈼?Composite Components

鈼?Custom logic tags

鈼?expression language

鈼?Development of the designer-friendly page

鈼?Create component library

These features than I expected to be more relevant and uniform. In this article, I discussed the first two: templating and composite components. I use Web-based application for the suspect for my family who developed a JSF application, I put it to use Facelets view update instead of Tiles. Before reading further, should download the sample code. If you want to discuss together with the operation, also need to install Facelets.

Facelets Overview

For Facelets may do the greatest wrong assumption that it is only a substitute for Tiles. Facelets much more than that: it is the new way of thinking JSF.

JSP is the kind of template of the language generated servlet. Subject and JSP servlet's doGet () and doPost () method is equivalent to (that is, as jspService () method). JSF custom tags (such as f: view and h: form) is called JSF components to render the current state of their own. JSF component model is independent of the life cycle of the generated JSP servlet's life cycle. This independence is a source of confusion.

Different with JSP, Facelets templating language that, from the start, on account of the life cycle of JSF components. Use Facelets, generated template build the component tree, not the servlet. This allows better reuse, as components can be combined into one component.

Facelets custom tags to reduce the preparation needs to use JSF. Facelets itself can use the JSF custom components. Communication JSF and Facelets requires very little special code: to do all the work is Facelet JSF tag library components declared. In the Facelets templating language can be used directly JSF components, without any additional development.

Facelets template framework

Building design in the provision of a template for the component framework, Facelets and Tapestry (see Resources) similar. However, we have the background for JSP, Facelets seem friendly and more than Tapestry. It allows the use of the familiar style of JSTL tags and JSTL / JSF / JSP expression language style. Greatly reduce the learning curve means you can start developing more rapidly.

Facelets allows the definition can be included directly into the page, or easily added to the Facelet tag library of components. Happily actually defined in the Facelets custom tag (composite components and JSP custom tag like tag) is very fast. Set to use these components, Facelets also allows the definition of site templates (and a smaller template). This is similar to using the Tiles, but less definition files. JSF components can also be customized for internal use Facelets, because the Facelets API provides JSF components can be easily integrated with the interface.

From Tiles to JSF and Facelets

As mentioned earlier, where the sample Web application to use for my on the JSF for the skeptics to create the sample series. It is an online CD store inventory management, create, read, update, and delete (CRUD) list. It includes a form to allow users to enter a new system, CD, a radio button list, allows the user to select the music category. When the user selects a classification, it immediately triggers some javascript form submission back to server. Application also includes a CD list, the user can list the title or the artist's CD on order.

The original application received from the Tiles view, support, and now I'll build Facelets view. I will start replacing the example with Facelets Tiles support beginning, and then write complex components.







相关链接:



Ulead SmartSaver Pro 3.0 Cheats bit of communication (17)



Domestic Long Road CAXA CAD Lead The Way Down To Earth



"Adopted piecemeal measures" to enhance the ENTHUSIASM of distributors



MPEG To 3GP



PATRIOT mp3 fashion stakes



Education Introduction



Who is the "mini-Ben" King?



Intel claims AMD is Due to be executive pay



National College Venture Competition officially kicked off



AVI To MPEG4



Vista security holes found in the kernel can be a



XviD to MP4



Review Calculators And Converters



Pharmaceutical Co., Ltd. Shenzhen million base



Specialist Pager Tools



Thursday, October 21, 2010

Sybase raise money for love during the full Sichuan



SMS costs donated humanitarian aid to help the disaster areas

The world's largest dedicated information management and information technology, enterprise-class mobile software company Sybase has announced that the company will Sybase365 Hub China Mobile users through all the messages in Sichuan cost of all Juanzeng to Sichuan.

"For the victims of the earthquake, and we sympathize. Sybase in Chengdu, Sichuan has a large branch, our heart is hit all staff employees and their families, and the majority of the victims in Sichuan." Sybase's chairman and chief CEO John Chen said. "During the earthquake hair, communications facilities, in particular, are often paralyzed by land line, cell phone text message (SMS) in exceptional circumstances with the advantage of faster and most convenient, therefore, deserved to become the most reliable means of communication."

From May 12 until June, Sybase will through the China Mobile network, using the Sybase 365 Hub for all messages between the cost of Sichuan donated to the disaster areas to assist humanitarian relief activities and friends among each other. China Mobile by Sybase 365 Hub with over 50 countries, more than 200 operators to exchange international SMS.

Sybase several major cities in China, with offices and R & D centers, including a branch in Chengdu, Sichuan Province. Currently, there are 78 employees in the affected areas of Sichuan and Shaanxi. Company very much concerned about these employees and has raised an emergency relief fund to help earthquake affected directly by the employees and their families, for temporary seismic room, food, medicine and clothing expenses.

In addition to text messaging fees donated, Sybase has also launched an emergency relief fund match the donation, the employee donations to the United States through the Chinese Red Cross Disaster Relief Fund, Red Cross Society of China (RCSC), the United States and other aid agencies, charitable organizations do counterpart contributions.

About Sybase

Sybase is the largest focus on information management and information technology enterprise mobile software company, its industry-leading technology and solutions Zhongxin data from the data passed to the Di Fang Ren He required. Sybase offers at any time, any place can both deliver information security, open, cross-platform solutions that help customers build a leading position in information applications. The world's most important business, communications, finance, government, healthcare and other industries critical data on all systems running on Sybase. For more information, visit the Sybase Web site in China: http://www.sybase.com.cn or Sybase headquarters Web site: http://www.sybase.com.

About Sybase 365

Sybase 365 is a subsidiary of Sybase, is a leading global provider of mobile messaging interoperability, which provides text messaging, multimedia messaging, mobile office and enterprise-class messaging services. Sybase 365 sent messages each year more than 100 billion, with its vast network of more than 700 mobile operators worldwide connected to 2.4 billion users worldwide. For more information, visit www.sybase.com/365.







Recommended links:



Manufacturing integration trend manufacturing and EMS has Approaching



SAP Henning dialogue: a complete understanding of China



Farewell, ANNOYING pop-up window



Infomation Accounting And FINANCE



Dell amended financial statements over the past four years, net profit is expected to cut 150 millio



Top Mail Servers



Six college students recruited reef Workplace



DOS, also use flash tips



3GPP To WMV



import contacts from excel to outlook easily for



Premier Search OR Lookup Tools



Step By Step Teach You Uncover And Remove Trojan Horse Disguised



MPEG to MOV



TOD to WMV



Beijing TV (radio and television media)



Specialist MATHEMATICS Education



Wednesday, October 6, 2010

The basics of intrusion detection rules



Basic knowledge of the rules
Network Intrusion Detection System is a network communication that we need to find a pattern. To give you different types of rules have a basic idea, let's look at the examples that can be used to identify and methods.

Sent from a fixed IP connection requests. This can be in the original IP header address area easily identified.

Mark packets with illegal TCP set. This can be a known set of legal and illegal, and the TCP header tags in the tag comparison and conclusion.

E-mail containing a special virus. IDS can be the title of the message or the attachment name and e-mail-related viruses known to compare the title of the conclusion.

Included in the payload of the DNS queue buffer overflow attempt. Through the analysis of DNS domains and check the length of each queue, so that IDS can identify the existence of a domain in DNS buffer overflow attempt. Or another way is to look at the payload queue overflow procedure exists.

By submitting thousands of times the same command to carry on the POP3 server denial of service attacks. Way to deal with this attack is to set the number of orders submitted, once more than the number of times the system will set the alarm.

By submitting a file or directory tried to skip the login process prior to access files on the FTP server attacks. Can develop a tracking system to monitor the successful landing of the FTP communication, if we find someone trying to enter in pre-certified through the system, it will sound the alarm.

As you can see from the above, a wide range of rules, from the simplest check header files to highly complex, such as Zhenzhenggenzong Lianjiezhuangtai or extensive protocol analysis Deng. In this article, we will focus on some simple rules and discuss their complexity in development. Please note that the rules of IDS in a different capacity to change, so the technology described in this article may be used in your firewall may not be applicable. For example, some network IDS products to the customers to write their own rules or configure the capacity of the existing rules is weak, and some products allow you to customize almost all the existing rules and to all the rules you can think of the definition into the system. Also to be considered an important factor in some IDS products can only check a specific payload Zhu Xing header files, and some products can be given in any part of Renhe package Shu Ju.

Rules which features services

The purpose of intrusion detection rules so? The answer is, different rules is not the same purpose. The result we need is that when the invasion occurred, the system alerts. But let us think about why we need to customize or modify their own rules? Maybe you see some single network communication, and you want the next warning is given when such communications occur. You may have noticed, it has a special header symbol, you want to define a rule to match this known mark; Perhaps you want to configure the IDS to detect unusual or suspicious that the communication, not just Detection of attacks and detection. Some rules can tell you which way a particular attack or an attacker trying to attempt an attack against which vulnerabilities, while others rule is that there are no abnormal behavior, rather than point out a specific kind of attack. The former is bound to spend more time and resources, but give you more information, such as why you would be the purpose of attack or the attacker is.

Header file attributes

We have fast rules about the type, and then let us focus on the characteristics of a simple rule: header file attributes. Some header file attributes is obviously not normal, so we need to develop a lot of options in the rules. Classic example of this rule is marked with a TCP SYN and FIN packets set. In RFC793 (the standard used to define the TCP) a vulnerability, so many tools are trying through this loophole to try to bypass firewalls, routers and intrusion detection systems. Many exploits, including the header file attributes aimed against the RFCs, because many of the operating system and applications are based on the assumption that compliance with RFCs written, and on this basis of communication in error not be corrected. There are many tools contain errors or incomplete code, so these tools are made by the package which contains the header files against the RFCs property. Those who write very bad invasion of technology tools and a variety of written rules for identifiable property.

It sounds good, but please note that not all operating systems and applications are fully inherited RFCs's. In fact, many systems or procedures are at least partly against the RFC's. So, over time, the agreement may be given not included in the RFC in the new property, then the new standards there would be unlawful prior to the standard into a now legal. RFC3168 is a good example. Therefore, IDS rules rely on the RFC may lead to many positive error occurs. Of course, RFC still in the development of accounting rules is very important position, because many malicious attacks are directed RFCs come. As the RFC upgrades and other factors (such that we'll discuss that later), so need to periodically review and upgrade of existing rules.

While illegal file attributes is the first part of the rule base, the first legal but suspicious file attributes are also important. For example, for connecting the port such as 31337 or 27374 suspicious (these are often related to the port and the horse), if issued a warning on these connections, you can quickly identify the actions Trojan. Unfortunately, some normal healthy communication may also use the same port. If you do not use the more detailed rules to define the communications of the other features, you will be difficult to determine the true properties of communication. Suspicious but legitimate property, such as the number of port number, preferably comprehensive consideration of other properties.

Identify the rules of composition may

Header file attributes based on the best way to develop the rules is by example. Synscan is a widely used tool for scanning and detection system. Interconnection line in early 2001, it frequently activity, because its code is often used to make Ramen worm, the first stage. This event provides a good example, because it's package includes a large number of identifiable characteristics. Here are some of the early spread of the worm exists in the Ramen worm in the IP and TCP packet header file attributes. (Note that my IDS is configured as the default has not been requested cancellation of communication, so I can only see the first packet of each attempt)
A variety of different source IP address
2 TCP source port 21, destination port 21
3 type of service is 0
4 IP identification number 39426
5 SYN and FIN flag set
6 serial number to set the various
Set all the confirmation number 7
8 TCP windows size is 1028

Now we know Synscan package contains the header files which features, we can begin to consider how to develop a good rule. Let us Zhao Zhao those illegal, abnormal, suspicious property, in many cases, these features are corresponding to the attacker trying to exploit loopholes or correspond to the attacker used a special technique. Although the normal package properties often include restrictions on some communication, but such restrictions can not be the characteristics of a good rule. For example, we will deal in properties of the normal IP protocol is defined as 6, this way we can view the TCP packet. However, some other completely normal characteristics, such as the service type is set to 0, the rule of development is very negative.

Synscan package some of the unusual features can be identified using the following rules:
1 only SYN and FIN flag set is a clear sign of malicious behavior.
2 Another feature is the confirmation number of these packages have a variety of different properties but the ACK flag is not set. If the ACK flag is not set, the confirmation number should be set to 0.
3 there is a suspicious feature is that the source port and destination port are set to 21, which is a normal FTP server does not associate. If both of the same port number, which we call reflexive. In addition to some special communication (such as a specific NetBIOS communication), usually such a situation should not exist. Anti-body against the TCP port is not standard, but in most cases is not normal. In the normal FTP communications, we will see a high port (greater than 1023) as the source port, destination port is 21.

Thus, we identified three characteristics can be used to make rules: SYN and FIN flag set, the confirmation number is not set to 0 and no ACK tag, and anti-body port is set to 21. There are also two points to note: TCP windows size of the regular set to 1028, IP identification number is 39426 set all the packages. In general, we expected TCP windows size is greater than 1028, although this value is not very normal, but should also draw attention. Similarly, IP RFC defines IP identification number in a different package should have different values, so a fixed value is highly questionable.

Select a rule

As we have found five to be the rule of the elements, So we have the option to develop many different based on head Wenjian rules and a good rule should include more than one of Te Zheng. If you just want to set the most simple rules, you can use packet marking to set the SYN and FIN. While this is a kind of good identification methods of malignant behavior, but behavior can not be given why this would happen. Remember, SYN and FIN are usually used to bypass firewalls and other equipment, so they can play the role of the scanner, the implementation of information gathering or attacks. Therefore, a SYN and FIN only rule for our purposes is too simple.

However, if a rule includes all of the above five suspicious features, although they could provide more detailed information, but compared with the detection of a property rule only, the utility or much worse. Rules of relevance and accuracy of development are always trade-off between the two. In many cases, the relatively simple rules is easier than the complex identification of positive error, because the relatively simple rules in general for the overall concept. And complex than the simple rule of rules is easier to recognize passive error because the characteristics of some tools and algorithms will change over time.

We assume that a rule intended to determine what kind of tool used. In addition to other markers SYN and FIN, what attributes are most appropriate? Let us look at the anti-body port is very suspicious, but many tools have this feature even with some lawful existence of such communications will feature, it can not provide enough detailed information to Zhidingguize. ACK ACK value is set but no tags, it is clearly illegal, it can and SYN, FIN together to make rules. Windows-1028 size, a little suspicious but can also be considered within the normal range. The IP identification number 39426 then? We can combine the above properties, the development of several different rules. But still can not determine which is the best, because the best rules should change with time and environment at any time adjustments.

Summary

In the next period, we will use to determine which properties SYNSCAN rules, and rules for more SYNSCAN assess the effectiveness of communication. We will further study the general rules relative to the merits of specific rules. We will also continue to focus on discussion of IP protocol header file attributes in the rule development role.







Recommended links:



Report Dictionaries Education



How to properly charge the battery for notebook



OGM converter



MPEG to MOV



MP4 to FLV



e-cology in the Pan Micro Series 29



No trace of her it just so to find the original 1000 Baidu



Screen Savers REPORT



Adobe "culmination of the track" Result of Contest winners



"Heroes of the RESISTANCE front" Medal and process Raiders



Ping Command Usage



To clarify the status table and table space



Astronomy CATALOGS



Capital gray screen under the Waterfront