Feeds

Time for genuine 'write-once, run-anywhere' Java

Oracle and BEA: a new hope?

Internet Security Threat Report 2014

One of the big selling points of Java has been its "write once, run anywhere" capabilities. Of course, in practice, this has always been "write once, test everywhere" you intend to deploy your chosen application.

With the planned purchase of BEA Systems by Oracle, I got to thinking about what this meant for the "write once, run anywhere" mantra in relation to application servers.

My thoughts were partly spurred by my need to port a large server application to IBM's WebSphere and Oracle's Application Server from BEA's WebLogic. This left me thinking about the practicalities involved in porting Java, and looking for areas where an ironing out of inconsistencies between Java containers would have a beneficial effect.

As I looked deeper at the challenges the companies would face, it became clear that in many cases the problem with Java portability springs from a combination of developer ignorance and specification omissions - or at least limitations.

When it comes to Java across different Virtual Machines, there are at least two gotchas you should be wary of. The first relates to the type of JVM available. For example, we had an application running on one hardware platform using a 64-bit JVM and all was fine. In moving to a new platform, there was only a 32-bit JVM available. On this platform the application suddenly started experiencing out of memory exceptions. In a similar vain, I know of a colleague who had a working system on a 32-bit JVM but when moving to a 64-bit JVM found that it required more memory.

The second gotcha relates to non-Java standard classes. For example, a little while ago I encountered a developer who had directly referenced the sun.security.provider.X509Factory class; this was only found when the code was run on an IBM JVM and this class was, of course, missing. Perhaps the developer should not have used this class - but nothing actually stopped him from doing so.

Next, there are application-server specific issues. I refer, of course, to those parts of a server-side system that are not specified by Java EE but are needed to correctly deploy an application to the application server. These are application-server specific deployment descriptors (such as weblogic.xml or orion.xml). Each of these files has its own format, which may vary widely (for example WebSphere uses an .XMI format). However, it goes further than that, as in some cases defaults can be assumed and on other application servers no default is provided - or an alternative default is used.

Internet Security Threat Report 2014

More from The Register

next story
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.