My Interview Prep Flashcards

Question

Stacks

Answer 1

A stack is a container of objects that are inserted and removed according to the last-in first-out (LIFO) principle. In the pushdown stacks only two operations are allowed: push the item into the stack, and pop the item out of the stack. A stack is a limited access data structure - elements can be added and removed from the stack only at the top. push adds an item to the top of the stack, pop removes the item from the top. A helpful analogy is to think of a stack of books; you can remove only the top book, also you can add a new book on the top.

Answer 2

``` For binary search, the array should be arranged in ascending or descending order. In each step, the algorithm compares the search key value with the key value of the middle element of the array. A binary search halves the number of items to check with each iteration, so locating an item (or determining its absence) takes logarithmic time. A binary search is a dichotomic divide and conquer search algorithm. avg O(log (n)) ```

Answer 3

Each time an object is created in Java it goes into the area of memory known as heap. The primitive variables are allocated in the stack if they are local method variables and in the heap if they are class member variables. Threads share the heap spaces so it is not thread-safe and the threads have their own stack space which is thread-safe 1) Main difference between heap and stack is that stack memory is used to store local variables and function call, while heap memory is used to store objects in Java. No matter, where object is created in code e.g. as member variable, local variable or class variable, they are always created inside heap space in Java. 2) Each Thread in Java has there own stack which can be specified using -Xss JVM parameter, similarly you can also specify heap size of Java program using JVM option -Xms and -Xmx where -Xms is starting size of heap and -Xmx is maximum size of java heap. to learn more about JVM options see my post 10 JVM option Java programmer should know. 3) If there is no memory left in stack for storing function call or local variable, JVM will throw java.lang.StackOverFlowError, while if there is no more heap space for creating object, JVM will throw java.lang.OutOfMemoryError: Java Heap Space. Read more about how to deal with java.lang.OutOfMemoryError in my post 2 ways to solve OutOfMemoryError in Java. 4) If you are using Recursion, on which method calls itself, You can quickly fill up stack memory. Another difference between stack and heap is that size of stack memory is lot lesser than size of heap memory in Java. 5) Variables stored in stacks are only visible to the owner Thread, while objects created in heap are visible to all thread. In other words stack memory is kind of private memory of Java Threads, while heap memory is shared among all threads.

Answer 4

Affiliates and partners can use this web service to create card orders. An XML document is posted to a URL in the HTTP POST body and an XML response is returned in the HTTP response.

Answer 5

String.intern() on a series of strings will ensure that all strings having same contents share same memory. So if you have list of names where 'john' appears 1000 times, by interning you ensure only one 'john' is actually allocated memory. can increase speed but takes up memory

Answer 6

``` public String pruebaEnconding() throws UnsupportedEncodingException { String xml = "String con acentos: á - é - í - ó - ú" ; return new String(xml.getBytes(), "ISO-8859-1"); } ```

Answer 7

About 500 About 20 developers, 11 appdev TSYS about 9,000

Answer 8

``` Java 7 JBoss 5.1.0.GA Apache 2.2 Tomcat 7.0.28 JUnit 4.11 Mockito 1.8 TopLINK 9.0.7 Slf4j 1.6.1 ```

Answer 9

Extensible Markup Language a metamarkup (set of instructions on a manuscript or tags in an electronic document to determine styles of type, makeup of pages, and the like) language for text documents * does not have a fixed set of tags and elements <-- mark-up * XML is case-sensitive

Answer 10

Document Object Model / Simple API for XML

Answer 11

``` daringfireball.com reddit programming wired stackoverflow. java posse (podcast) joelonsoftware.com/ ```

Answer 12

Rob Ratcliff (AustinJUG founder) Martin Fowler (Refactoring: Improving the design of existing code and Refactoring to Patterns) Joel Spolsky (Fog Creek Software / joelonsoftware.com) Todd Cheng

Answer 13

Polymorphism provision of a single interface to entities of different types. A polymorphic type is a type whose operations can also be applied to values of some other type, or types. The process used by objectoriented programming languages to implement polymorphism is called dynamic binding ``` Inheritance inheritance is when an object or class is based on another object or class, using the same implementation; it is a mechanism for code reuse ``` Encapsulation A language mechanism for restricting access to some of the object's components.[3][4] A language construct that facilitates the bundling of data with the methods (or other functions) operating on that data

Answer 14

equals() (javadoc) must define an equality relation (it must be reflexive, symmetric, and transitive). In addition, it must be consistent (if the objects are not modified, then it must keep returning the same value). Furthermore, o.equals(null) must always return false. hashCode() (javadoc) must also be consistent (if the object is not modified in terms of equals(), it must keep returning the same value). @Override public int hashCode() { final int prime = 31; int result = 1; result = prime * result + (int) (a ^ (a >>> 32)); result = prime * result + (int) (b ^ (b >>> 32)); result = prime * result + c.hashCode(); return result; } ``` public boolean equals(Object obj) { if (!(obj instanceof Apple)) return false; if (obj == this) return true; return this.color.equals(((Apple) obj).color); } ``` Read more: http://javarevisited.blogspot.com/2011/10/override-hashcode-in-java-example.html#ixzz2xmrOm5TA The relation between the two methods is: Whenever a.equals(b), then a.hashCode() must be same as b.hashCode()

Answer 15

transient variables cannot be serialized

Answer 16

process is an execution of a program (eg JVM process) but a thread is a single execution sequence within the process

Answer 17

MyApps.ear -log4j.jar (3rd party jars) -class files, properties files,configuration files etc -META-INF -application.xml (deployment descriptor) -MANIFEST.MF Manifest-Version: 1.0 Created-By: Apache Ant -MyAppsCommon.jar , MyAppsUtil.jar (shared by both EJB and Web modules) -class files, properties files,configuration files etc -MyAppsEJB.jar -META-INF -MANIFEST.MF class-path: (log4j.jar MyAppsCommon.jar MyAppsUtil.jar) ejb-jar.xml (deployment descriptor ) -ejb classes , non-ejb class etc -MyAppsWeb.war -JSP, HTML, CSS, GIF (can have sub-folders) -META-INF -MANIFEST.MF class-path: (log4j.jar MyAppsCommon.jar MyAppsUtil.jar) -WEB-INF -web.xml (deployment descriptor) -lib -struts.jar, crimson.jar (3rd party jar files) -classes -class files

Answer 18

XML based text files with a ".xml" extension that describes a component's deployments settings. A J2EE application and each of its modules has its own deployment descriptor.

Answer 19

deployment descriptor a standard J2EE deployment descriptor, which includes the following structural information: EJB jar modules, WEB war modules, etc. Also since EJB jar modules are packaged as jars the same way dependency libraries like log4j.jar, commonUtil.jar etc are packaged, the application.xml descriptor will distinguish between these two jar files by explicitly specifying the EJB jar modules. ``` [?xml version="1.0" encoding="UTF-8"?] [!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.2//EN" "http://java.sun.com/j2ee/dtds/application_1_2.dtd"] [application id="Application_ID"] [display-name]MyApps[/display-name] [module id="EjbModule_1"] [ejb]MyAppsEJB.jar[/ejb] [/module] [module id="WebModule_1"] [web] [web-uri]MyAppsWeb.war[/web-uri] [context-root]myAppsWeb[/context-root] [/web] [/module] [security-role id="SecurityRole_1"] [description]Management position[/description] [role-name]managger[/role-name] [/security-rol [/application] ```

Answer 20

deployment descriptor standard deployment descriptor for an EJB module. [[?xml version="1.0" encoding="UTF-8"?] [!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 1.1//EN" "http://java.sun.com/j2ee/dtds/ejb-jar_1_1.dtd"] [ejb-jar id="ejb-jar_ID"] [display-name]MyAppsEJB[/display-name] [enterprise-beans] [session id="ContentService"] [ejb-name]ContentService[/ejb-name] [home]ejb.ContentServiceHome[/home] [remote]ejb.ContentService[/remote] [ejb-class]ejb.ContentServiceBean[/ejb-class] [session-type]Stateless[/session-type] [transaction-type]Container (vs Bean)[/transaction-type] [/session] [entity] [ejb-name]Bid[/ejb-name] [home]ejb.BidHome[/home] [remote]ejb.Bid[/remote] [ejb-class]ejb.BidBean[/ejb-class] [persistence-type]Container[/persistence-type] [prim-key-class]ejb.BidPK[/prim-key-class] [reentrant]False[/reentrant] [cmp-field][field-name]bid[/field-name][/cmp-field] [cmp-field][field-name]bidder[/field-name][/cmp-field] [cmp-field][field-name]bidDate[/field-name][/cmp-field] [cmp-field][field-name]id[/field-name][/cmp-field] [/entity] [/enterprise-beans] [!-- OPTIONAL --] [assembly-descriptor] [!-- OPTIONAL, can be many --] [security-role] [description] Employee is allowed to ... [/description] [role-name]employee[/role-name] [/security-role] [!-- OPTIONAL. Can be many --] [method-permission] [!-- Define role name in "security-role" --] [!-- Must be one or more --] [role-name]employee[/role-name] [!-- Must be one or more --] [method] [ejb-name]ContentService[/ejb-name] [!-- * = all methods --] [method-name]*[/method-name] [/method] [method] [ejb-name]Bid[/ejb-name] [method-name]findByPrimaryKey[/method-name] [/method] [/method-permission] [!-- OPTIONAL, can be many. How the container is to manage transactions when calling an EJB's business methods --] [container-transaction] [!-- Can specify many methods at once here --] [method] [ejb-name]Bid[/ejb-name] [method-name]*[/method-name] [/method] [!-- NotSupported|Supports|Required|RequiresNew|Mandatory|Never --] [trans-attribute]Required[/trans-attribute] [/container-transaction] [/assembly-descriptor] [/ejb-jar]

Answer 21

automatic in Java (unlike C++) cannot be forced but you can nicely ask the garbage collector to collect garbage Each time an object is created in Java, it goes into the area of memory known as heap. The Java heap is called the garbage collectable heap. The garbage collection cannot be forced. The garbage collector runs in low memory situations. When it runs, it releases the memory allocated by an unreachable object. The garbage collector runs on a low priority daemon (background) thread. You can nicely ask the garbage collector to collect garbage by calling System.gc() but you can’t force it. What is an unreachable object? An object’s life has no meaning unless something has reference to it. If you can’t reach it then you can’t ask it to do anything. Then the object becomes unreachable and the garbage collector will figure it out. Java automatically collects all the unreachable objects periodically and releases the memory consumed by those unreachable objects to be used by the future reachable objects.

Answer 22

method helps in garbage collection. A method that is invoked before an object is discarded by the garbage collector, allowing it to clean up its state. Should not be used to release non-memory resources like file handles, sockets, database connections etc because Java has only a finite number of these resources and you do not know when the garbage collection is going to kick in to release these non-memory resources through the finalize() method.

Answer 23

java.lang.ref package can be used to declare soft, weak and phantom references Garbage Collector won’t remove a strong reference.

Answer 24

by using buffering (Internally a buffer array is used and instead of reading bytes individually from the underlying input stream enough bytes are read to fill the buffer. This generally results in faster performance as less reads are required on the underlying input stream.) minimising access to the underlying hard disk and operating systems. Use the NIO package for performance enhancing features like non-blocking I/O operation, buffers to hold data, and memory mapping of files

Answer 25

checked and unchecked (RuntimeException)

Answer 26

No Exception handling in Java is polymorphic in nature. For example if you catch type Exception in your code then it can catch or throw its descendent types like IOException as well. So if you catch the type Exception before the type IOException then the type Exception block will catch the entire exceptions and type IOException block is never reached. In order to catch the type IOException and handle it differently to type Exception, IOException should be caught first (remember that you can’t have a bigger basket above a smaller basket).

Answer 27

``` Extend the Thread class class Counter extends Thread { //method where the thread execution will start public void run(){ //logic to execute in a thread } //let’s see how to start the threads public static void main(String[] args){ Thread t1 = new Counter(); Thread t2 = new Counter(); t1.start(); //start the first thread. This calls the run() method t2.start(); //this starts the 2nd thread. This calls the run() method } } ``` ``` or implement the Runnable interface class Counter extends Base implements Runnable { //method where the thread execution will start public void run(){ //logic to execute in a thread } //let us see how to start the threads public static void main(String[] args){ Thread t1 = new Thread(new Counter()); Thread t2 = new Thread(new Counter()); t1.start(); //start the first thread. This calls the run() method t2.start(); //this starts the 2nd thread. This calls the run() method } } ``` ``` The runnable interface is preferred, as it does not require your object to inherit a thread because when you need multiple inheritance, only interfaces can help you. In the above example we had to extend the Base class so implementing runnable interface is an obvious choice. Also note how the threads are started in each of the different cases as shown in the code sample. ```

Answer 28

In Java programming, each object has a lock. A thread can acquire the lock for an object by using the synchronized keyword. The synchronized keyword can be applied in method level (coarse grained lock – can affect performance adversely) or block level of code (fine grained lock). Often using a lock on a method level is too coarse. Why lock up a piece of code that does not access any shared resources by locking up an entire method. Since each object has a lock, dummy objects can be created to implement block level synchronization. The block level is more efficient because it does not lock the whole method ``` class MethodLevel { //shared among threads SharedResource x, y ; pubic void synchronized method1() { //multiple threads can't access } pubic void synchronized method2() { //multiple threads can't access } public void method3() { //not synchronized //multiple threads can access } } ``` ``` class BlockLevel { //shared among threads SharedResource x, y ; //dummy objects for locking Object xLock = new Object(), yLock = new Object(); pubic void method1() { synchronized(xLock){ //access x here. thread safe } //do something here but don't use SharedResource x, y ; synchronized(xLock) { synchronized(yLock) { //access x,y here. thread safe } } //do something here but don't use SharedResource x, y ; } } ```

Answer 29

- Runnable — waiting for its turn to be picked for execution by the thread schedular based on thread priorities. - Running: The processor is actively executing the thread code. It runs until it becomes blocked, or voluntarily gives up its turn with this static method Thread.yield(). Because of context switching overhead, yield() should not be used very frequently. - Waiting: A thread is in a blocked state while it waits for some external processing such as file I/O to finish. - Sleeping: Java threads are forcibly put to sleep (suspended) with this overloaded method: Thread.sleep(milliseconds), Thread.sleep(milliseconds, nanoseconds); - Blocked on I/O: Will move to runnable after I/O condition like reading bytes of data etc changes. - Blocked on synchronization: Will move to Runnable when a lock is acquired. - Dead: The thread is finished working.

Answer 30

The wait(), notify(), and notifyAll() methods are used to provide an efficient way for threads to communicate with each other. This communication solves the ‘consumer-producer problem’. This problem occurs when the producer thread is completing work that the other thread (consumer thread) will use. Example: If you imagine an application in which one thread (the producer) writes data to a file while a second thread (the consumer) reads data from the same file. In this example the concurrent threads share the same resource file. Because these threads share the common resource file they should be synchronized. Also these two threads should communicate with each other because the consumer thread, which reads the file, should wait until the producer thread, which writes data to the file and notifies the consumer thread that it has completed its writing operation ``` class ConsumerProducer { private int count; public synchronized void consumer() { while (count == 0) { try { wait(); } catch (InterruptedException ie) { // keep trying } } count --; // consumed } private synchronized void produce() { count++; notify(); } } ```

Answer 31

1. Pooling your valuable resources like threads, database and socket connections. 2. Optimizing your I/O operations. 3. Minimising network overheads, calls to Date, Calendar related classes, use of “casting” or runtime type checking like “instanceof” in frequently executed methods/loops, JNI calls, etc 4. Managing your objects efficiently by caching or recycling them without having to rely on garbage collection. 5. Using a StringBuffer as opposed to String and ArrayList or HashMap as oppose to Vector or Hashtable 6. Applying multi-threading where applicable. 7. Minimise any potential memory leaks.

Answer 32

Unique integration with PayPal that entailed a meshing of PayPal APIs that are typically used independent of each other to accomplish a complex integrated feature set for the user that entailed using NetSpend's servicing center / framework but 100% PayPal branding and authentication. PayPal SSO via OpenID PayPal Balance and email retrieval via OAuth PayPal Account Creation via SOAP PayPal Payments (Reload/TopUp) via SOAP

Answer 33

Replacing existing third party vendor for external emails with new vendor. 3rd party integration XML over HTTP Database migration for new template ids/names Integration tests to ensure no loss in functionality of over 60+ external emails (plus branded versions) - required additions to account creation DSL for account prepping

Answer 34

stateless protocol and state can be maintained between client requests using HttpSession, URL rewriting, hidden fields and cookies. HttpSession is the recommended approach. 1) On client's first request, the Web Container generates a unique session id and gives it back to the client with response 2) The client sends back the session id with each response 3) The Web Container uses this ID, finds the matching session with the ID and associates the session with the request.

Answer 35

the property of certain operations in mathematics and computer science, that can be applied multiple times without changing the result beyond the initial application ex. clustered EJBs are written with idempotent methods - can automatically recover from a server failure as long as it can reach another server

Answer 36

promotes high availability and scalability. The considerations for servlet clustering are: - Objects stored in a session should be serializable to support in-memory replication of sessions. Also consider the overhead of serializing very large objects. Test the performance to make sure it is acceptable. - Design for idempotence. Failure of a request or impatient users clicking again can result in duplicate requests being submitted. So the Servlets should be able to tolerate duplicate requests. - Avoid using instance and static variables in read and write mode because different instances may exist on different JVMs. Any state should be held in an external resource such as a database. - Avoid storing values in a ServletContext. A ServletContext is not serializable and also the different instances may exist in different JVMs. - Avoid using java.io.* because the files may not exist on all backend machines. Instead use getResourceAsStream().

Answer 37

Prepared statements offer better performance as opposed to statements, as they are precompiled and reuse the same execution plan with different arguments. Prepared statements are also more secure because they use bind variables, which can prevent SQL injection attacks

Answer 38

Required: Methods executed within a transaction. If client provides a transaction, it is used. If not, a new transaction is generated. Commit at end of method that started the transaction. Which means a method that has Required attribute set, but was called when the transaction has already started will not commit at the method completion. Well suited for EJB session beans. Mandatory: Client of this EJB must create a transaction in which this method operates, otherwise an error will be reported. Well-suited for entity beans. RequiresNew: Methods executed within a transaction. If client provides a transaction, it is suspended. If not a new transaction is generated, regardless. Commit at end of method. Supports: Transactions are optional. NotSupported: Transactions are not supported. If provided, ignored. Never: Code in the EJB responsible for explicit transaction control.

Answer 39

``` There is an impedance mismatch between object and relational technology. Classes represent both data and behaviour whereas relational database tables just implement data. Inheritance class structure can be mapped to relational data model in one of the following ways: ``` ``` Map class hierarchy to single database table: The whole class hierarchy can be stored in a single table by adding an additional column named “EmployeeType”. The column “EmployeeType” will hold the values “Permanent”, “Contract” and “SubContract”. New employee types can be added as required. Although this approach is straightforward it tends to break when you have combinations like an employee is of type both “Contractor” and “SubContractor”. So when you have combinations, you can use refactored table by replacing type code column “EmployeeType” with boolean values such as isPermanent, isContractor and isSubContractor. ``` ``` Map each class to its own table: You create one table per class. The data for a permanent employee is stored in two tables (Employee and Permanent), therefore to retrieve this data you need to join these two tables. To support additional employee type say a Contractor, add a new table. ``` ``` Map each concrete class to its own table: You create one table per concrete class. There are tables corresponding to each class like Permanent, Contractor and SubContractor. So join is not required. To support additional employee type, add a new table. ``` So which approach to use? Easiest approach is to have one table per hierarchy and easy to refactor. If you need a “pure design approach” then use one table per class approach. Try to stay away from one table per concrete class approach because it makes refactoring difficult by copying data back and forth between tables. No approach is ideal for all situations.

Answer 40

Normalize to reduce data redundancy and denormalize to improve performance: Normalized data have the advantage of information being stored in one place only, reducing the possibility of inconsistent data. Furthermore, highly normalized data are loosely coupled. But normalization comes at a performance cost because to determine a piece of information you have to join multiple tables whereas in a denormalized approach the same piece of information can be retrieved from a single row of a table. Denormalization should be used only when performance testing shows that you need to improve database access time for some of your tables. Note: Creating a data model (logical, physical etc) before design model

Answer 41

1. Manage and recycle your valuable resources like connections, threads etc by either pooling or caching. 2. Use effective design patterns like session façade (client interface), DTOs (Data Transfer Objects), fast lane reader etc to minimise network overheads. 3. Set appropriate timeouts for HttpSession objects. 4. Use JDBC prepared statements as opposed to statements. 5. Release database connections in a finally {} block when finished. 6. Apply least restrictive but valid transaction isolation level. 7. Batch database requests. 8. Minimise serialization costs by marking references like file handles, database connections, etc which do not require serialization by declaring them transient.

Answer 42

1. Recycle your valuable resources by either pooling or caching. 2. Automate your build process with tools like Ant, CruiseControl, and Maven etc, and continuously integrate your code into your build process. 3. Build test cases first using tools like JUnit. 4. Use standard J2EE packaging to improve portability. 5. Apply appropriate proven design patterns 6. Use proven frameworks like Struts, Spring, Hibernate, JSF, JUnit, Log4J, etc. 7. Handle and propagate exceptions correctly. 8. Avoid resource leaks by closing all database connections after you have used them.

Answer 43

Detecting memory leaks: - Use tools like JProbe, OptimizeIt etc to detect memory leaks. - Use operating system process monitors like task manager on NT systems, ps, vmstat, iostat, netstat etc on UNIX systems. - Write your own utility class with the help of totalMemory() and freeMemory() methods in the Java Runtime class. Place these calls in your code strategically for pre and post memory recording where you suspect to be causing memory leaks. An even better approach than a utility class is using dynamic proxies (Refer Q11 in How would you go about section…) or Aspect Oriented Programming (AOP) for pre and post memory recording where you have the control of activating memory measurement only when needed. (Refer Q3 – Q5 in Emerging Technologies/Frameworks section).

Answer 44

``` Design applications with an object’s life cycle in mind, instead of relying on the clever features of the JVM. Letting go of the object’s reference in one’s own class as soon as possible can mitigate memory problems. Example: myRef = null; ```

Answer 45

scalability load balancing high availability

Answer 46

Java is a fun language. Let’s look at some of the reasons: Built-in support for multi-threading, socket communication, and memory management (automatic garbage collection).

Answer 47

- enterprise middle tier - component based development - transactions - persistence - EJB instance pooling - security - concurrent access (multi-threading) - remote access

Answer 48

- configuration of J2EE servers - error prone and complex - packaged apps never completely independent of deployment env (ie. mismatched EJB versions when common JARs are loaded from multiple locations) - finding cause of problem in multi-tiered and clustered production env. is more challenging than on single configuration and deployment issues: - resource permissions - deployment of new versions that cause issues performance issues: - improper app server settings (ie EJB pool size is too small which causes unnecessary object creatin due to insufficient threads) functional/user issues: - bad business logic - thread deadlock (other sync issues) - app server crash - unexpected app error, not logged

Answer 49

``` // doesn't have to implement both.. in this case it's producing AND consuming public class SendMailMDB implements MessageDrivenBean, MessageListener { private Logger logger; private static final long serialVersionUID = -1L; public void ejbCreate() { logger = Logger.getLogger(getClass()); } public void ejbRemove(){} public void setMessageDrivenContext (MessageDrivenContext ctx) throws EJBException {} public void onMessage(final Message message) { ManualTransactionFactory.getInstance().execute(() -> { try { transaction.begin(); Serializable request = ((ObjectMessage)message) getObject(); if (!request instanceof AsynchronousMailBean) { return; } AsynchronousMailer m = Factory.createMailer(); m.dispatchMail((AsynchronousMailBean)request); } finally { transaction.commit(); } catch (Throwable t) { } } ```

Answer 50

``` (in ejb-jar.xml) public interface AccountSession extends EJBObject { // custom interface methods } ```

Answer 51

(in ejb-jar.xml) public interface AccountSessionHome extends EJBHome { public AccountSession create() throws RemoteException, CreateException; }

Answer 52

``` (in ejb-jar.xml) public class AccountSessionBean implements SessionBean ```

Answer 53

Facade (SessionBean interface) Delegate (EBJObject delegate to Manager) DAO (Data Access Object interface) Proxy

Answer 54

Context ctx = getInitialContext(); EJBHome home = (EJBHome) PortableRemoteObject.narrow(ctx.lookup("org/twia/claim/ClaimManagerSession", ClaimManagerSessionHome.class); // jndiName, homeClass, throws NamingException Method createMethod = homeClass.getMethod("create"); EJBObject service = (EJBObject) createMethod.invoke(home, newObject[0]) return service.

Answer 55

``` InitialContext ic = new InitialContext() QueueConnectionFactory gcf = (QueueConnectionFactory) ic.lookup("AccountConnectionFactory"); QueueConnection gc = gcf.createQueueConnection(); QueueSession session = qc.createQueueSession(false, Session.AUTO_ACKNOWLEDGE) QueueSender sender = session.createSender(senderQueue) sender.send(message, deliveryMode, priority, timeToLive); ```

Answer 56

- ease of code maintainability - extensibility - code clarity - makes it possible to change the implementation of an object without affecting the whole program

Answer 57

(extends) - Extensibility - Polymorphism - Enhances reusability and flexibility by allowing subclasses

Answer 58

- many forms - allows variables to refer to objects whose class is not known at compile time - array of Animals (Pig, Cat, Horse) - add Cow to array without modifying array code

Answer 59

``` Use Case Diagram Class Diagram Sequence Diagram Collaboration Diagram State Chart Diagram Activity Diagram Deployment Diagram ``` PlantUML (puml)

Answer 60

Asynchronous Javascript And Xml

Answer 61

JBoss - application server (Java based) full Java EE suite of services (JMS, EJBs, JAAS) Tomcat is embedded in JBoss Tomcat - servlet container (servlets, JSPs) manages lifecycle of servlets, mapping URL to a servlet and ensuring URL requestor has rights Apache - web server (handles HTTP requests/response and logging) Tomcat is both a web server and a web container, but it's not really meant to function as a high performance web server, nor does it include some features typical of a web server. Tomcat is meant to be used in conjunction with the Apache web server, where Apache manages static pages, caching, redirection, etc. and Tomcat handles the container (web application) functions

Answer 62

Java Authentication and Authorization Service (pronounced "jazz") For the system administrator, JAAS consists of two kinds of configuration file: * .login.conf: specifies how to plug vendor-supplied login modules into particular applications * .policy: specifies which identities (users or programs) are granted which permissions

Answer 63

- programs that run on a web server (ie Apache) and build web pages - can maintain state across many server transactions by using HTTP cookies, session variables or URL rewriting - receives requests (ServletRequest) and generates a response (ServletResponse) based on the request

Answer 64

``` 0 Request is not initialized 1 Request has been set up 2 Request has been sent 3 Request is in process 4 Request is complete ```

Answer 65

ve some data to the server and notify the user once it's complete: ``` $.ajax({ type: "POST", url: "some.php", data: { name: "John", location: "Boston" } }) .done(function( msg ) { alert( "Data Saved: " + msg ); }); ```

Answer 66

``` request response pageContext session application out config page exception ```

Answer 67

1) Create Connection Context ctx = new InitialContext(); DataSource ds = (DataSource)ctx.lookup("jdbc/myDataSource"); Connection conn = ds.getConnection("username","password"); 2) Create a query and execute it a) PreparedStatement prepStmt = conn.prepareStatement("select id from myTable where id = ?"); prepStmt.setInt(1,1245); ResultSet rs = prepStmt.executeQuery(); while (rs.next()) { rs.getString("COF_NAME"); rs.getInt("SALES"); } b) CallableStatement callStmt = conn.prepareCall("{call PROC_SHOWMYBOOKS}"); ResultSet rs = cs.executeQuery();

Answer 68

- send an object over the network - save an object to file - store an object in an HTTP Session (to support in-memory replication of sessions to achieve scalability) * transient excludes a variable from being serialized * private final static long serialVersionUID = -1L;

Answer 69

standard deployment descriptor for a WEB module. [?xml version="1.0" encoding="UTF-8"?] [!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd"] [web-app] [display-name]myWebApplication[/display-name] [context-param] [param-name]GlobalContext.ClassName[/param-name] [param-value]web.GlobalContext[/param-value] [/context-param] [servlet] [servlet-name]MyWebController[/servlet-name] [servlet-class]web.MyWebController[/servlet-class] [init-param] [param-name]config[/param-name] [param-value]/WEB-INF/config/myConfig.xml[/param-value] [/init-param] [load-on-startup]1[/load-on-startup] [/servlet] [servlet-mapping] [servlet-name]MyWebController[/servlet-name] [url-pattern]/execute/*[/url-pattern] [/servlet-mapping] [error-page] [error-code]400[/error-code] [location]/WEB-INF/jsp/errors/myError.jsp[/location] [/error-page] [taglib] [taglib-uri]/WEB-INF/struts-bean.tld[/taglib-uri] [taglib-location]/WEB-INF/lib/taglib/struts/struts-bean.tld[/taglib-location] [/taglib] [security-constraint] [web-resource-collection] [web-resource-name]Employer[/web-resource-name] [description][/description] [url-pattern]/execute/employ[/url-pattern] [http-method]POST[/http-method] [http-method]GET[/http-method] [http-method]PUT[/http-method] [/web-resource-collection] [auth-constraint] [description][/description] [role-name]advisor[/role-name] [/auth-constraint] [/security-constraint] [login-config] [auth-method]FORM[/auth-method] [realm-name]FBA[/realm-name] [form-login-config] [form-login-page]/execute/MyLogon[/form-login-page] [form-error-page]/execute/MyError[/form-error-page] [/form-login-config] [/login-config] [security-role] [description]Advisor[/description] [role-name]advisor[/role-name] [/security-role] [/web-app]

Answer 70

Atomicity All the individual operations should either complete or fail. Consistency The design of the transaction should update the database correctly. Isolation Prevents data being corrupted by concurrent access by two different sources. It keeps transactions isolated or separated from each other until they are finished. Durability Ensures that the database is definitely updated once the Transaction is completed.

Answer 71

Domain-driven design (DDD) is an approach to software development for complex needs by connecting the implementation to an evolving model. The premise of domain-driven design is the following: 1) Placing the project's primary focus on the core domain and domain logic. 2) Basing complex designs on a model of the domain. 3) Initiating a creative collaboration between technical and domain experts to iteratively refine a conceptual model that addresses particular domain problems.

Answer 72

open source message broker written in Java together with a full Java Message Service (JMS) client. It provides "Enterprise Features" which in this case means fostering the communication from more than one client or server. Supported clients include Java via JMS 1.1 as well as several other "cross language" clients.[1] The communication is managed with features such as computer clustering and ability to use any database as a JMS persistence provider besides virtual memory, cache, and journal persistency.[2] ActiveMQ is used in enterprise service bus implementations such as Apache ServiceMix and Mule. Other projects using ActiveMQ include Apache Camel and Apache CXF in SOA infrastructure projec

Answer 73

``` public class HelloWorldExample extends HttpServlet { @Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { // Set the response message's MIME type. response.setContentType("text/html;charset=UTF-8"); // Allocate a output writer to write the response message into the network socket. PrintWriter out = response.getWriter(); ``` ``` // Use a ResourceBundle for localized string in "LocalStrings_xx.properties" for i18n. // The request.getLocale() sets the locale based on the "Accept-Language" request header. ResourceBundle rb = ResourceBundle.getBundle("LocalStrings", request.getLocale()); // To test other locales. //ResourceBundle rb = ResourceBundle.getBundle("LocalStrings", new Locale("fr")); ``` ``` // Write the response message, in an HTML document. try { out.println(""); // HTML 5 out.println(""); out.println(""); String title = rb.getString("helloworld.title"); out.println("" + title + ""); out.println(""); out.println("

" + title + "

"); // Prints "Hello, world!" // Set a hyperlink image to refresh this page out.println("

"); out.println(""); } finally { out.close(); // Always close the output writer } } } ``` ``` // Do the same thing for GET and POST requests @Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { doGet(request, response); } ```

Answer 74

PayPal: sole developer handling all production bugs code-related or not - panic mode Debugging production bugs - required lots of logging SSO integration had no sandbox so required production PayPal credentials to log into dev/QA environments the "right" way things kept changing - people, technologies, etc. SOAP, OAuth, OpenID, log EVERYTHING start to finish don't panic during "emergencies" - often does more harm than good

Answer 75

REST API security enhancements thinking in a stateless REST manner is very different than a typical stateful session state of mind persisting "token" info, API naming, etc.

Answer 76

Disclosure issue - multiple templates for each brand ``` Singleton service with multiple endpoints.. First call to service would work, second just wouldn't process JAX-WS BindingProvider's request context map endpoint address property // couldn’t reuse BindingProvider! public PayResponse pay(PayRequest request, String paymentType) throws PPFaultMessage, IOException { AdaptivePaymentsPortType ap = setupSoapClient(paymentType.equals(TOPUP_NS_TO_PP)); ((BindingProvider)ap).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, baseEndpoint + "Pay"); return ap.pay(request); } ```

Answer 77

integration tests - using and adding to DSL that Todd created for easy account creation for test setup getting to learn all parts of the project from legal to settlement since manager left and I was expert on topic

Answer 78

None really although I did find I had to set boundaries with the project's BA so that I was not notified of every single issue that arose (code-related or not) after the project had ended for me. It was hard not to get sucked into that and I had other projects I needed to focus on.

Answer 79

Scoping. I tend to be way too optimistic despite knowing that business requirements almost always change and I almost never get to spend an entire day on the project at hand (helping with off-shore questions, old project questions, etc.). Sometimes I wait a little too long before asking for help. In some cases this works out but in many cases it's just a waste of time. There's a fine line in knowing the difference.

Answer 80

1. "How much of your day do you spend coding?" 2. "What is the ratio of testers to developers to program managers? What is the interaction like? How does project planning happen on the team?" 3. What is the technology stack? 4. Can you tell me more about the big data aspect of this job?

Answer 81

A technical interview question can be solved utilizing a five step approach: 1. Ask your interviewer questions to resolve ambiguity. 2. Design an Algorithm. 3. Write pseudocode first, but make sure to tell your interviewer that you'll eventually write "real" code. 4. Write your code at a moderate pace. 5. Test your code and carefully fix any mistakes.

Answer 82

The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates easily memorized domain names to the numerical IP addresses needed for the purpose of locating computer services and devices worldwide. The Domain Name System is an essential component of the functionality of the Internet. An often-used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating human-friendly computer hostnames into IP addresses. For example, the domain name www.example.com translates to the addresses 93.184.216.119 (IPv4) and 2606:2800:220:6d:26bf:1447:1097:aa7 (IPv6). Unlike a phone book, the DNS can be quickly updated, allowing a service's location on the network to change without affecting the end users, who continue to use the same host name. Users take advantage of this when they use meaningful Uniform Resource Locators (URLs), and e-mail addresses without having to know how the computer actually locates the services. The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their supported domains, and may delegate authority over subdomains to other name servers. This mechanism provides distributed and fault tolerant service and was designed to avoid the need for a single central database.

Answer 83

What Happens When a Browser Encounters SSL A browser attempts to connect to a website secured with SSL. The browser requests that the web server identify itself. The server sends the browser a copy of its SSL Certificate. The browser checks whether it trusts the SSL Certificate. If so, it sends a message to the server. The server sends back a digitally signed acknowledgement to start an SSL encrypted session. Encrypted data is shared between the browser and the server and https appears. Encryption Protects Data During Transmission Web servers and web browsers rely on the Secure Sockets Layer (SSL) protocol to help users protect their data during transfer by creating a uniquely encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a key pair as well as verified identification information. When a web browser (or client) points to a secured website, the server shares the public key with the client to establish an encryption method and a unique session key. The client confirms that it recognizes and trusts the issuer of the SSL Certificate. This process is known as the "SSL handshake" and it begins a secure session that protects message privacy, message integrity, and server security. Strong encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That's over a trillion times stronger. At current computing speeds, a hacker with the time, tools, and motivation to attack using brute force would require a trillion years to break into a session protected by an SGC-enabled certificate. To enable strong encryption for the most site visitors, choose an SSL Certificate that enables 128-bit minimum encryption for 99.9 percent of website visitors. Credentials Establish Identity Online Credentials for establishing identity are common: a driver's license, a passport, a company badge. SSL Certificates are credentials for the online world, uniquely issued to a specific domain and web server and authenticated by the SSL Certificate provider. When a browser connects to a server, the server sends the identification information to the browser. To view a websites' credentials: Click the closed padlock in a browser window Click the trust mark (such as a Norton Secured Seal) Look in the green address bar triggered by an Extended Validation (EV) SSL Authentication Generates Trust in Credentials Trust of a credential depends on confidence in the credential issuer, because the issuer vouches for the credential's authenticity. Certification Authorities use a variety of authentication methods to verify information provided by organizations. Symantec, the leading Certification Authority, is well known and trusted by browser vendors because of our rigorous authentication methods and highly reliable infrastructure. Browsers extend that trust to SSL Certificates issued by Symantec.

Answer 84

Types of cryptography Symmetric cryptography uses the same secret (private) key to encrypt and decrypt its data Symmetric requires that the secret key be known by the party encrypting the data and the party decrypting the data. Asymmetric Cryptography uses both a public and private key. Asymmetric allows for distribution of your public key to anyone. Using the key they can encrypt the data they want to send securely and then it can only be decoded by the person having the private key ------------------------------------------------------- Symmetric Algorithms: DES (Data Encryption Standard) Old Crypto algorithm. 64 Bits, 56 are effectively used, easy to break.3DES - derived from DES, works by cascading 3 instances of DES. This is slow 3DES derived from DES, works by cascading 3 instances of DES. This is slow AES (Advanced Encryption Standard) Successor of DES. Accepts 128, 192, 256 bits. When in doubt use AES. This is supported after JDK 1.4 onward

Answer 85

private static byte[] key = { 0x74, 0x68, 0x69, 0x73, 0x49, 0x73, 0x41, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x4b, 0x65, 0x79 };//"thisIsASecretKey"; ``` public static String encrypt(String strToEncrypt) { try { Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); final SecretKeySpec secretKey = new SecretKeySpec(key, "AES"); cipher.init(Cipher.ENCRYPT_MODE, secretKey); final String encryptedString = Base64.encodeBase64String(cipher.doFinal(strToEncrypt.getBytes())); return encryptedString; } catch (Exception e) { log.error("Error while encrypting", e); } return null; ``` } ``` public static String decrypt(String strToDecrypt) { try { Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING"); final SecretKeySpec secretKey = new SecretKeySpec(key, "AES"); cipher.init(Cipher.DECRYPT_MODE, secretKey); final String decryptedString = new String(cipher.doFinal(Base64.decodeBase64(strToDecrypt))); return decryptedString; } catch (Exception e) { log.error("Error while decrypting", e); ``` } return null; }

Answer 86

First, you open your Web browser and connect to our Web site. When you do this, your computer sends an electronic request over your Internet connection to your Internet service provider (ISP). The ISP routes the request to a server further up the chain on the Internet. Eventually, the request will hit a domain name server (DNS). This server will look for a match for the domain name you've typed in (such as www.howstuffworks.com). If it finds a match, it will direct your request to the proper server's IP address. If it doesn't find a match, it will send the request further up the chain to a server that has more information. The request will eventually come to our Web server. Our server will respond by sending the requested file in a series of packets. Packets are parts of a file that range between 1,000 and 1,500 bytes. Packets have headers and footers that tell computers what's in the packet and how the information fits with other packets to create an entire file. Each packet travels back up the network and down to your computer. Packets don't necessarily all take the same path -- they'll generally travel the path of least resistance. That's an important feature. Because packets can travel multiple paths to get to their destination, it's possible for information to route around congested areas on the Internet. In fact, as long as some connections remain, entire sections of the Internet could go down and information could still travel from one section to another -- though it might take longer than normal. When the packets get to you, your device arranges them according to the rules of the protocols. It's kind of like putting together a jigsaw puzzle. The end result is that you see this article.

Answer 87

public class SimpleThreadPool { ``` public static void main(String[] args) { ExecutorService executor = Executors.newFixedThreadPool(5); for (int i = 0; i ```

Answer 88

Initial Thread Application logic begins (in standard program it would be the thread that invokes the main method). For Swing it creates a Runnable object that initializes the GUI and schedules that object for execution on the event dispatch thread using SwingUtilities.invokeLater( new Runnable() { public void run() { createAndShowGUI(); } } invokeLater schedules the task and then returns. invokeAndWait waits for the task to finish before returning. ``` Worker Thread (via SwingWorker) For processes that are going to take a long time ``` Event Dispatch Thread Needed bc most Swing object methods are not thread-safe. If API does not indicate a method is thread-safe then it must be called from the event dispatch thread. Most processing occurs on this thread. Every process must be quick so that user interaction time is not impacted. All user event processing is handled on this thread.

Answer 89

To deploy your beans, you have to specify (nearly) everything about them in a file called ejb-jar.xml. This file will be stored in the META-INF directory in your ejb-jar file. The content and syntax of this file in specified in the ejb1.1 specification (16.5 Deployment descriptor DTD, pp 244-259). An important point is that the specification does not allow you to add vendor-specific configuration in this file. While the ejb-jar.xml is sufficient for most applications, there may be cases where you want to add JBoss-specific information in your deployment descriptor. This can be done by providing another file named jboss.xml in the META-INF directory. Note that this file is almost NEVER required by JBoss: JBoss will always provide a standard behaviour when no jboss.xml file is found. JBoss does that by first processing a standardjboss.xml file which contains the standard configuration. ``` [jboss] [enterprise-beans] [session] [ejb-name]ShoppingCart[/ejb-name] [jndi-name]ShoppingCart[/jndi-name] [clustered]true[/clustered] [cluster-config] [partition-name]DefaultPartition[/partition-name] [load-balance-policy] org.jboss.ha.framework.interfaces.RandomRobin [/load-balance-policy] [/cluster-config] [security-domain]tutorial-test[/security-domain] [/session] [session] [ejb-name]StatelessTest[/ejb-name] [jndi-name]StatelessTest[/jndi-name] [/session] [message-driven] [ejb-name]SimpleMessageBean[/ejb-name] [destination-jndi-name]queue/MyQueue[/destination-jndi-name] [/message-driven] [/enterprise-beans] [/jboss] ``` -- default standardjboss.xml (for when jboss.xml not defined) [?xml version="1.0" encoding="UTF-8"?] [!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.2//EN" "http://www.jboss.org/j2ee/dtd/jboss_3_2.dtd"] [jboss] [!-- ... --] [container-configurations] [container-configuration] [container-name]Standard CMP 2.x EntityBean[/container-name] [call-logging]false[/call-logging] [invoker-proxy-binding-name]entity-rmi-invoker[/invoker-proxy-binding-name] [sync-on-commit-only]false[/sync-on-commit-only] [container-interceptors] [interceptor] org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor [/interceptor] [interceptor]org.jboss.ejb.plugins.LogInterceptor[/interceptor] [interceptor]org.jboss.ejb.plugins.SecurityInterceptor[/interceptor] [interceptor]org.jboss.ejb.plugins.TxInterceptorCMT[/interceptor] [interceptor metricsEnabled="true"] org.jboss.ejb.plugins.MetricsInterceptor [/interceptor] [interceptor]org.jboss.ejb.plugins.EntityCreationInterceptor[/interceptor] [interceptor]org.jboss.ejb.plugins.EntityLockInterceptor[/interceptor] [interceptor]org.jboss.ejb.plugins.EntityInstanceInterceptor[/interceptor] [interceptor] org.jboss.ejb.plugins.EntityReentranceInterceptor [/interceptor] [interceptor] org.jboss.resource.connectionmanager.CachedConnectionInterceptor [/interceptor] [interceptor] org.jboss.ejb.plugins.EntitySynchronizationInterceptor [/interceptor] [interceptor] org.jboss.ejb.plugins.cmp.jdbc.JDBCRelationInterceptor [/interceptor] [/container-interceptors] [instance-pool] org.jboss.ejb.plugins.EntityInstancePool [/instance-pool] [instance-cache] org.jboss.ejb.plugins.InvalidableEntityInstanceCache [/instance-cache] [persistence-manager] org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager [/persistence-manager] [locking-policy] org.jboss.ejb.plugins.lock.QueuedPessimisticEJBLock [/locking-policy] [container-cache-conf] [cache-policy] org.jboss.ejb.plugins.LRUEnterpriseContextCachePolicy [/cache-policy] [cache-policy-conf] [min-capacity]50[/min-capacity] [max-capacity]1000000[/max-capacity] [overager-period]300[/overager-period] [max-bean-age]600[/max-bean-age] [resizer-period]400[/resizer-period] [max-cache-miss-period]60[/max-cache-miss-period] [min-cache-miss-period]1[/min-cache-miss-period] [cache-load-factor]0.75[/cache-load-factor] [/cache-policy-conf] [/container-cache-conf] [container-pool-conf] [MaximumSize]100[/MaximumSize] [/container-pool-conf] [commit-option]B[/commit-option] [/container-configuration] [!-- ... --] [/container-configurations] [/jboss]

Answer 90

NetSpend Outbound Access Host J2EE application that functions as the gateway for initating external partner connectivity. Te system is implemented as a JBoss server with an FTP service and various components (modules) deployed as EJBs

Answer 91

Generic Message Processor Handles messages that come from 3 different switching providers (MasterCard, Pulse, Elan). All messages come in the form of ISO-8583 spec

Answer 92

Part 1: Messages, data elements and code values[1] Part 2: Application and registration procedures for Institution Identification Codes (IIC)[2] Part 3: Maintenance procedures for messages, data elements and code value

Answer 93

High-performance cryptography and key management Protect your business and its financial data with the HP Network Security Processor (NSP). This secure, tamper-resistant hardware security module (HSM) for cryptographic processing solutions on automatic teller machine, electronic fund transfer, and point-of-sale networks delivers high-performing cryptography and key management capabilities for card payment authorization and real-time fraud prevention. And it meets critical financial services industry, PCI-DSS, and NIST standards for security and compliance.

Answer 94

Memcached is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering. Memcached is a general-purpose distributed memory caching system. It is often used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source (such as a database or API) must be read. Memcached runs on Unix, Linux, Windows and Mac OS X and is distributed under a permissive free software license.[3] Memcached's APIs provide a giant hash table distributed across multiple machines. When the table is full, subsequent inserts cause older data to be purged in least recently used (LRU) order.[4][5] Applications using Memcached typically layer requests and additions into RAM before falling back on a slower backing store, such as a database.

Answer 95

Lists the contents of a directory. - l use a long listing format - a all, including hidden (starting with .) - t sort by modification time, newest first

Answer 96

grep -r -i "ramesh" *.txt - r search in all files recursively - i ignore case

Answer 97

java is a software only platform, which runs on top of other hardware-based platforms like UNIX, NT, etc. The Java platform has 2 components: 1) Java Virtual Machine (JVM) - 'JVM' is a software that can be ported onto various hardware platforms. Byte codes are the machine language of the JVM. 2) Java Application Programming Interface (Java API)

Answer 98

Java does not support pointers Java does not support multiple inheritance bc it causes more problems than it solves Java does not support destructors but rather adds a finalize method. Java does not include structures or unions All the code in Java is encapsulated wihtin classes therefore Java does not have global variables or functions C++ requires explicit memory management, while Java includes automatic garbage collection

Answer 99

``` Class loaders are hierarchical. Classes are introduced into the JVM as they are referenced by name in a class that is already running in the JVM. So how is the very first class loaded? The very first class is specially loaded with the help of static main() method declared in your class. All the subsequently loaded classes are loaded by the classes, which are already loaded and running. A class loader creates a namespace. All JVMs include at least one class loader that is embedded within the JVM called the primordial (or bootstrap) class loader. Now let’s look at non-primordial class loaders. The JVM has hooks in it to allow user defined class loaders to be used in place of primordial class loader. Let us look at the class loaders created by the JVM. ``` Bootstrap (primordial) Loads JDK internal classes, java.* packages. (as defined in the sun.boot.class.path system property, typically loads rt.jar and i18n.jar) Extensions Loads jar files from JDK extensions directory (as defined in the java.ext.dirs system property – usually lib/ext directory of the JRE) System Loads classes from system classpath (as defined by the java.class.path property, which is set by the CLASSPATH environment variable or –classpath or –cp command line option ``` Classes loaded by Bootstrap class loader have no visibility into classes loaded by its descendants (ie Extensions and Systems class loaders). The classes loaded by system class loader have visibility into classes loaded by its parents (ie Extensions and Bootstrap class loaders). If there were any sibling class loaders they cannot see classes loaded by each other. They can only see the classes loaded by their parent class loader. For example Sibling1 class loader cannot see classes loaded by Sibling2 class loader Both Sibling1 and Sibling2 class loaders have visibilty into classes loaded by their parent class loaders (eg: System, Extensions, and Bootstrap) ``` ``` Class loaders are hierarchical and use a delegation model when loading a class. Class loaders request their parent to load the class first before attempting to load it themselves. When a class loader loads a class, the child class loaders in the hierarchy will never reload the class again. Hence uniqueness is maintained. Classes loaded by a child class loader have visibility into classes loaded by its parents up the hierarchy but the reverse is not true as explained in the above diagram. Important: Two objects loaded by different class loaders are never equal even if they carry the same values, which mean a class is uniquely identified in the context of the associated class loader. This applies to singletons too, where each class loader will have its own singleton. ```

Answer 100

``` Static: Car c = new Jeep(); ``` ``` Dynamc: Dynamic loading is a technique for programmatically invoking the functions of a class loader at run time. Let us look at how to load classes dynamically. ``` Class.forName (String className); //static method which returns a Class

Answer 101

``` When a class is loaded, all blocks that are declared static and don’t have function name (i.e. static initializers) are executed even before the constructors are executed. As the name suggests they are typically used to initialize static fields. ``` ``` public class StaticInitilaizer { public static final int A = 5; public static final int B; //Static initializer block, which is executed only once when the class is loaded. static { if(A == 5) B = 10; else B = 5; } public StaticInitilaizer(){} // constructor is called only after static initializer block } ```

Answer 102

Inheritance is uni-directional. For example House is a Building. But Building is not a House. Inheritance uses extends key word. ``` Composition: is used when House has a Bathroom. It is incorrect to say House is a Bathroom. Composition simply means using instance variables that refer to other objects. The class House will have an instance variable, which refers to a Bathroom object. Composition is an association in which one class belongs to a collection. This is a part of a whole relationship where a part cannot exist without a whole. If a whole is deleted then all parts are deleted. For example An order is a whole and line items are parts. If an order deleted then all corresponding line items for that order should be deleted. So composition has a stronger relationship ``` Aggregation Aggregation is an association in which one class belongs to a collection. This is a part of a whole relationship where a part can exist without a whole. For example a line item is a whole and product is a part. If a line item is deleted then corresponding product need not be deleted. So aggregation has a weaker relationship.

Answer 103

``` The key interfaces used by the collection framework are List, Set and Map. The List and Set extends the Collection interface. Should not confuse the Collection interface with the Collections class which is a utility class. A Set is a collection with unique elements and prevents duplication within the collection. HashSet and TreeSet are implementations of a Set interface. A List is a collection with an ordered sequence of elements and may contain duplicates. ArrayList, LinkedList and Vector are implementations of a List interface. The Collection API also supports maps, but within a hierarchy distinct from the Collection interface. A Map is an object that maps keys to values, where the list of keys is itself a collection object. A map can contain duplicate values, but the keys in a map must be distinct. HashMap, TreeMap and Hashtable are implementations of a Map interface. How to implement collection ordering? SortedSet and SortedMap interfaces maintain sorted order. The classes, which implement the Comparable interface, impose natural order. For classes that don’t implement comparable interface, or when one needs even more control over ordering based on multiple attributes, a Comparator interface should be used. Design pattern: What is an Iterator? An Iterator is a use once object to access the objects stored in a collection. Iterator design pattern (aka Cursor) is used, which is a behavioural design pattern that provides a way to access elements of a collection sequentially without exposing its internal representation. ```

Answer 104

Use ArrayLists, HashMap etc as opposed to Vector, Hashtable etc, where possible to avoid any synchronization overhead. Even better is to use just arrays where possible. If multiple threads concurrently access a collection and at least one of the threads either adds or deletes an entry into the collection, then the collection must be externally synchronized. This is achieved by: Map myMap = Collections.synchronizedMap (myMap); List myList = Collections.synchronizedList (myList); - Set the initial capacity of a collection appropriately (e.g. ArrayList, HashMap etc). This is because collection classes like ArrayList, HashMap etc must grow periodically to accommodate new elements. But if you have a very large array, and you know the size in advance then you can speed things up by setting the initial size appropriately. For example: HashMaps/Hashtables need to be created with sufficiently large capacity to minimise rehashing (which happens every time the table grows). HashMap has two parameters initial capacity and load factor that affect its performance and space requirements. Higher load factor values (default load factor of 0.75 provides a good trade off between performance and space) will reduce the space cost but will increase the lookup cost of myMap.get(…) and myMap.put(…) methods. When the number of entries in the HashMap exceeds the current capacity * loadfactor then the capacity of the HasMap is roughly doubled by calling the rehash function. It is also very important not to set the initial capacity too high or load factor too low if iteration performance or reduction in space is important. - Program in terms of interface not implementation: For example you might decide a LinkedList is the best choice for some application, but then later decide ArrayList might be a better choice for performance reason. Use: List list = new ArrayList(100); //program in terms of interface & set the initial capacity. Instead of: ArrayList list = new ArrayList(); - Avoid storing unrelated or different types of objects into same collection: This is analogous to storing items in pigeonholes without any labelling. To store items use value objects or data objects (as oppose to storing every attribute in an ArrayList or HashMap). Provide wrapper classes around your collection API classes like ArrayList, Hashmap etc as shown in better approach column. Also where applicable consider using composite design pattern, where an object may represent a single object or a collection of objects. Refer Q52 in Java section for UML diagram of a composite design pattern. CO

Answer 105

Choosing the right type of collection based on the need, for example if size is fixed, we might want to use Array over ArrayList. If we have to iterate over the Map in order of insertion, we need to use TreeMap. If we don’t want duplicates, we should use Set. Some collection classes allows to specify the initial capacity, so if we have an estimate of number of elements we will store, we can use it to avoid rehashing or resizing. Write program in terms of interfaces not implementations, it allows us to change the implementation easily at later point of time. Always use Generics for type-safety and avoid ClassCastException at runtime. Use immutable classes provided by JDK as key in Map to avoid implementation of hashCode() and equals() for our custom class. Use Collections utility class as much as possible for algorithms or to get read-only, synchronized or empty collections rather than writing own implementation. It will enhance code-reuse with greater stability and low maintainability

Answer 106

Comparable and Comparator interfaces are used to sort collection or array of objects.Comparable interface is used to provide the natural sorting of objects and we can use it to provide sorting based on single logic. Comparator interface is used to provide different algorithms for sorting and we can chose the comparator we want to use to sort the given collection of objects.

Answer 107

We can create a read-only collection using Collections.unmodifiableCollection(Collection c) method before passing it as argument, this will make sure that any operation to change the collection will throw UnsupportedOperationException.

Answer 108

We can use Collections.synchronizedCollection(Collection c) to get a synchronized (thread-safe) collection backed by the specified collection.

Answer 109

static abstract synchronized transient final - classes cannot be extended, methods cannot be overridden, variables become constants volatile used on member variables that may be modified simultaneously by other threads. Since other threads cannot see local variables, there is no need to mark local variables as volatile. E.g. volatile int number; volatile private List listItems = null; etc. The modifier volatile only synchronizes the variable marked as volatile whereas “synchronized” modifier synchronizes all variables.

Answer 110

``` Depth first: requires LIFO (Last In First Out) policy, implemented with a Stack ``` ``` Breadth first: requires FIFO (First In First Out) policy, implemented with a Queue ``` Algorithm is the same either way: //recursively traverse the tree with //a stack of nodes (LIFO) public static void depthFirstSearch(Stack stack){ if (stack.isEmpty()) return; Node node = (Node)stack.pop(); System.out.println ("popping node: " + node); if (node.right!=null) stack.push(node.right); if (node.left!=null) stack.push(node.left); depthFirstSearch (stack); } //Recursively traverse the tree with //a queue of nodes (FIFO) public static void breadthFirstSearch (Queue queue) if (queue.isEmpty()) return; Node node = (Node)queue.poll(); System.out.println ("polling node: " + node); if (node.right!=null) queue.offer(node.right); if (node.left!=null) queue.offer(node.left); breadthFirstSearch (queue); }

Answer 111

There are different solutions and approaches. 1) Centralized Store There's the concept of a centralized store for session state (database, memcached, shared file system, etc.). 2) Cluster Wide Caching Systems There are also cluster wide caching systems available that make local data available to all of the machines in the cluster. Conceptually it's similar to the centralized session state store, but this data isn't persistent. Rather it lives within the individual nodes and is replicated using some mechanism provided by your provider. (must serialize all needed data so that it can be replicated across machines) 3) Server Pinning Another method is server pinning. When a client hits the cluster the first time, some mechanism (typically a load balancer fronting the cluster) pins the client to a specific server. In a typical client lifespan, that client will spend their entire time on a single machine. For the failover mechanism, each machine of the cluster is paired with another machine, and so any session changes are shared with the paired machine. Should the clients pinned machine encounter an issue, the client will hit another machine. At this point, perhaps due to cookies, the new machine sees that it's not the original machine for the client, so it pings both the original machine, and the paired machine for the clients session data. At that point the client may well be pinned to the new machine

Answer 112

Much more performant!! - They work better for concurrency (you don't need to lock something that can't change!) - They reduce errors: mutable objects are vulnerable to being changed when you don't expect it which can introduce all kinds of strange bugs ("action at a distance") - They can be safely shared (i.e. multiple references to the same object) which can reduce memory consumption and improve cache utilisation. - Sharing also makes copying a very cheap O(1) operation when it would be O(n) if you have to take a defensive copy of a mutable object. This is a big deal because copying is an incredibly common operation (e.g. whenever you want to pass parameters around....) Minor Disadvantages: - Operations that create a changed string like concatenation are more expensive because you need to construct new objects. Typically the cost is O(n+m) for concatenating two immutable Strings, though it can go as low as O(log (m+n)) if you use a tree-based string data structure like a Rope. Plus you can always use special tools like Java's StringBuilder if you really need to concatenate Strings efficiently. - A small change on a large string can result in the need to construct a completely new copy of the large String, which obviously increases memory consumption. Note however that this isn't usually a big issue in garbage-collected languages since the old copy will get garbage collected pretty quickly if you don't keep a reference to it.

Answer 113

Advantages: - Because dependency injection doesn't require any change in code behavior it can be applied to legacy code as a refactoring. The result is more independent clients that are easier to unit test in isolation using stubs or mock objects that simulate other objects not under test. This ease of testing is often the first benefit noticed when using dependency injection. - Dependency injection allows a client to remove all knowledge of a concrete implementation that it needs to use. This helps isolate the client from the impact of design changes and defects. It promotes reusability, testability and maintainability - Dependency injection can be used to externalize a system's configuration details into configuration files allowing the system to be reconfigured without recompilation. Separate configurations can be written for different situations that require different implementations of components. This includes, but is not limited to, testing. - Reduction of boilerplate code in the application objects since all work to initialize or set up dependencies is handled by a provider component. - Dependency injection allows concurrent or independent development. Two developers can independently develop classes that use each other, while only needing to know the interface the classes will communicate through. Plugins are often developed by third party shops that never even talk to the developers who created the product that uses the plugins. Disadvantages: Dependency injection can make code difficult to trace (read) because it separates behavior from construction. This means developers must refer to more files to follow how a system performs

Answer 114

EJBs are better if you need to perform number of calls which should be done in one transaction (in theory we have transactional web services, but not every implementation provides them), (stateful) EJBs shine when it comes to transaction management. Almost anytime you need statefulness EJB would be better then Web Service; you need performence - Web Services are slow - they use XML/JSON pushed through HTTP, RMI over IIOP protocol used by EJB is way more efficient; you need to connect to some legacy system which uses outdated spec for Java Web Services (ugly Axis 1.0 stuff, not compatible with JAX-WS) it can be a nightmare to connect everything with web services, deal with not compatible WSDL definitions, strange SOAP envelopes. EJBs are backward compatible, old EJB 2 could be connected without any problem with EJB 3.1; modern EJBs (EJB 3.X) can expose their interface as a JAX-WS SOAP/WSDL service or JAX-RS REST service by adding two or three simple annotations Why (REST) Web services are so popular then? EJBs can be connected only to another Java application. Majority of modern Rich Internet Applications are written in JavaScript, so the only way to connect them with any backend is to use some kind of web service (usually REST + JSON). For such applications EJBs are pretty useless.

Answer 115

Better concurrency alternative to wait and notify - simplifies code 1) You can not reuse CountDownLatch once count is reaches to zero, this is the main difference between CountDownLatch and CyclicBarrier (CountDownLatch is good for one time event like application start-up time and CyclicBarrier can be used in case of recurrent event e.g. concurrently calculating solution of big problem etc) Read more: http://javarevisited.blogspot.com/2012/07/cyclicbarrier-example-java-5-concurrency-tutorial.html#ixzz3fiWUNetv) 2) Main Thread wait on Latch by calling CountDownLatch.await() method while other thread calls CountDownLatch.countDown() to inform that they have completed. Read more: http://javarevisited.blogspot.com/2012/07/countdownlatch-example-in-java.html#ixzz3fiVr9c5r http://javarevisited.blogspot.com/2012/07/countdownlatch-example-in-java.html ``` // main class code here final CountDownLatch latch = new CountDownLatch(3); Thread cacheService = new Thread(new Service("CacheService", 1000, latch)); Thread alertService = new Thread(new Service("AlertService", 1000, latch)); Thread validationService = new Thread(new Service("ValidationService", 1000, latch)); ``` ``` try{ latch.await(); //waiting on CountDownLatch to finish (get to 0) }catch(InterruptedException ie){ ie.printStackTrace(); } ``` // Service class here class Service implements Runnable { @Override public void run() { System.out.println( name + " is Up"); latch.countDown(); //reduce count of CountDownLatch by 1 } }

Answer 116

An InputStream is the raw method of getting information from a resource. It grabs the data byte by byte without performing any kind of translation. If you are reading image data, or any binary file, this is the stream to use. A Reader is designed for character streams. If the information you are reading is all text, then the Reader will take care of the character decoding for you and give you unicode characters from the raw input stream. If you are reading any type of text, this is the stream to use. You can wrap an InputStream and turn it into a Reader by using the InputStreamReader class. Reader reader = new InputStreamReader(inputStream);

Answer 117

Java stores strings internally as UTF-16 and uses 2 bytes (16 bits) for each character.

Answer 118

ASCII: unaccented English letters, and we had a code for them called ASCII which was able to represent every character using a number between 32 and 127. Space was 32, the letter "A" was 65, etc. This could conveniently be stored in 7 bits Because bytes have room for up to eight bits (2^8 = 256), lots of people got to thinking, "gosh, we can use the codes 128-255 for our own purposes." The trouble was, lots of people had this idea at the same time, and they had their own ideas of what should go where in the space from 128 to 255. Eventually this OEM free-for-all got codified in the ANSI standard. In the ANSI standard, everybody agreed on what to do below 128, which was pretty much the same as ASCII, but there were lots of different ways to handle the characters from 128 and on up, depending on where you lived. These different systems were called code pages. So for example in Israel DOS used a code page called 862, while Greek users used 737. They were the same below 128 but different from 128 up, where all the funny letters resided Every platonic letter in every alphabet is assigned a magic number by the Unicode consortium which is written like this: U+0639. This magic number is called a code point. The U+ means "Unicode" and the numbers are hexadecimal. U+0639 is the Arabic letter Ain. The English letter A would be U+0041. There is no real limit on the number of letters that Unicode can define and in fact they have gone beyond 65,536 so not every unicode letter can really be squeezed into two bytes, but that was a myth anyway. Thus was invented the brilliant concept of UTF-8. UTF-8 was another system for storing your string of Unicode code points, those magic U+ numbers, in memory using 8 bit bytes. In UTF-8, every code point from 0-127 is stored in a single byte. Only code points 128 and above are stored using 2, 3, in fact, up to 6 bytes. http://www.joelonsoftware.com/articles/Unicode.html

Answer 119

It does not make sense to have a string without knowing what encoding it uses. You can no longer stick your head in the sand and pretend that "plain" text is ASCII. If you have a string, in memory, in a file, or in an email message, you have to know what encoding it is in or you cannot interpret it or display it to users correctly. The traditional store-it-in-two-byte methods are called UCS-2 (because it has two bytes) or UTF-16 (because it has 16 bits), and you still have to figure out if it's high-endian UCS-2 or low-endian UCS-2. And there's the popular new UTF-8 standard which has the nice property of also working respectably if you have the happy coincidence of English text and braindead programs that are completely unaware that there is anything other than ASCII. If there's no equivalent for the Unicode code point you're trying to represent in the encoding you're trying to represent it in, you usually get a little question mark: ? or, if you're really good, a box. Which did you get? -> � How do we preserve this information about what encoding a string uses? Well, there are standard ways to do this. For an email message, you are expected to have a string in the header of the form Content-Type: text/plain; charset="UTF-8"

Answer 120

base-10 For example, 6,357 has four digits. It is understood that in the number 6,357, the 7 is filling the "1s place," while the 5 is filling the 10s place, the 3 is filling the 100s place and the 6 is filling the 1,000s place. So you could express things this way if you wanted to be explicit: (6 * 1000) + (3 * 100) + (5 * 10) + (7 * 1) = 6000 + 300 + 50 + 7 = 6357 Another way to express it would be to use powers of 10. Assuming that we are going to represent the concept of "raised to the power of" with the "^" symbol (so "10 squared" is written as "10^2"), another way to express it is like this: (6 * 10^3) + (3 * 10^2) + (5 * 10^1) + (7 * 10^0) = 6000 + 300 + 50 + 7 = 6357 What you can see from this expression is that each digit is a placeholder for the next higher power of 10, starting in the first digit with 10 raised to the power of zero. base-2 (binary number system) bits have only two possible values: 0 and 1. Therefore, a binary number is composed of only 0s and 1s, like this: 1011. How do you figure out what the value of the binary number 1011 is? You do it in the same way we did it above for 6357, but you use a base of 2 instead of a base of 10. So: (1 * 2^3) + (0 * 2^2) + (1 * 2^1) + (1 * 2^0) = 8 + 0 + 2 + 1 = 11 You can see that in binary numbers, each bit holds the value of increasing powers of 2.

Answer 121

URLs can only be sent over the Internet using the ASCII character-set. Since URLs often contain characters outside the ASCII set, the URL has to be converted into ASCII. URL encoding converts characters into a format that can be transmitted over the Internet. URL encoding replaces non ASCII characters with a "%" followed by hexadecimal digits. URLs cannot contain spaces. URL encoding normally replaces a space with a plus (+) sign, or %20.

Answer 122

A thread dump is a list of all the Java threads that are currently active in a Java Virtual Machine (JVM). How can I take thread dumps from a JVM on Unix or Windows? It is highly recommended to take more than 1 thread dump. A good practice is to take 10 thread dumps at a regular interval (eg. 1 thread dump every 10 seconds). Request a Thread Dump from the JVM jstack If installed/available, we recommend using the jstack tool. It prints thread dumps to the command line console.

Answer 123

sql injection, cross site scripting (XSS), XSRF

Answer 124

cross-site scripting (XSS): There are two main varieties of XSS vulnerabilities we need to consider when planning our defenses: Stored XSS occurs when data you submit to a website is persisted (on disk or in RAM) across requests, usually with the goal of executing when a privileged user access a particular web page. Reflective XSS occurs when a particular page can be used to execute arbitrary code, but it does not persist the attack code across multiple requests. Since an attacker needs to send a user to a specially crafted URL for the code to run, reflective XSS usually requires some social engineering to pull off. Cross-Site Scripting vulnerabilities can be used by an attacker to accomplish a long list of potential nefarious goals, including: Steal your session identifier so they can impersonate you and access the web application. Redirect you to a phishing page that gathers sensitive information. Install malware on your computer (usually requires a 0day vulnerability for your browser and OS). Perform tasks on your behalf (i.e. create a new administrator account with the attacker's credentials). prevention: Brief XSS Mitigation Guide If your framework has a templating engine that offers automatic contextual filtering, use that. echo htmlentities($string, ENT_QUOTES | ENT_HTML5, 'UTF-8'); is a safe and effective way to stop all XSS attacks on a UTF-8 encoded web page, but doesn't allow any HTML. If your requirements allow you to use Markdown instead of HTML, don't use HTML. If you need to allow some HTML and aren't using a templating engine (see #1), use HTML Purifier.

Answer 125

SQL injection: It is the type of attack that takes advantage of improper coding of your web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database. Prevention: The primary defenses that are used to fight include, • Prepared Statements (Parameterized Queries) - Parameterized queries force developers to define all the SQL code, then pass in each parameter to the query, which allows the database to distinguish between code and data, regardless of what input is supplied. • Stored Procedures - a stored procedure is defined and stored in the database itself, and then called from the application rather than something that a user is allowed to enter. • Escaping all User Supplied Input - Each DBMS supports one or more character escaping schemes specific to certain kinds of queries. If you then escape all user supplied input using the proper escaping scheme for the database you are using, the DBMS will not confuse that input with SQL code written by the developer, thus avoiding any possible SQL injection vulnerabilities. Additional Defenses include • Least Privilege – or minimizing the privileges assigned to every database account, so that users have enough permission to do their job, but no more. • White List Input Validation - Input validation is used to detect unauthorized input before it is processed by the application, thereby preventing the attack

Answer 126

Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts. Prevention:

Answer 127

Cross-origin resource sharing: mechanism that allows restricted resources (e.g. fonts, JavaScript, etc.) on a web page to be requested from another domain outside the domain from which the resource originated ``` public class CORSResponseFilter implements ContainerResponseFilter { ``` public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { MultivaluedMap headers = responseContext.getHeaders(); headers.add("Access-Control-Allow-Origin", "*"); //headers.add("Access-Control-Allow-Origin", "http://podcastpedia.org"); //allows CORS requests only coming from podcastpedia.org headers.add("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT"); headers.add("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia"); } } CORS vs jsonp (jsonp supported by jquery - server must support it and define a callback to use): - If you need to support IE

Answer 128

Streaming Replication (SR) provides the capability to continuously ship and apply the WAL (write-ahead logs) XLOG records to some number of standby servers in order to keep them current. SR was added to PostgresSQL 9.0. CST team was using 9.1 and often had a 8 hour lag instead of the expected milliseconds. As of 7/12/15 Postgres was up to 9.4.

Answer 129

VPC - Virtual Private Cloud Redshift (data warehouse db) - we used this for segment.io data RDS (relational db) DynamoDB (NoSQL db) S3 (storage) Glacier (archive/backup storage) Lambda - runs your code in response to events - only pay for when your code runs ElasticCache - in-memory cache IAM (Identity and Access Management) - user management CloudTrail - records AWS API calls and sends logs to you Key Management Service - create and control encryption keys - Atalla replacement?? SQS - Simple Queue Service Elastic Transcoder - transcodes media SES - Simple Email Service FPS - Flexible Payment Service Elastic Beanstalk - *free* - you pay for the underlying resources, Beanstalk is the easy-to-use service for deploying and scaling web applications and services Route53 DNS: http://aws.amazon.com/route53/

Answer 130

command line utilities ``` sed (stream editor) - regex based text substitution (s/ar/ra) can do deletions (useful for stripping out info not interested in for command line consumption - only delete it from file if you tell it to) ``` awk - utility for processing text files considers each file as a set of records, which by default are the lines in the file. "awk" enables you to create a condition and action pair, and for each record that matches the condition, the action will fire (action written in AWK language) Example of using both: looking into what aid-profile is doing: cat support.atlassian.com_access.2015-02-04.log | sed '1,/2015:20:17/d;/2015:20:18/,$d' | grep 172.26.21.12 | awk '{print substr($4,2,17)" "$6" "$7}' | grep -o ".*/[^?]*" | sort | uniq -c | sort -nr | head -n15

Answer 131

``` # of SAC users: 280,374 total, 280,301 active (as of 2/23/15) # of SAC attachments (250 MB limit - purged 90 days after ticket closed): ``` Performance measurements: 10-15s loads = yellow 15-20s loads = red and warrants restart. single machine, considered clustering and/or moving to AWS 8 cores/processors, 6 GB of RAM

Answer 132

nproc Print the number of available processors. Print the number of processing units available to the current process, which may be less than the number of online processors. If this information is not accessible, then print the number of processors installed. cat /proc/cpuinfo lists out all the cpu info - number of cores, descriptions of each, etc. netstat displays network connections for the Transmission Control Protocol (both incoming and outgoing), routing tables, and a number of network interface (network interface controller or software-defined network interface) and network protocol statistics

Answer 133

The Transmission Control Protocol (TCP) is a core protocol of the Internet Protocol Suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets between applications running on hosts communicating over an IP network. TCP is the protocol that major Internet applications such as the World Wide Web, email, remote administration and file transfer rely on. Applications that do not require reliable data stream service may use the User Datagram Protocol (UDP), which provides a connectionless datagram service that emphasizes reduced latency over reliability. tcp6 (in netstat output, for example) refers to the TCP/IP version 6 (IPv6) protocol that your apache is using to connect to the external host. Just tcp would mean that the TCP/IP version 4 (IPv4) that is being used tcp states: LISTEN (server) represents waiting for a connection request from any remote TCP and port. SYN-SENT (client) represents waiting for a matching connection request after having sent a connection request. SYN-RECEIVED (server) represents waiting for a confirming connection request acknowledgment after having both received and sent a connection request. ESTABLISHED (both server and client) represents an open connection, data received can be delivered to the user. The normal state for the data transfer phase of the connection. FIN-WAIT-1 (both server and client) represents waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent. FIN-WAIT-2 (both server and client) represents waiting for a connection termination request from the remote TCP. CLOSE-WAIT (both server and client) represents waiting for a connection termination request from the local user. CLOSING (both server and client) represents waiting for a connection termination request acknowledgment from the remote TCP. LAST-ACK (both server and client) represents waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request). TIME-WAIT (either server or client) represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request. [According to RFC 793 a connection can stay in TIME-WAIT for a maximum of four minutes known as a MSL (maximum segment lifetime).] CLOSED (both server and client) represents no connection state at all. tcp state diagram: https://en.wikipedia.org/wiki/Transmission_Control_Protocol#/media/File:Tcp_state_diagram_fixed_new.svg

Answer 134

1782 Atlassian's, 200 in Austin | Sydney, SF, Austin, Saigon (Ho Chi Minh City, Vietnam), Bulgaria SoftServe contractors

Answer 135

MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas (MongoDB calls the format BSON), making the integration of data in certain types of applications easier and faster. In MongoDB, the db.collection.find() method retrieves documents from a collection. [1] The db.collection.find() method returns a cursor to the retrieved documents. Filtering is an option. Document-oriented Instead of taking a business subject and breaking it up into multiple relational structures, MongoDB can store the business subject in the minimal number of documents. For example, instead of storing title and author information in two distinct relational structures, title, author, and other title-related information can all be stored in a single document called Book, which is much more intuitive and usually easier to work with.[5] Ad hoc queries MongoDB supports search by field, range queries, regular expression searches. Queries can return specific fields of documents and also include user-defined JavaScript functions. Indexing Any field in a MongoDB document can be indexed (indices in MongoDB are conceptually similar to those in RDBMSes). Secondary indices are also available. Replication MongoDB provides high availability with replica sets.[6] A replica set consists of two or more copies of the data. Each replica set member may act in the role of primary or secondary replica at any time. The primary replica performs all writes and reads by default. Secondary replicas maintain a copy of the data on the primary using built-in replication. When a primary replica fails, the replica set automatically conducts an election process to determine which secondary should become the primary. Secondaries can also perform read operations, but the data is eventually consistent by default. Load balancing MongoDB scales horizontally using sharding.[7] The user chooses a shard key, which determines how the data in a collection will be distributed. The data is split into ranges (based on the shard key) and distributed across multiple shards. (A shard is a master with one or more slaves.) MongoDB can run over multiple servers, balancing the load and/or duplicating data to keep the system up and running in case of hardware failure. Automatic configuration is easy to deploy, and new machines can be added to a running database. File storage MongoDB can be used as a file system, taking advantage of load balancing and data replication features over multiple machines for storing files. This function, called GridFS,[8] is included with MongoDB drivers and available with no difficulty for development languages (see "Language Support" for a list of supported languages). MongoDB exposes functions for file manipulation and content to developers. GridFS is used, for example, in plugins for NGINX[9] and lighttpd.[10] Instead of storing a file in a single document, GridFS divides a file into parts, or chunks, and stores each of those chunks as a separate document.[11] In a multi-machine MongoDB system, files can be distributed and copied multiple times between machines transparently, thus effectively creating a load-balanced and fault-tolerant system. Aggregation MapReduce can be used for batch processing of data and aggregation operations. The aggregation framework enables users to obtain the kind of results for which the SQL GROUP BY clause is used. Server-side JavaScript execution JavaScript can be used in queries, aggregation functions (such as MapReduce), and sent directly to the database to be executed. Capped collections MongoDB supports fixed-size collections called capped collections. This type of collection maintains insertion order and, once the specified size has been reached, behaves like a circular queue.

Answer 136

uses Spring HATEOAS to access document-based data through a hypermedia-based RESTful front end HATEOAS, an abbreviation for Hypermedia as the Engine of Application State, is a constraint of the REST application architecture that distinguishes it from most other network application architectures. The principle is that a client interacts with a network application entirely through hypermedia provided dynamically by application servers ``` $ curl http://localhost:8080 { "_links" : { "people" : { "href" : "http://localhost:8080/people{?page,size,sort}", "templated" : true } } } ```

Answer 137

MapReduce is a programming model and an associated implementation for processing and generating large data sets with a parallel, distributed algorithm on a cluster. Conceptually similar approaches have been very well known since 1995 with the Message Passing Interface standard having reduce and scatter operations.

Answer 138

When traffic comes in to an Atlassian ID enabled site, it goes through the "HARP" layer. Remember the nginx and 9 Apache instances I mentioned earlier? Those are HARP. The Apache instances sport a mod_auth_crowdsso Apache module, which is responsible for establishing a SSO session with visitors. A handy side-effect of this is that inbound requests to our application will include a special HTTP header (__ATL_USER) that indicates if an SSO user has been authenticated.

Answer 139

JIRA 6.4.6 upgrade failed: - turned out our new ansible upgrade scripts were not setting -Xms and -Xmx JVM parameters so the default (1024m) was being used for both - cpu dumps were showing residential memory at 1.3G thread dumps were showing a bunch of threads blocked on map iterator calls (had to be JVM itself based on that find) - cpu dump pids converted from base 10 to base 16 all (8 of them, 1 per core/processor) mapped to GC-owned thread ids Rollback failure: - VM snapshot of app rolled back without a problem - used replicated db as rollback SOT - should have been milliseconds behind the prod db but turned out the WAL (write ahead logs) LOGS were 8 hours behind! - should have used VM snapshot of db server instead of relying on replica - had to query against Lucene Index (via jql/REST) and compare to db queries to resolve ticket differences for those 8 hours (LUKE would have also been useful in this case - Lucene Index Toolbox) thread dump iterator blocked example: "I/O dispatcher 20" #103 daemon prio=5 os_prio=0 tid=0x00007f8768094800 nid=0x39d5 waiting for monitor entry [0x00007f86bfdfc000] java.lang.Thread.State: BLOCKED (on object monitor) at java.util.Collections$UnmodifiableCollection.iterator(Collections.java:1038) at org.apache.http.impl.nio.reactor.BaseIOReactor.validate(BaseIOReactor.java:204) at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:281) at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105) at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:584) at java.lang.Thread.run(Thread.java:745) Locked ownable synchronizers: - None cpu usage dump example (note top 8 pids and their CPU consumption): top - 14:47:13 up 132 days, 9:32, 4 users, load average: 7.57, 7.54, 6.75 Tasks: 94 total, 8 running, 86 sleeping, 0 stopped, 0 zombie Cpu(s): 18.9%us, 0.5%sy, 1.0%ni, 75.3%id, 4.1%wa, 0.0%hi, 0.1%si, 0.0%st Mem: 16429096k total, 16231496k used, 197600k free, 369768k buffers Swap: 4194300k total, 80576k used, 4113724k free, 13720064k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 14372 svc_supp 20 0 6620m 1.3g 35m R 92 8.0 7:56.64 java 14374 svc_supp 20 0 6620m 1.3g 35m R 92 8.0 7:57.34 java 14378 svc_supp 20 0 6620m 1.3g 35m R 92 8.0 7:52.34 java 14371 svc_supp 20 0 6620m 1.3g 35m R 90 8.0 7:53.18 java 14376 svc_supp 20 0 6620m 1.3g 35m R 90 8.0 7:51.73 java 14377 svc_supp 20 0 6620m 1.3g 35m R 90 8.0 7:51.44 java 14373 svc_supp 20 0 6620m 1.3g 35m R 88 8.0 7:58.40 java 14375 svc_supp 20 0 6620m 1.3g 35m R 82 8.0 7:51.55 java 14379 svc_supp 20 0 6620m 1.3g 35m S 8 8.0 1:10.83 java 14406 svc_supp 20 0 6620m 1.3g 35m S 2 8.0 0:00.47 java 14338 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:00.07 java 14370 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:00.91 java 14380 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:00.10 java 14381 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:00.08 java 14382 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:00.00 java 14383 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:30.27 java 14384 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:30.11 java 14385 svc_supp 20 0 6620m 1.3g 35m S 0 8.0 0:28.26 jav

Answer 140

Monitor will mean the thread is waiting to attain a lock on an object.

Answer 141

command for displaying process memory map - pmap will give you the process mapping of the application. It will provide details like which shared objects are in use, the memory usage for each of them et al. pstack will give you the stack trace of a process. The pmap utility lists the virtual memory mappings underlying the given process. The start address of each entry is always given, and, depending on the options given, other information such as the end address, the underlying file's device and inode numbers, and various protection information will be displayed, along with the path to the file, if such data is available. By default, pmap displays information for its parent process, so that when run from a shell prompt, the shell's memory information is displayed. If other PIDs are given as arguments on the command line, information for those processes will be printed also. If the special PID of 0 is given, then information for the kernel's memory map is printed.

Answer 142

Thread dump = stack traces for each thread in the JVM output to stdout as text. Heap dump = memory contents for the JVM process output to a binary file. To take a thread dump on Windows, CTRL+BREAK if your JVM is the foreground process is the simplest way. If you have a unix-like shell on Windows like Cygwin or MobaXterm, you can use kill -3 {pid} like you can in Unix. To take a thread dump in Unix, CTRL+C if your JVM is the foreground process or kill -3 {pid} will work as long as you get the right PID for the JVM. With either platform, Java comes with several utilities that can help. For thread dumps, jstack {pid} is your best bet. http://docs.oracle.com/javase/1.5.0/docs/tooldocs/share/jstack.html Just to finish the dump question out: Heap dumps are not commonly used because they are difficult to interpret. But, they have a lot of useful information in them if you know where/how to look at them. The most common usage is to locate memory leaks. It is a good practice to set the -D on the java command-line so that the heap dump is generated automatically upon an OutOfMemoryError. -XX:+HeapDumpOnOutOfMemoryError But, you can manually trigger a heap dump, also. The most common way is to use the java utility "jmap". Note, this utility is not available on all platforms. As of JDK 1.6, jmap is available on Windows. An example command-line would look something like jmap -dump:file=myheap.bin {pid of the JVM}.

Answer 143

Resident memory (RES or RSS in top output) is the actual memory being used. It is a combination of your app's heap memory, permgen (if Java 7 or below), and the JVM's native memory (including Metaspace memory if Java 8 or above). Resident memory can be greater than your -Xmx value set since it is more than heap memory. Java applications run in the virtualized environment of the Java runtime, but the runtime itself is a native program written in a language (such as C) that consumes native resources, including native memory. Native memory is the memory available to the runtime process, as distinguished from the Java heap memory that a Java application uses. But besides the memory consumed by your application, the JVM itself also needs some elbow room. The need for it derives from several different reasons: Garbage collection. As you might recall, Java is a garbage-collected language. In order for the garbage collector to know which objects are eligible for collection, it needs to keep track of the object graphs. So this is one part of the memory lost to this internal bookkeeping. G1 is especially known for its excessive appetite for additional memory, so be aware of this. JIT optimization. Java Virtual Machine optimizes the code during runtime. Again, to know which parts to optimize it needs to keep track of the execution of certain code parts. So again, you are going to lose memory. Off-heap allocations. If you happen to use off-heap memory, for example while using direct or mapped ByteBuffers yourself or via some clever 3rd party API then voila – you are extending your heap to something you actually cannot control via JVM configuration. JNI code. When you are using native code, for example in the format of Type 2 database drivers, then again you are loading code in the native memory. ``` Metaspace. If you are an early adopter of Java 8, you are using metaspace instead of the good old permgen to store class declarations. This is unlimited and in a native part of the JVM. ```

Answer 144

git pull assumes you are treating your local and remote branch as separate branches and it performs merges between the 2 “branches". git pull —rebase assumes you are treating your local and remote branch as one inseparable thing (this is how I always treat them) and performs commits on top of the remote branch

Answer 145

In computing, aspect-oriented programming (AOP) is a patented[1] programming paradigm that aims to increase modularity by allowing the separation of cross-cutting concerns. It does so by adding additional behavior to existing code (an advice) without modifying the code itself, instead separately specifying which code is modified via a "pointcut" specification, such as "log all function calls when the function's name begins with 'set'". This allows behaviors that are not central to the business logic (such as logging) to be added to a program without cluttering the code core to the functionality. AOP forms a basis for aspect-oriented software development. Spring makes great use of this.