Oracle Coherence states that it is "JCache-compliant". How can I take my code written against JSR-107, specifically the ehcache-jcache jar, and run it against Oracle Coherence?
Final JCache APIs are expected to be released in summer/fall 2013. Then you can expect to see those final APIs supported in Coherence.
Update (14 February 2014) - As soon as we check off some legal check-boxes, the APIs & RI & TCK are all ready to be submitted for approval, and the next version of Coherence (version 12.1.3) will include & support the final APIs.
Update (11 July 2014) - The JCache standard is done and out, and Coherence now officially supports the JCache standard; see the documentation at: http://docs.oracle.com/middleware/1213/coherence/develop-applications/jcache_part.htm
For the sake of full disclosure, I work at Oracle. The opinions and views expressed in this post are my own, and do not necessarily reflect the opinions or views of my employer.
The ehcache-jcache jar is a specific implementation of JSR-107. Coherence is not binary compatible with that implementation. Coherence is compliant with the interfaces specified in JSR-107 but provides its own implementation.
Coherence offers a huge number of features beyond JSR-107, so it would be overkill to use it just for JSR-107.
Related
Thrift API seems to be no longer supported with higher versions of Cassandra as well as AWS managed Cassandra.
Could someone please let me know what would be the best alternate option to go with?
Our application is built on Spring framework, tightly coupled with Thrift based data models at this point. So, trying to understand if there is any similar API design that could be used. Our plan is to migrate the application to AWS and use managed Cassandra on AWS.
You should absolutely be using CQL. Modern versions of Spring [Boot|Data] use and work very well with the CQL native binary protocol.
Here's a repo we built with Spring Boot that uses Spring Data underneath for access to DataStax Astra DB (managed Serverless Cassandra-as-a-Service). It should be a decent guide for you to see how the repositories and data objects are annotated, built and used.
https://github.com/datastaxdevs/workshop-ecommerce-app
To add to Aaron's response, enterprises definitely needed to get off Thrift years ago. The drivers based on Thrift API have not been maintained for 5-7 years or more so it is a massive risk to your organisation to still be using it. For example, Nate McCall (who was the Cassandra project Chair until this year) retired the Hector client in 2015 in preference for CQL. Netflix did the same for Astyanax in 2016.
For a bit of background, CQL was introduced in Apache Cassandra 0.8 all the way back to 2011 (CASSANDRA-1703) as a replacement for Thrift. It quickly evolved to CQL2 in Cassandra 1.0.
Cassandra 1.2 added CQL3 in 2012 (CASSANDRA-3761) and support for CQL2 was dropped and replaced by CQL3 in C* 2.0 in 2013 (CASSANDRA-5585). C* 2.2 stopped using Thrift in 2015 (CASSANDRA-8358, CASSANDRA-9319).
5 years after CQL was first introduced, Cassandra 4.0 completely removed Thrift in 2016 (CASSANDRA-11115). This should convince any enterprise to migrate to CQL. There hasn't been support for the Thrift API for at least 6 years and this alone should motivate organisations to get off it.
CQL has been around for 10 years now so you shouldn't have any concerns with its maturity. Cheers!
Here is an example of using Amazon Keyspaces with Spring Boot. It uses CQL and the latest drivers. Although spring is suppose to be an abstraction, you will most likely need to refactor your code.
https://github.com/aws-samples/amazon-keyspaces-examples/tree/main/java/datastax-v4/spring
My company's Sonatype scan shows Spring-Web is vulnerable even for the latest version (currently 5.2.3.RELEASE).
It reads:
"Found security vulnerability CVE-2016-1000027 with severity 9.8".
I noticed CVE-2016-1000027 is added to the NATIONAL VULNERABILITY DATABASE
on 01/02/2020, and it is in regards to
"Spring Framework 4.1.4 suffers from a potential remote code execution
(RCE) issue if used for Java deserialization of untrusted data".
Is this an obsolete ticket or has it not be resolved after 4 years?
This issue is resolved from a Spring Framework point of view, see my latest comment summarizing the situation on that issue. Your application is only vulnerable if you're using HTTPInvokerServiceExporter or RemoteInvocationSerializingExporter and reading data from untrusted sources.
Deserializing Java code from untrusted sources is a well-known problem in Java (so, all Java applications and Frameworks!), and this feature might be removed in future Java versions.
Given the nature of this security problem (there's no way to "fix it" besides removing the classes, which will be done in the next major version of Spring Framework), contacting your vendor or your security team is the best course of action. The Spring team is happy to help the community with this matter by providing more context on that issue if needed.
It seems that the new java.time API offers everything from java.util.Date and much more.
Is there any reason to use java.util.Date when the newer java.time API is there since Java 8?
Should java.util.Date and java.util.Calendar be avoided completely?
Short answer: The new API java.time is way better than the old world with java.util.Date and java.util.Calendar. So yes, the new API should be preferred in new code.
For a quick overview: Once I had written a comparison of features in table form for various date-time-libraries. There is almost no feature which java.time is missing but exists in the old world:
configurable gregorian/julian cutover
printing based on the class FieldPosition (used in Swing-component FormattedTextField)
About deprecation: Although most parts of java.util.Date are deprecated since Java 1.1, the class itself (and java.util.Calendar, too) are not officially deprecated, just declared as de facto legacy. The support of the old classes is still important for the goal of backwards compatibility with legacy code. So Oracle will probably not stop the support at any time in the future. But maybe Oracle will apply more sophisticated deprecation strategies.
Future development: It is interesting that the release of Java-8 has not only incorporated a completely new date/time-API (java.time) but also seen some few enhancements to java.util.Calendar, for example Calendar.Builder or SHORT_STANDALONE etc. Well, I can only speculate but this also seems to indicate that Oracle is not willing to stop the support of the old API in the near future.
Is there a Database API specification for Java that is similar to what exists for Python (PEP249).
I'd like to make an application that can be used to connect to databases, universally, without worrying about the database engine type.
Yes, such an API exists and - AFAIK - it predates Python efforts at standardization. This specification and its API is called JDBC or Java DataBase Connectivity. The current version is JDBC 4.2 (with JDBC 4.3 currently in the pipeline), also identified as JSR 221: JDBCTM 4.0 API Specification maintenance release 2.
You can find the specification document at https://jcp.org/en/jsr/detail?id=221
The interfaces of the API are included in main Java API. See the packages java.sql and javax.sql.
See the Java Tutorial Trail: JDBC(TM) Database Access for an introduction.
A JDBC specification is tied to a Java version, so:
Java 9: JDBC 4.3
Java 8: JDBC 4.2
Java 7: JDBC 4.1
Java 6: JDBC 4.0
... earlier versions are not that interesting anymore
JDBC versions are generally additive, so features in earlier versions are carried over into newer version, and - bar some early mistakes - are usually not deprecated. Sometimes minor clarifications or semantic changes can be made in newer versions of the specification.
Be aware that features in newer JDBC versions are (usually) only accessible if the driver actually implements that JDBC version.
Disclosure: I am a member of the JDBC Expert Group
What is the difference between the Ehcache and Guava Cache? In which scenarios would I use which type of caching?
Note: I am a developer working on Ehcache
The answer to your question depends on which features your cache needs to have inside your application.
Guava caches have all the basic caching features.
Ehcache has more advanced features - see 2.x line or upcoming 3.x line
Multi tier caching (disk in 2.x, offheap + disk in 3.x)
Clustering (2.x for now, soon in 3.x)
Refresh ahead or scheduled refresh (2.x for now)
JSR-107 API
So my advice is to look at your needs, play with both and then decide.