JEPs

Foojay Podcast #5: OpenJDK Discussion Panel

It’s September 20th, OpenJDK 19 has been released. In this podcast, we discuss the new features and the changes that this release brings.

Building Project Panama’s jextract tool by yourself

Learn about jextract, which can generate Java binding code that represents native functions or variables (symbols) from C libraries.

What Can We Expect In OpenJDK 19?

Although the Java 19 release is coming in September (2022-09-20), we already know what will happen in that release!

Java Panama Polyglot (Rust) Part 4

By exposing native Rust functions, you can be easily accessed using Project Panama’s Foreign Function Access APIs.

Java Panama Polyglot (Python/Tensorflow) Part 3

How can you, as a Java developer, execute Python script code and access 3rd party Python libraries such as Tensorflow?

Java Panama Polyglot (Swift) Part 2

Hello and welcome back to the Java Panama Polyglot series where we will be presenting quick tutorials or recipes on how to access native libraries written in other languages.  In Part 1 you got a chance to learn about how to use …

Java Panama Polyglot (C++) Part 1

Java Panama Polyglot series: quick tutorials or recipes on how to access native libraries written in other languages!

Project Panama for Newbies (Part 4)

imagine C code capable of performing a computation and after its completion the C code will notify Java code to perform updates to JavaFX UI components.

Hand Ground Coffee: Command Line Tools for Java

I prefer the command line for my daily work, using the combination of git, sed, grep, bash commands etc. makes recurring tasks easier.

You’re Running Untrusted Code!

I’m afraid the deprecation of the Security Manager just added several lines to that risk, all linked to running untrusted code.

New Java 17 Features for Improved Security and Serialization

In December 2020, I wrote the article Serialization and deserialization in Java: explaining the Java deserialize vulnerability about the problems Java has with its custom serialization implementation. The serialization framework is so deeply embedded inside Java that knowing how dangerous some implementation …

Getting Started with Java 17 and IntelliJ IDEA

A new Java release every six months can be exciting, overwhelming, or both. Given that Java 17 is also an LTS release, it’s not just the developers but enterprises also noticing it. If you have been waiting to move on from Java 8 or 11, now is the time to weigh its advantages.

Project Panama for Newbies (Part 3)

We are going to dig a little deeper in our exploration of Project Panama and how to talk to third party libraries such as SDL & OpenGL.

With the skills you’ve learned from Part 1 and Part 2, you should be able to call most of the common function signatures in many libraries out in the wild.

Project Panama for Newbies (Part 2)

Welcome to Part 2 of this series, in which we will look at C language’s concept of pointers and structs.

Later on in this article, we will use Panama to mimic these concepts.

The goal is to call C function signatures that are often defined to accept pointers and structs.

Project Panama for Newbies (Part 1)

In this series of articles, we will explore the APIs from OpenJDK’s Project Panama.

My intent is to show you how to be proficient in using the Foreign Linker APIs (module ‘jdk.incubator.foreign’) as it relates to Java interoperability with native code.

While this article is for newbies, I assume you know the basics of the Java language, a little bash scripting, and a familiarity with C programming concepts. If you are new to C language don’t worry I will go over the concepts later.

Learn JShell with JavaFX in 60 Seconds

We started with an introduction of the basics of using jshell. Next, you got a chance to learn how to run a JavaFX application file from a terminal command prompt and from within jshell’s command prompt.

After that, launching the application we were able to change the color interactively by setting the public static member variable color.

Lastly, we learned how to stop a JavaFX application properly via /reset command.

Avoid Multithreading Bugs Using Immutable Java 16 Records

In a multi-threaded Java application, any thread can change the state of an object.

The Java memory model in Java language specification specifies when exactly updates made by one thread are going to be visible to other threads.

This is one of the biggest problems professional Java developers deal with every day.

Java records are immutable. An object is considered immutable if its state cannot change after it is constructed. The immutable nature of records eliminates problems of its usage in a multithreaded environment.

JEP 411: What it Means for Java’s Security Model and Why You Should Apply the Principle of Least Privilege

Java, like most platforms or languages has layers of security. This article intends to look at Java’s Authorization layer, which is unlike in other languages.

We will also distinguish between two different ways this layer is typically utilized and why one is effective while the other isn’t.

Furthermore, we investigate why JEP 411 only considers the least effective method and hopefully we will increase awareness of the Principle of Least Privilege as it is applied to Java Authorization, improve adoption and encourage people to take advantage of the improved security it provides.

We hope to prolong its support and possibly even improve it in future.

The Principle of Least Privilege and How JEP 411 Will Have a Negative Impact on Java Security

The SecurityManager and associated infrastructure are the foundations upon which to build secure software, but by themselves are insufficient for limiting users and Java software to the principles of least privilege.

JEP 411 removes the SecurityManager and AccessController.

In doing so, your library code will be able to run with the full permissions of its Java process, which is the same as running with none of the permission checks that were used to harden Java’s API.

If an attacker breaks into your Java process via some other vulnerability, they will be able to load their own byte codes, and pretty much do whatever the process permissions permits them and possibly more if your system has other vulnerabilities.

Java 16 and IntelliJ IDEA

If you are still working with Java 8, you might have mixed feelings about the news of the release of Java 16. However, you’ll see these numbers are going to increment at a much faster and predictable rate with Java’s six-month release cadence.

I’m personally excited about Java 16! It adds Records and Pattern Matching for instanceof as standard language features with Sealed classes continuing to be a preview feature (in the second preview).

Fun fact – Records was voted the most popular Java 16 language feature by 1158 developers in this Twitter poll, with Pattern Matching for instanceof second.

In this blog post, I will limit coverage of Java 16 to its language features, why you need them, and how you can start using them in IntelliJ IDEA. You can use this link for a comprehensive list of the new Java 16 features. Let’s get started.

Java 16 Records: Data Carrier Classes

Professional Java developers need immutable data carrier-classes for communication with databases and web Services. We need to write a lot of boilerplate code to create a simple data carrier-class, we typically implement constructor, accessors, equals(), hashCode(), and toString(). This process is repetitive and error-prone. Developers also complain “Java is too verbose”.

Record classes provide a way to model data in Java. An example of data is a row in a database table. This feature simplifies coding, makes Java code more concise and readable, increasing productivity for professional Java developers. Java14 introduced Records as a preview feature, Java15 brings in some updates as a second preview, and Java16 makes it a final feature, no changes will be needed for Records after this.