Re: Standard "Change Log" and "ToDo"

[Jon Stevens]

on 12/12/01 3:19 PM, "Kevin A. Burton - burtonator" <[EMAIL PROTECTED]>
wrote:

> Enlighten me... what are the benefits of an XML based changelog... besides the
> ability to XSLT it into html (I don't think this is necessary).

Eewww...XSLT...

How about being able to transform it into a ChangeLog.txt and a
ChangeLog.html?

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Standard "Change Log" and "ToDo"

[Jon Stevens]

on 12/12/01 2:05 PM, "Paul Spencer" <[EMAIL PROTECTED]> wrote:

> Jakarta projects use
> Anakia, but I have not found any macros in Jakarta-site2 that reference
> a Change Log or To Do list.
> 
> Paul Spencer

+1. 

Feel free to add some...

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Comment for Apache.org

[Jon Stevens]

on 12/10/01 6:14 PM, "Scott Tavares" <[EMAIL PROTECTED]> wrote:

> You also know that I haven't contributed to the Jakarta project in close to
> three years now because you insulted me one too many times.

Lame excuse. Life is full of people you may not like. If you use that as
your excuse for not participating in things, then you might as well not
leave your house either.

The Jakarta project also isn't just me, there are more than enough projects
here that I don't participate in at all and since this is a Meritocracy
founded around the developers, your voice (and complaints) do not have any
weight unless you actually contribute something. People need to realize that
this is not a democracy.

In my opinion, if you haven't contributed anything, then you are just
leeching off the hard work of the many individuals behind the Jakarta
project and using emails from me that you may not like as your excuse. I
find that far more offensive than anything I could flame you about.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Comment for Apache.org

[Jon Stevens]

on 12/10/01 4:43 PM, "Scott Tavares" <[EMAIL PROTECTED]> wrote:

> Nope!!! jon is a complete ASSHOLE! If YAFF happens it is jon's fault!
> Put the responsibility where it belongs... on jon. It's him that keeps
> creating these commotions needlessly.



p.s. Scott, I love you too.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Comment for Apache.org

[Jon Stevens]

Wow. It would be really great if you wrote an email that made some logical
sense.

-jon

on 12/9/01 3:57 AM, "Frans Thamura" <[EMAIL PROTECTED]> wrote:

> Dear All,,
> 
> Do you know where the list for comment the apache.org web site..
> 
> Is there a team that responsible for managing the projects of apache
> projects.
> 
> Like in Apache XML may be there is a team that manage that.
> 
> I have been working several years in IT, and managing the project. There is
> a methodology to make a project clear..
> 
> I cannot find it in Apache..
> 
> Because as a model of open source development for volunteer.. Apache's
> project can lost his leader or creator.. may be he is busy, or interest in
> several project.
> 
> but as an Apache.. you must responsible for managing this..
> 
> sample..
> 
> Cocoon is create by Stefano, what happen if he is very very busy.. who must
> handle this project. And who will responsible for next release.. only
> stefano or everyone.. who interest.. with VOTE of course..
> 
> I love a clear project. and it will easy to understand and follow.. trust
> me.. there will be thousands people involve with this.. if everyone can
> understand and use it easily..
> 
> Honestly, Apache project is very great.. i love it.
> 
> 
> 
> Thanks.
> 
> Frans


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Exception number: c0000005 (access violation)

[Jon Stevens]

on 12/7/01 11:01 AM, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:

> Hello There,
> 
> I m badly affected by this problem , pls help me..in this matter..,
> 
> i m using : NT4.0 , MSSQL7.0, Tomcat 3.2.1 , and doing the hositing on this
> ...
> 
> but tomcat crases frequently, by dr. watson error.., so pls help me..
> 
> I will be needing ur help badly...
> 
> This is the error , in drwtsn.log :



-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: commentary by Linus Torvalds

[Jon Stevens]

on 12/6/01 2:05 PM, "Paulo Gaspar" <[EMAIL PROTECTED]> wrote:

>> Last time I talked to Eduardo (the spec lead for JSP) he still had never
>> written a real webapp with it.
>> 
>> Lemmings!
> 
> Isn't the JDK 1.4's logging API story similar?
> 
> The guys did not pay that much attention to Ceki's remarks, did they?
> And in terms of logging-in-Java, Ceki is THE authority, isn't he?
> =:o/

Lemmings like to follow patterns.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: commentary by Linus Torvalds

[Jon Stevens]

on 12/5/01 11:27 PM, "Jeff Schnitzer" <[EMAIL PROTECTED]> wrote:

> As a case in point, I would like to point out EJB CMP as an example of
> "design-driven" technology which may very well look really stupid in
> another few years, especially given its atrociously slow mutation rate.
> If anyone who was writing this crap (the spec) was actually *using* it,
> it would probably allow for automatic generation of freaking primary
> keys...
> 
> Jeff Schnitzer
> [EMAIL PROTECTED]

The same can be said of JSP.

Last time I talked to Eduardo (the spec lead for JSP) he still had never
written a real webapp with it.

Lemmings!

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: ASP.NET Linux equivalent?

[Jon Stevens]

on 12/3/01 9:14 PM, "achawathe" <[EMAIL PROTECTED]> wrote:

> Dear Friend ,
> 
>   You should be aware of N tier logic which is developed by Sun
> Microsystems . MIcrosoft are just on the brink of it by adapting the three
> tier logic for it .
> 
>  Hope that you give a good look to Java , Jsp and ejb
> 
> Cheers Amol

Wow. I'm always impressed by how well Sun's marketing works. I bet they
could also get all you lemmings to jump off a bridge.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Object Relational Mapping

[Jon Stevens]

> Or you could petition Sun to open source the reference implementation of JDO
> then others can contribute to it & extend it - like they've already done
> with Serlvets & JSP (Tomcat) and the standard tag library (JSTL).
> 
> Remember to look out for Castor though I don't think its JDO compatible.
> 
> http://castor.exolab.org/

Castor is definitely not JDO.

> Then there's Torque in the Turbine project which is in a similar space,
> though not JDO.
> 
> http://jakarta.apache.org/turbine/torque/index.html

I suggest that you look into using Torque. It is used as the basis for quite
a few projects now for many years, is simple to use and works quite well.
All the code generation is done using Velocity templates to output Java
code, so they are easily modified. :-) Torque is great because it also does
not lock you into using it. If you need to use straight JDBC for something,
then that is ok as well...Torque also follows several of Scott Ambler's
design principles, such as using an IDBroker. The connection pool for Torque
is also integrated into it so that it is 100% database cross platform. You
can use Torque to talk to any number of RDBM's and it has support for about
7-10 of the major ones already in it.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

commentary by Linus Torvalds

[Jon Stevens]

I wonder why he says Sun is doomed.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

FW: Cross Site Scripting holes abound

[Jon Stevens]

Sigh.

-jon

-- Forwarded Message
From: <[EMAIL PROTECTED]>
Date: 17 Nov 2001 02:05:53 -
To: [EMAIL PROTECTED]
Subject: Cross Site Scripting holes abound

Mailer: SecurityFocus

:::  Summary   

   Over a year and a half since CERT issued
warning on Cross Site Scripting, most dynamic
websites are _still_ not filtering user input.  This
lets remote sites access to write scripts on vunlerable
sites, stealing cookies, performing actions on behalf
of user or modifying look of content on site.  I did a
quick 
check of the top 15 sites (and other sites I use) and
found holes in _most_ of them.

:::  Sites Affected :::
   
   http://www.microsoft.com/
   http://www.msnbc.com/
   http://www.oracle.com/
   http://www.about.com/
   http://www.doubleclick.net/
   http://www.netscape.com/
   http://www.paypal.com/
   http://www.google.com/
   ... many more not listed

:::  Details  

   In general, if you can replace any url parameter with
"">alert(document.cookie)"
 and you get an alert, the site may be vulnerable.

   Samples and details listed at
  http://www.devitry.com/security.html

The samples on the above site take it one step
futher and send the cookie data to another site.

Even https sites are vulnerable since cookie data
is available to javascript on page.

  Fix  : 

  You should validate or filter all user input, including
hidden form fields and id's passed in url's before
the data is written out to the page.  Any poorly
written script on your whole domain could give you
problems.  (even old ones that do nothing like
testenv)  Filtering or encoding is should be done
for  ", >, < and sometimes '

  You should monitor for "script" passed in url's to
your site... However, blocking in the url alone
is not good enough as the parameter could be passed
in "POST" data. 

  For sites that have your data, you should always
log out at the end of your session, and you should
not surf more then one site at a time.

:::  Discussion :::

  Most of these holes were discovered in a matter of
minutes.  It takes more time just to find out the owner
of the site and explain to them why this is a problem.
Is there anyway to fix this on a more global basis?

While these types of holes are not instantly mass
exploitable, it is good (or bad, depending on how you
look at it)  for targeting specify users and sites to
steal sessions and personal info.

 -Dave deVitry 
  [EMAIL PROTECTED]

ps. microsoft.com exploit url withheld because they
 think they are safer that way.

pps. all websites involved were contacted, but most
had no timely reply.


-- End of Forwarded Message


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Cross site scripting

[Jon Stevens]

on 11/21/01 4:09 AM, "Geir Magnusson Jr." <[EMAIL PROTECTED]> wrote:

> On 11/21/01 6:59 AM, "Danny Angus" <[EMAIL PROTECTED]> wrote:
> 
>> 
>> Hence my own conviction that the only safe option is no HTML in submissions.
>> However I'd rather escape it on the way in than the way out to reduce load.
> 
> That's something I intuitively agree with, and don't understand the contrary
> point of accepting everything in and processing everything out.
> 
> I would guess the amount in would be significantly less than the amount out,
> and you get to leverage the context in which you are accepting input. (I.e.
> There should be no HTML on the input of a simple order form, for example...)

The reason why I like the idea of processing stuff on the way out instead of
on the way in is that you are actually changing the value of the content if
you do it on the way in. Since you may or may not want to modify that
content permanently, it is better to do it on the way out, even if it is
slightly more processing.

Here is a really good example...what if you have a dynamic web page editor
application that pulls the information out of a file on disk and sticks it
into a  for people to modify. What if you actually want your
administrator to be able to put javascript into the page?

In some applications, it is also possible to circumvent the retrieval of
form data by simply talking directly to the HttpServletRequest data instead
of the libraries that you have. Therefore, if someone working on your app
accidentally uses HttpServletRequest data directly, then you have a security
hole right there. Of course, this can be helped by proper programming, but
we all make mistakes...might as well cover our asses and practice safe sex
all the time. :-)

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Cross site scripting

[Jon Stevens]

on 11/21/01 1:26 AM, "Craig R. McClanahan" <[EMAIL PROTECTED]> wrote:

> I don't know of any generic solutions to the getStrippedHtml() or
> removeScriptTag() methods you propose - but are they still necesary if you
> do the getEscapedHtml() processing on everything?
> 
> Craig

The issue is whether or not you use 8859_1 as your Content type (and place
that in a  tag within the document. If you don't do that, then other
encodings have other meanings for the "<" character and someone could use
that instead. In other words, if the document is sent out as say UTF-7, then
the encoded value of "<" is not "<", it is some other value and that could
get rendered by the browser because of browser bugs.

This document explains the various methods that we need to implement in
CSSCondom...



-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Cross site scripting

[Jon Stevens]

on 11/20/01 11:54 PM, "Craig R. McClanahan" <[EMAIL PROTECTED]> wrote:

> However, Jon is asking for container-based solutions -- I guess that
> requiring the use of Strut tags for all your output qualifies.  :-)
> 
> Craig

Sigh. I am *not* asking for a container based solution.

Because something got lost in your translation of what I'm saying, just to
be clear, I'm asking for a library that takes a String as input and returns
a String as output and provides the various encoding scheme's for preventing
CSS attacks (it seems like none of them are a magic bullet, but combined,
they do the job depending on the level of protection you need).

Something like:

public class CSSCondom
{
public String getEscapedHtml(String input);
public String getStrippedHtml(String input);
public String removeScriptTags(String input);
}

Velocity has a cool feature where you can attach what are called
EventCartridges to items in the Context so that when they are rendered in a
template, code is executed. This is similar to having a taglib bean return
data that has been 'protected'.



In this case, I'm developing a ReferenceInsertionEventHandler that would
rely on this general CSSCondom library to help protect me from unwanted
outcomes.

Thanks.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Cross site scripting

[Jon Stevens]

on 11/20/01 12:43 PM, "Steve Giovannetti" <[EMAIL PROTECTED]> wrote:

> I was trying to look at this from the standpoint of how does the
> offending script get on your site in the first place.  Let's say you
> have a discussion board and you want to make sure no one puts nasty suff
> in SCRIPT tags in their postings.  But from what I gather is your
> interested in blocking on the way out.  I'll re-read the CERT advisory.
> 
> gio

No real point on blocking it on the way in...

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Cross site scripting

[Jon Stevens]

on 11/20/01 10:58 AM, "Steve Giovannetti" <[EMAIL PROTECTED]> wrote:

> In the interest of  breaking the chains of my cross site scripting
> ignorance, I'm assuming that the offending SCRIPT needs to be blocked
> from POST or GET requests made by users to JSP/Servlets on the target
> server?

Nope. The only thing that needs to be done is that certain content needs to
be filtered when it is sent to the browser client so that it is not
interpreted by the client in a bad way.

>  Wouldn't an input filter on the servlet just do the trick?

Filtering all of the content would be a performance killer and doesn't make
much sense. You also don't want to filter input, only output.

I'm not trying to solve the problem of doing the filtering of the content
that I want to filter...I know how to do that...I'm trying to solve the
problem that no one has created any code in Java (that I can find) to deal
with the CSS issue itself.

Part of the problem with this security hole is that, for some reason, it is
hard for a lot of people to even get a basic comprehension of it (even
though it is so well documented). I think that is why a lot of people just
ignore it as being a problem.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Indexing documentation

[Jon Stevens]

on 11/20/01 11:51 AM, "Paul Spencer" <[EMAIL PROTECTED]> wrote:

> Within the standard Jakarta documentation tools, i.e. jakarta-site2 and
> anakia, is their a way to build a keyword index?
> 
> Paul Spencer

You can use the tools available to help you create it, but there is nothing
specifically there to do what you want as it hasn't been requested before.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Cross site scripting

[Jon Stevens]

on 11/20/01 7:43 AM, "Danny Angus" <[EMAIL PROTECTED]> wrote:

> filter everything for public consumption its safest, its not just 

Re: Cross site scripting

[Jon Stevens]

Wow, you fit my first paragraph perfectly.

http://httpd.apache.org/info/css-security/index.html

-jon


on 11/20/01 5:11 AM, "Steve Giovannetti" <[EMAIL PROTECTED]> wrote:

> What exactly do you mean by "cross site scripting" and could you give
> pointers to the examples your talking about in PHP, Perl and C?
> 
> gio
> 
> Jon Stevens wrote:
> 
>> Sadly, it seems that the Java world really hasn't taken the cross site
>> scripting issues seriously. Only a few projects within Jakarta have really
>> made an effort to fix bugs and that was after they were pointed out by
>> others. It also seems that most of the examples are for other languages
>> (PHP, Perl, C) and not Java and that they have made simple methods available
>> to resolve the issues.
>> 
>> It would be really cool to start a project under Jakarta (ie: in commons)
>> that addresses the issues of the cross site scripting bugs in a re-usable
>> fashion so that more people will be aware of the issues surrounding this
>> important discovery.
>> 
>> Does anyone have code they want to contribute to get this started? How are
>> you currently dealing with these issues? What is your favorite way to escape
>> things? Do you filter/escape all content or only some content? Etc.
>> 
>> Thanks,
>> 
>> -jon


--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Cross site scripting

[Jon Stevens]

Sadly, it seems that the Java world really hasn't taken the cross site
scripting issues seriously. Only a few projects within Jakarta have really
made an effort to fix bugs and that was after they were pointed out by
others. It also seems that most of the examples are for other languages
(PHP, Perl, C) and not Java and that they have made simple methods available
to resolve the issues.

It would be really cool to start a project under Jakarta (ie: in commons)
that addresses the issues of the cross site scripting bugs in a re-usable
fashion so that more people will be aware of the issues surrounding this
important discovery.

Does anyone have code they want to contribute to get this started? How are
you currently dealing with these issues? What is your favorite way to escape
things? Do you filter/escape all content or only some content? Etc.

Thanks,

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Standard definition for Alpha, Beta, RC, and Release

[Jon Stevens]

on 11/19/01 11:26 AM, "Paul Spencer" <[EMAIL PROTECTED]> wrote:

> Does the PMC have standard definitions Alpha, Beta, Release Candidate,
> and Release? If so, then what are they?  Specifically I am looking for
> the difference relative to:
>  o Overall stability
>  o Enhancement to Functionality
>  o Commitment to maintain Functionality
>  o Enhancement to API used by a user's application
>  o Commitment to maintain API used by user's application
>  o Upgradability
> 
> Paul Spencer


No. It is up to the individual projects to decide that.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Business-Oriented XML

[Jon Stevens]

on 11/18/01 9:11 PM, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:

> I think this is a little disingenuous. XML has its history in SGML, yes.
> However, the SGML standard (ISO 8879) was published in 1986. It's also true
> that SGML was originally based on GML. However, to claim that XML has "a
> history that extends back into the late 1960s" is really to claim that XML
> has a history in markup languages. Yep, and Java has a history in
> programming languages, which go back even further. ;-)
> 
> --
> Martin Cooper

I agree.

Creating a language parser and compiler is generally pretty difficult.
However, XML is easily parsed and converting the tags (markup) into
something that can be executed is pretty easily done.

It makes me want to puke every time I see someone repeat using XML as a way
to create their own language because when real languages are designed, quite
a bit of thought goes into creating the grammar and how things fit together.

When Joe Foo is able to snap together his own pseudo language out of XML
tags, I go running. It is just silly to use XML to define a language. It is
a markup definition tool. Having a way to easily parse it and deal with it
does not make it a language!

Regardless of history, I see BOX as being just another wannabe framework.
When I say wannabe, I don't mean that it doesn't yet exist or is trying to
be something it is not. I mean that it is some guy out there pushing on the
world what he has created for himself and completely ignoring the fact that
there are already a bazillion other tools out there that do exactly the same
thing, just as easily, only in different ways.

Yawn. This discussion is boring, how many times has someone come around here
pushing their new and improved web app framework that does everything?

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Business-Oriented XML

[Jon Stevens]

on 11/17/01 11:07 AM, "Dave Jarvis" <[EMAIL PROTECTED]> wrote:

> Turbine is coupled to Java.  It's not easy to use any particular
> database (e.g., an entire help section on how to integrate Oracle).
> With BOX, you set the default database with a straightforward
> configuration file:
> JDBC_DRIVER=org.postgresql.driver.Driver
> DB_URL=postgres://whatever:5432
> DB_USER=username
> DB_PASS=password
> --
> JDBC_DRIVER=com.oracle.driver.Driver
> etc.
> 
> Note that this is used by the processing engine.  If you want to write a
> processing engine in another language (like C++), then you have to
> derive a mechanism to do the database connectivity.  The business logic
> never needs to know.  Even better, you can add a DB_NAME property and
> extend the BOX language thusly:
> 
> ...
> 
> 
> This allows people to dynamically choose a different database during
> runtime (note: completely backwards and forwards compatible; BOX is
> extensible).
> 
> Turbine, like Maverick, also lets you shoot yourself in the foot with
> JSP.

Ok. Now you are getting personal (by comparing to Turbine) and making a
complete fool of yourself with your ridiculous FUD statements.

BOX is just another wannabe web framework that is inventing yet more
technologies and claiming to be the 'best' because you happen to like it and
it works for you. 

p.s. I don't think you will get far with an argument about being coupled to
Java as being negative around here.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Business-Oriented XML

[Jon Stevens]

on 11/16/01 8:58 PM, "Dave Jarvis" <[EMAIL PROTECTED]> wrote:

>   
> 
>   * FROM WIC.FOURNIS
>   WHERE COD_CLIENT=?
>   ORDER BY NOM_FOURNIS
> 
> 
>   
> 
> 
>   

Why the heck would you want to do this anyway? You have to be nuts to write
SQL by hand anymore and why would you want to embed it into your code
anyway?

You guys have totally lost touch with simple concepts like 'MVC'...

Ewww...

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

CVSadmin Control

[Jon Stevens]

Hey all,

In an effort to cut back on the amount of time I spend at Jakarta (you can
start cheering now) and to give Jason van Zyl more control.

I no longer have cvs admin privs and Jason has taken over that duty for me.

So, if you need something done with regards to the avail file, as Jason.

Thx.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [OT] MS makes a better PetShop...

[Jon Stevens]

on 11/2/01 12:03 PM, "horwat" <[EMAIL PROTECTED]> wrote:

> http://java.sun.com/j2ee/blueprints/learn.html

>From that, I found this:

"Accelerate read-only data access by not using enterprise beans."


I love it.

:-)

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [OT] MS makes a better PetShop...

[Jon Stevens]

on 11/1/01 11:59 PM, "Matt Egyhazy" <[EMAIL PROTECTED]> wrote:

> perhaps sun should make it more clear that petshop is not a benchmark and is
> instead a multi-faceted example of the possibilities offered by j2ee.  i
> suppose they could rework it and create a benchmark out of it...
> 
> microsoft is obviously misusing it...and that is possibly what they do best
> (and are 'doing right'), spread FUD.
> 
> matt

I don't get it though. Why shouldn't a fully functional demo also be able to
be used as a real application (or the basis for one)? A pet store shopping
cart isn't rocket science. Even if it is just an educational science
project, why does it have to be that much more complex and overly done than
an equivalent application in another language/system/os.

The point being is that M$ claims that their version of PetStore is that
much smaller and easier to understand. Well, if their version also has all
of the same showcase of features, then how come it is still that much
smaller/simpler/faster?

I don't really see what M$ did as being FUD. What they are doing is showing
the hypocrisy of Sun's marketing engine and the technologies that Sun is
pushing on people to use.

W a k e  u p  p e o p l e

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [OT] MS makes a better PetShop...

[Jon Stevens]

on 10/31/01 5:41 PM, "horwat" <[EMAIL PROTECTED]> wrote:

> The J2EE PetStore application was created as an educational tool to showcase
> features available in a J2EE architecture. True, it has many more EJB's then
> required in a normal application but these EJB's are meant to be examples of
> how the technology can be used. PetStore shows by example various design
> patterns and is not meant to be a benchmarked application.
> 
> Microsoft is really missing the point in their benchmark. In their port they
> don't have a middle tier. They are really missing the meat of the
> architecture and essentially have a database accessible through webpages. It
> is this middle tier, through the use of EJBs, that allows pluggability and
> reusability of business logic.
> 
> It is quite telling that Microsoft targeted a strawman, non-optimized,
> education focused application instead of an official J2EE benchmark like
> ECPerf.
> 
> Justy

Why can't anyone learn that providing crummy examples only encourages people
to create crummy applications? Most of the people out there probably try to
copy/paste as much code as they can from samples like the PetStore. People
who are even looking at it in the first place are looking at it as the 'Sun
approved' way of creating applications.

If you are really trying to educate people how to use various design
patterns, then why not show them the right way in the first place?

Am I the only one who sees the hypocrisy in all of this?

p.s. Sun's stock price is flying at a whopping 10.84. M$ must be doing
something right (at 61.84).

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [OT] MS makes a better PetShop...

[Jon Stevens]

on 10/31/01 1:54 PM, "James Strachan" <[EMAIL PROTECTED]> wrote:

> It would be interesting to have a Java competition - trying the various
> different techniques, tools and frameworks and seeing how each of them stack
> up to .NET. Comparing code complexity, performance etc.
> 
> e.g. with beans or EJBs, with JDBC stored procedures or Turbine, with JSP or
> Velocity, then on a bunch of runtime platforms and databases and see how
> they stack up doing the same application.
> 
> James

Unfortunately, none of us in Jakarta land get paid to write demo's so I
doubt you will see one soon. :-(

Needless to say, Scarab is fully OSS, performs quite well and the code is a
very nice example of how to write an extremely complex web app.



-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [OT] MS makes a better PetShop...

[Jon Stevens]

on 10/31/01 1:19 PM, "James Strachan" <[EMAIL PROTECTED]> wrote:

> http://msdn.microsoft.com/net/compare/petshop.asp
> 
> Its not a very fair comparison (suprise suprise) but from a quick look at
> the source code, it seems MS achieve their performance gains by not using
> EJBs :-)

Ok. Now that is funny. I got a good laugh out of that one. Hi Justy!

> I wonder what the figures would look like if the PetStore were implemented
> along similar techniques using just regular JavaBeans and JSP...

I wonder what the figures would look like if the PetStore were implemented
along similar techniques using just Turbine and Velocity...

Velocity already had results show it to be faster than JSP.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: Site update

[Jon Stevens]

on 10/27/01 12:27 PM, "Remy Maucherat" <[EMAIL PROTECTED]> wrote:

> Hi,
> 
> When doing site updates, please don't forget to update before starting
> editing. For example, Berin reverted many changes to the news and binary
> pages.
> 
> Remy

Even though it was partially the fault of CVS that f*cked up in this case, I
do argue that this is a perfect example of why I push for keeping the .html
pages in CVS.

-jon


--
To unsubscribe, e-mail:   
For additional commands, e-mail: 

Re: [Vote] BCEL @ Jakarta

[Jon Stevens]

+1

Please note: people from other projects are giving their vote...while the
voice is appreciated, that vote doesn't really count since it is only the
PMC's decision to include new projects.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] Microsoft Sets Tolls for .Net Developers

[Jon Stevens]

Why am I not surprised?

The funny thing is that even in this down economy and with all the free
(better?) alternatives that are out there, people will actually still pay
for this stuff!

We should put a paypal link on the Jakarta homepage and donate the money to
AIDS research or some other worthy cause.

-jon

-- Forwarded Message

Link: http://slashdot.org/article.pl?sid=01/10/24/010249
Posted by: michael, on 2001-10-24 11:40:44
Topic: ms, 153 comments

   from the firstborn-son-comes-later dept.
   matsh writes: "Today Microsoft [1]revealed the cost of signing up as a
   developer to .Net. Entry level is $1,000. Standard level $10,000.
   Custom support will cost even more."

References

   1. http://news.cnet.com/news/0-1003-200-7629784.html

-- End of Forwarded Message


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Distributing the JSSE

[Jon Stevens]

on 10/23/01 7:38 PM, "Geir Magnusson Jr." <[EMAIL PROTECTED]> wrote:

> On 10/23/01 5:55 PM, "Jason van Zyl" <[EMAIL PROTECTED]> wrote:
> 
>> On 10/23/01 2:38 PM, "Jon Stevens" <[EMAIL PROTECTED]> wrote:
>> 
>>> on 10/23/01 10:40 AM, "Jason van Zyl" <[EMAIL PROTECTED]> wrote:
>>> 
>>>> I want to distribute the JSSE jars with the Turbine Development Kit but I'm
>>>> not entirely sure if it's legal. On the JSSE website it says that "the
>>>> binary implementation may be used royalty-free as part of commercial
>>>> applications", but in the license it says for internal use only?
>>> 
>>> It is not legal.
>> 
>> If that is indeed the case does anyone know of any JSSE implementations that
>> can be distributed?
>> 
> 
> 
> Why is it not legal?  According to the license posted by jason, there is a
> supplemental section that reads :
> 
> SUPPLEMENTAL LICENSE TERMS
> 
> These supplemental license terms ("Supplement") add to or
> modify the terms of the Binary Code License Agreement
> (collectively, the "Agreement"). Capitalized terms not
> defined in this Supplement shall have the same meanings
> ascribed to them in the Agreement. These Supplement terms
> shall supersede any inconsistent or conflicting terms in
> the Agreement, or in any license contained within the
> Software.
> 
> 1. License to Distribute. Sun grants you a non-exclusive,
> non-transferable, royalty-free, limited license to (a) use
> the binary form of the Software for the sole purpose of
> designing, developing and testing your JavaTM applets and
> applications intended to run on a compatible Java
> environment (the "Programs"), provided that the Programs
> add significant and primary functionality to the Software,
> and (b) reproduce and distribute the binary form of the
> Software through multiple tiers of distribution provided
> that you: (i) distribute the Software complete and
> unmodified; (ii) do not distribute additional software
> intended to supersede any component(s) of the Software;
> (iii) do not remove or alter any proprietary
> legends or notices contained in or on the Software; and
> (iv) only distribute the Software pursuant to a license
> agreement that protects Sun's interests consistent with the
> terms contained in this Agreement, and provides that Sun is
> a third party beneficiary to such license agreement. If you
> distribute the Software pursuant to this paragraph, you
> must include the following statement as part of product
> documentation (whether hard copy or electronic), as a
> part of a copyright page or proprietary rights notice
> page, in an "About" box or in any other form reasonably
> designed to make the statement visible to users of the
> Software:  "This product includes code licensed from
> RSA Data Security".
> 
> The only problem that I see is (iv).  Is that it?
> 

Catalina does not distribute the JSSE (from the catalina/build.xml):

  

  

I would like to know why they don't redistribute it.

I think (ii) is funny because from what I'm hearing is that Jboss has
modified it and is distributing it because there is a serious classloader
problem in it.

(iv) definitely doesn't make me feel real comfortable.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Distributing the JSSE

[Jon Stevens]

on 10/23/01 10:40 AM, "Jason van Zyl" <[EMAIL PROTECTED]> wrote:

> I want to distribute the JSSE jars with the Turbine Development Kit but I'm
> not entirely sure if it's legal. On the JSSE website it says that "the
> binary implementation may be used royalty-free as part of commercial
> applications", but in the license it says for internal use only?

It is not legal.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ImportScrubberTask

[Jon Stevens]

on 10/22/01 10:56 AM, "Jason van Zyl" <[EMAIL PROTECTED]> wrote:

> I only ran it on a small body of source, but Scarab is a good test bed.

Scarab is something like 256 classes...most of it is Torque generated
though...

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ImportScrubberTask

[Jon Stevens]

on 10/22/01 10:23 AM, "Pier Fumagalli" <[EMAIL PROTECTED]> wrote:

> You didn't know? They're adding those to the VM spec, so that you can
> directly write in Velocity without having the hassle to pass thru Java :) :)
> 
>   Pier (being ready to be flamed by JG! :)

Na...we would have to rename Velocity -> JSP.

:-)

I wonder how many people have tried importing a compiled JSP page. Oh wait,
you can't easily do that because Jasper makes up some f*cked up name for the
class because no one could figure out how to implement reloading properly.
:-)

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: New jar dependency for Cactus

[Jon Stevens]

on 10/22/01 9:27 AM, "Vincent Massol" <[EMAIL PROTECTED]> wrote:

> I'd like to ask if anyone sees a problem for using AspectJ
> (http://www.aspectj.org) with Cactus ? More specifically the license is MPL
> (http://aspectj.org/servlets/AJSite?channel=download&subChannel=license). Is
> that a problem ? I don't believe so, but just wanted to be sure.
> 
> If it works, I think a lot of jakarta projects may find aspectj very useful.
> I highly recommend reading the tutorial :
> http://aspectj.org/doc/dist/tutorial.pdf
> 
> Thanks
> -Vincent

>From everything that I have ever heard from ASF board members, the MPL 1.1
and higher (not 1.0) is an ok license to combine ASF software with.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [Vote] BCEL @ Jakarta

[Jon Stevens]

on 10/22/01 7:05 AM, "Pier Fumagalli" <[EMAIL PROTECTED]> wrote:

> Jason van Zyl at [EMAIL PROTECTED] wrote:
> 
>>> I like their project, the only thing I'm concerned about it is here:
>>> 
>> 
>> Markus has agreed to change the licensing strictly over to the AL.
> 
> Big +1 then :)
> 
>   Pier

FYI, it is 'ASF License' or 'ASFL'...not 'AL'. The license belongs to the
'Apache Software Foundation', not 'Apache'.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ImportScrubberTask

[Jon Stevens]

on 10/22/01 6:22 AM, "Jason van Zyl" <[EMAIL PROTECTED]> wrote:

> It works fine, but there is a problem with the imports being placed in the
> wrong place when there is text right after the package declaration. I asked
> Tom Copeland to fix this for me and he said he would get to it today. It
> does the job correctly, it just doesn't put the imports in the right place.

Run the ant target that I pasted here against Scarab and you will see that
it does NOT work fine at all. I pasted it here so that I wouldn't get a
response like you just gave me.

Here is an example of some imports it f*cked up:

[196][ src/org/tigris/scarab/om ]% more Attachment.java
package org.tigris.scarab.om;

import text.plain;
import org.apache.fulcrum.upload.FileItem;
import org.apache.torque.om.NumberKey;
import org.apache.torque.om.Persistent;

I never knew that text.plain is a proper import. :-)

Here is another one:

[197][ src/org/tigris/scarab/om ]% more IssueTemplateInfo.java
package org.tigris.scarab.om;

import email.RequireApproval.vm;
import org.apache.turbine.Turbine;
import org.apache.fulcrum.template.TemplateContext;
import org.apache.torque.om.NumberKey;
import org.apache.torque.om.UnsecurePersistent;
import org.tigris.scarab.security.ScarabSecurity;
import org.tigris.scarab.security.SecurityFactory;
import org.tigris.scarab.tools.Email;
import org.tigris.scarab.util.ScarabException;
import org.tigris.scarab.services.module.ModuleEntity;

Wow. When did Velocity files become ok to import? :-)

It appears that in its search through files, it finds any mention of a
"foo.bar" and sticks it into an import. That does not seem like a very good
assumption.

Another problem I noticed is that it imports java.util.Set when it doesn't
need to as well.

Yes, I compiled with debugging on.

I'm starting to think that post processing JAD (the java decompiler) output
would be a better idea.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ImportScrubberTask

[Jon Stevens]

on 10/21/01 8:40 PM, "Pier Fumagalli" <[EMAIL PROTECTED]> wrote:

> Jon Stevens at [EMAIL PROTECTED] wrote:
> 
>> <http://importscrubber.sourceforge.net/ant.html>
>> 
>> org.apache.tools.ant.taskdefs.optional.importscrubber.ImportScrubberTask
>> 
>> Given that this isn't an official Jakarta project, shouldn't the tool choose
>> another namespace?
> 
> Indeed...
> 
>   Pier
> 

That said, I just tried running importscrubber against Scarab's code and it
totally f*cked it up. I highly recommend not using it or at least being very
careful with it.

Tom, feel free to try yourself...I added the following to Scarab's
build.xml:












  




  

  

  

  





  



  




-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

ImportScrubberTask

[Jon Stevens]

org.apache.tools.ant.taskdefs.optional.importscrubber.ImportScrubberTask

Given that this isn't an official Jakarta project, shouldn't the tool choose
another namespace?

It isn't even listed here:



-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [PROPOSAL] New Project Creation Guidelines

[Jon Stevens]

on 10/19/01 5:50 AM, "Pier Fumagalli" <[EMAIL PROTECTED]> wrote:

> +1... Just remove the word ASP between "decline" and "market" in the little
> boxed text :)
> 
>   Pier

Why? That was a direct quote.

That isn't M$ ASP, it is 'application service provider'.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [PROPOSAL] New Project Creation Guidelines

[Jon Stevens]

Sam,

I have integrated the changes that you suggested, please take a look.



-jon



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/18/01 12:18 AM, "Ranjit Mathew" <[EMAIL PROTECTED]> wrote:

> It's sadder still, Jon, that you quote Paul almost
> verbatim in your document "New Project Proposals"
> (http://jakarta.apache.org/site/newproject.html) and

#1. It is a quote made in a public forum.
#2. I also used a quote from Sam and several other references to other
conversations today.
#3. What exactly is the problem with quoting him?

> put several not-so-obvious-to-a-newbie references
> to this thread into the document.

Removed.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [PROPOSAL] New Project Creation Guidelines

[Jon Stevens]

on 10/18/01 12:41 AM, "Ceki Gülcü" <[EMAIL PROTECTED]> wrote:

> You should remove the last paragraph, otherwise +1.

Done.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 11:48 PM, "Endre Stølsvik" <[EMAIL PROTECTED]> wrote:

> | Put your project on SourceForget.net. There is another project there that is
> | now hugely successful that we also rejected here and which I hosted for a
> | number of years on my own dime, the Jboss project. Hope is not lost.
> 
> So you (Jakarta) rejected Jboss. I didn't know that. How incredibly smart
> of you. Think about the synergies between Tomcat and Jboss!!! Wow!
> Incredible.
> 
> Were you (Jon) the front figure in that rejection too, hurling shit in
> every direction, handing out your minus one before knowing what you were
> talking about?

For well over a year (or was it 2 or 3?), I hosted the JBoss projects on my
servers out of the goodness of my heart because they sorely needed mailing
lists and a decent cvs server. At the time, they were at risk of losing
their entire community. Eventually, I left the company but and about 6
months later I could no longer host them there so they had to move to
Sourceforge. 

I have nothing against their project other than my own opinions about EJB's
and they have been more than successful at the integration of Tomcat.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 9:36 PM, "Tim Vernum" <[EMAIL PROTECTED]> wrote:

> When I first read the original mail my reaction was "Someone with
> a homeless project looking for an owner".

I must be tainted from having been around here so long. I see right through
his proposal.

> In fact Paul's most recent mail says
> "As a result of this, we are interested in building a market
> through open source."
> Which has an air of "we can't afford to do this ourselves so we're
> hoping that we can utilise the Apache resources to get our product
> of the ground".

Yes, that is what I saw right away.

Add on to the fact that he has zero OSS experience, a contribution from him
would not bring anything more than a code base and a lot of headaches for us
to bring him up to speed on how to run an OSS project. Jakarta is not a
dumping ground for code.

> There's nothing _wrong_ with that - my impression is that part of
> Sun's motive for donating to Jakarta is to take advantage of the
> resources/name of Apache to promote their technology.

Actually, it is a slightly different and much much more drawn out story with
Sun.

> It can be a win-win situation

For the most part, with Sun, it has been a win-win solution.

Several Jakarta developers (Costin/Craig/Pier are the first people that come
to my mind) have gone on to become Sun employees* and that makes me happy to
see them gainfully employed doing what they love to do. That said, Tomcat
3.0 wasn't a pretty code base at all and a lot of work has gone into
cleaning it up (as well as re-writing it from scratch).

* Costin recently left to go to another Apache-centric company...I'm sure
his resume of working with Jakarta didn't hurt him. :-)

> , but if no one here thinks the
> project is worth being involved in, then there's no reason
> for the PMC et al. to put time/resources into it.

I agree.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[PROPOSAL] New Project Creation Guidelines

[Jon Stevens]

Here is my proposal for new project creation guidelines. I have not linked
it into the main site until I can get 3 +1 votes from the PMC and 0 -1 votes
from the PMC.



I will accept any patches against this document and/or direct commits from
PMC members.

:-)

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

I don't have any more time for this. End of discussion. I'm not going to
change my mind.

-1

My suggestion:

Put your project on SourceForget.net. There is another project there that is
now hugely successful that we also rejected here and which I hosted for a
number of years on my own dime, the Jboss project. Hope is not lost.

Good luck.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 4:29 PM, "Paulo Gaspar" <[EMAIL PROTECTED]> wrote:

> Calling someone's hard-worked project ".bomb", without even
> trying to get informed about it.
>
> Does this qualify?

It is a .bomb project though. I have an entire corporation of them (yes, I
am the proud owner of a rather large worthless shareholders certificate).
Big deal.

Sorry, I don't see an offense in that.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 3:33 PM, "Paul Ilechko" <[EMAIL PROTECTED]> wrote:

> I've already responded to that. You jumped to an incorrect conclusion, and
> attacked without even atttempting to get clarification.

There is no conclusion. There is no attack. You still haven't responded to
my question and your dodgy and defensive response don't leave me feeling any
more comfortable.

I have re-read over all of your emails and I still don't see my questions
answered. If you have responded to my direct question, then I apologize and
please paste it here again, because I certainly missed it.

> Sorry, I don't ever recall you asking to see the code or the design.

That is because we haven't even gotten past the first set of requirements
yet.

> We have
> sent design docs to someone from Apache who was interested enough to ask for
> them.

They should just be published on the web and available for everyone to look
at already. We shouldn't have to ask for them, they should already be
provided.

> "Established Communities" don't suddenly appear full-fledged from
> nowhere

EXACTLY! That is the point I am trying to convey that you don't seem to be
understanding. We don't want projects that haven't taken the time to create
the established communities. I don't care how 'cool' you might think your
piece of software is.

If there isn't interest in it, then it will become a sore point in our
collection of software.

> - we have developers to seed a community

For how long? Sometimes it takes years.

>, all we are doing is
> looking to see if there is interest in the product. Why are you so
> threatened by this ?

There is no threat. There is only your inability to prove that your project
satisfies the requirements that we have been giving you.

I feel like I keep giving you chances to prove your project as being worthy
for inclusion here (by satisfying the requirements laid out) and you keep
trying to turn it around into an attack on you. Given your defensive nature
I now question even more the ability of you and your project to thrive in
this open arena.

-1

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 12:24 PM, "Paul Ilechko" <[EMAIL PROTECTED]> wrote:

> No, this is not what we said. We said we cannot fund taking the product to
> market, which is vastly different than being able to fund development. We are
> primarily a consulting company, and we have used ASPizer for a client project.
> We do not have a software sales channel, and we are not currently in a
> position to develop one.
> 
>   Paul. 

Let me quote you:

"However, due to various economic factors such as the decline in the ASP
market and the recent difficulties in obtaining venture capital, we have
decided that at this time it is not feasible for is to continue in that
direction."

And:

"We intend to continue to provide development support, and we have no
problem to committing 3 developers in an ongoing basis."


If you don't have the money to fund development of the product, then how are
you going to have money to keep several engineers working on it and
supporting it? You keep contradicting yourself.

Even still, that doesn't deal with the issues surrounding the need to have
an established community as well as even letting us look at the code base (I
care if the code and design is good or not).

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 12:42 PM, "Paul Ilechko" <[EMAIL PROTECTED]> wrote:

> Actually, I responded to all your points, then you decided it was time to
> insult us, at which point it no longer seemed worthwhile responding to you at
> all. Fortunately, not everyone on the list has the same attitude problem.

You see an attitude problem.

I see you getting defensive and making judgments of my personality based on
emails (and not even knowing me) because I don't jump up and exclaim joy for
your gracious offer of dumping your product on us.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 1:21 PM, "Endre Stølsvik" <[EMAIL PROTECTED]> wrote:

> Jon's last post is just so very much better. Why not start with something
> like that? It's still pretty direct, but in a much nicer, somewhat
> diplomatic way.

I did start nice. How come you choose to ignore that?

> I'm not. It's trying to point something out to Jon, actually. But he
> definately does have a load of followers in this forum, protecting his 5
> years earned rights to be rude. But I do know that there is several other
> people that feel about the same way about Jon's behaviour on the lists he
> subscribes to as me, tough. Just read the lists!

Yup, I admit it. I have a fairly low tolerance for bullshit.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 9:35 AM, "Ceki Gulcu" <[EMAIL PROTECTED]> wrote:

> Jakarta is not a dumping ground for .bomb projects. Untactful?
> Yes. Accurate statement? Yes.

Let me point out that I tried tact the first time I responded:

> There is nothing in your proposal discussion WHY you would want to give this
> to the ASF other than because you think you have a cool product. Nor is
> there anything that suggests what the developer community is like (ie:
> people who would be working on the product) nor the user community and the
> people who would be responsible for supporting the user community.

It didn't seem to get through to the guy so I brought it up a notch.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 6:08 AM, "Paul Ilechko" <[EMAIL PROTECTED]> wrote:

> Whatever Jon is or isn't is not my place to say, but I think I was pretty
> clear that we are NOT looking to dump a project on Apache, that we ARE
> continuing to work on ASPizer and support it, and have described the
> commitment we expect to make.

I question that commitment. No, I'm not going to just take your word for it.

How can you commit to backing a project over the long term if your company
can't get funding? When your company goes out of business, what interest
will you have in developing this project over the long term?

You need to realize that the 5 years that I have been around here, I have
seen about 30-40 people just like you who come with some great project that
they want to see survive beyond their company who want to give us the great
pleasure of hosting for them so that they can maybe get some interest in it
because no one was willing to buy it.

We already have enough baggage around the Jakarta project. I think that
adding any new projects is going to have to be carefully considered. The
primary consideration is whether or not the project coming in has a
developer and user community around it. The reason is because it will be
these people who have to support the project long after the lead developers
or the company that created it disappeared.

The problem is that few people around here have been around for as long as I
have so they have a very small understanding of the amount of crap that we
have accumulated and gone through over the years. As a result, we have
really closed our doors to new projects that have no community before they
come here. Simply because we don't want to become a sourceforget.net (which
is where I would have recommended you to go in the first place instead of
pointing you at this list).

If you had bothered to read the archives before coming here, you would have
seen myself and others say similar things like the above over and over and
over again. Yes, this is prompting me to do yet even more work and create a
FAQ page for this stuff on the website. I'm tired of repeating myself.

> Now, if anyone wants to look more closely at the
> product and make some informed comments, we'll be happy to share information.
> I will not be responding to inane trolls.

How come you haven't put the source code out there under an OSS license yet
so that we can look at it before we decide to begin to even consider it?

thanks,

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/17/01 9:24 AM, "Pier Fumagalli" <[EMAIL PROTECTED]> wrote:

> Nothing, but from a community standpoint, the ASF would rather incorporate
> projects that are not backed up by a self-sustained open-development
> community... Look at our last addition, Log4J, it was an IBM project, they
> dumped it, Ceki forked it, build an open-source community around it, and
> then we "inglobated" it under Jakarta (and it was a good addition)...
>
> I actually don't care about the code... The code could be the crappies one
> ever, but if the community behind it is good, it gets my preference over a
> magnificent piece of code with a non-existent or screwed community...

+1

This is similar to what I originally stated in my first response on the
subject as well as a bazillion times over the years:

> There is nothing in your proposal discussion WHY you would want to give this
> to the ASF other than because you think you have a cool product. Nor is
> there anything that suggests what the developer community is like (ie:
> people who would be working on the product) nor the user community and the
> people who would be responsible for supporting the user community.

Maybe someday, someone will bother to read the archives before posting here
so that either I or Pier or someone else don't have to constantly explain
why a response of:

"We aren't a dumping ground for .bomb projects."

...isn't an asshole response, but just a simple summary of what we have been
saying here for the last 5 years.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: ASPizer

[Jon Stevens]

on 10/15/01 11:15 AM, "Paul Ilechko" <[EMAIL PROTECTED]> wrote:

> Peter and Jon, thanks for the feedback, sorry I didn't get a chance to respond
> sooner. 
> 
> A few comments: 
> 
> ASPizer is currently a production quality product, and in fact is being used
> on a live website in the UK. It was developed as a product by THBS, with the
> intention that we would sell it. However, due to various economic factors such
> as the decline in the ASP market and the recent difficulties in obtaining
> venture capital, we have decided that at this time it is not feasible for is
> to continue in that direction.

We aren't a dumping ground for .bomb projects.

> We do think that ASPizer is an interesting product that has a strong synergy
> with some existing Apache technologies. We intend to continue to provide
> development support, and we have no problem to committing 3 developers in an
> ongoing basis. As far as getting an Apache "champion", I'm not sure how we go
> about that - I was hoping someone would be interested enough to follow up
> based on the proposal that we submitted.

Exactly.

> As far as the user community is concerned, we believe that there are two
> primary groups - 
> 
> 1. ASP related companies, including ISVs developing for the ASP market,
> Aggregators who assemble packages of applications, and Hosting providers,
> 
> 2. Corporate users that run internal IT in an ASP-like way, or who have
> external clients accessing their systems (we have had preliminary discussions
> with a couple of the latter).
> 
> We would be able to support early-adopter clients during the initial period of
> the product being made available, we are willing to commit to at least two
> years. 

I'm confused. How can you commit two years when you can't get funding for
your business?

> ASPizer may have some overlap with Turbine, but it is quite a different
> product. My understanding is that Turbine is basically a tool to help
> developers build web applications, whereas ASPizer is more of a platform
> extension. With ASPizer it is possible to configure an application to run in
> an ASP model, including security, billing and licensing, without actually
> changing the application at all (so in fact you can even "ASPize" a non-J2EE
> application), although using the APIs provides a much more granular set of
> facilities. We are also currently working on making ASPizer available as a set
> of web services. 

The use of the term 'security' is very broad in your example.

BTW, I wrote an ASPizer as well...it is called Noodle. LOL!

http://noodle.tigris.org

:-)

> We will be happy to provide code and documentation for anyone who is
> interested in digging deeper.

Good luck.

:-)

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [Fwd: Tomcat extensions for ASPs]

[Jon Stevens]

There is nothing in your proposal discussion WHY you would want to give this
to the ASF other than because you think you have a cool product. Nor is
there anything that suggests what the developer community is like (ie:
people who would be working on the product) nor the user community and the
people who would be responsible for supporting the user community.

-1

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Stylebook

[Jon Stevens]

on 10/11/01 7:24 AM, "Peter Donald" <[EMAIL PROTECTED]> wrote:

> Anakia is the product
> many jakarta projects use.

Anakia is the product that many Jakarta projects use...as well as the main
http://www.apache.org site. It has proven to be quite useful and is fully
documented:

http://jakarta.apache.org/velocity/anakia.html
http://jakarta.apache.org/site/jakarta-site2.html

Thanks,

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: BCEL @ apache

[Jon Stevens]

on 10/1/01 7:56 AM, "Jason van Zyl" <[EMAIL PROTECTED]> wrote:

> Hi,
> 
> Many months ago I asked Markus Dahm whether or not he would be interested in
> BCEL (Byte Code Engineering tool) being a Jakarta project as I was using and
> thought it a very cool package, and I believe Xalan uses it for their
> compiler, but nothing resulted from the initial conversation.
> 
> Markus has approached me now stating that he would be interested in BCEL
> becoming a Jakarta project so I thought I would see what others thought.
> BCEL has many applications including compilers, analysis tools and who knows
> what else.
> 
> Thoughts?

What is his developer/user community like?

I'm leaning towards being conservative and saying that we don't need another
project right now since we just added Lucene and moved Cactus to a TLP (top
level project).

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Any Jakarta calendar server projects?

[Jon Stevens]

on 9/30/01 8:08 AM, "Paul Spencer" <[EMAIL PROTECTED]> wrote:

> iCalander is not supported in current version (1.3a2) of Jetspeed,
> although I am not sure why.

I think it clearly states the reason why on the link that Sam posted.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Need to add Jetspeed release and nightly to binindex

[Jon Stevens]

on 9/23/01 7:20 PM, "Paul Spencer" <[EMAIL PROTECTED]> wrote:

> As it turns out I do not have permission.

If only you had read the Jakarta-site2 documentation...

Anyway, for the future, you now have permission.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Need to add Jetspeed release and nightly to binindex

[Jon Stevens]

on 9/21/01 3:45 PM, "Paul Spencer" <[EMAIL PROTECTED]> wrote:

> I would like to add the release and nightly builds of Jetspeed to
> http://jakarta.apache.org/site/binindex.html.  How should I accomplish
> this task?
> 
> Paul Spencer

http://jakarta.apache.org/site/jakarta-site2.html

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [VOTE] Making Commons-Cactus a top level projet

[Jon Stevens]

on 9/14/01 12:23 PM, "Geir Magnusson Jr." <[EMAIL PROTECTED]> wrote:

> Don't you want to preserve your history?

History will be preserved in the repo it is currently in.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [Lucene-dev] FW: Lucene Acceptance

[Jon Stevens]

on 9/11/01 8:55 AM, "Sam Ruby" <[EMAIL PROTECTED]> wrote:

> There's one
> piece that someone of root authority needs to do, and I'll coordinate that
> part.

Including getting a list of people who need commit access.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [Lucene-dev] FW: Lucene Acceptance

[Jon Stevens]

on 9/10/01 2:58 PM, "Ted Husted" <[EMAIL PROTECTED]> wrote:

> Just proceed down your list from the Lucene mailing list?
> 
> < http://www.geocrawler.com/archives/3/2626/2001/6/100/5924381/ >
> 
> -T.

Sounds like a good start.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

FW: [Lucene-dev] FW: Lucene Acceptance

[Jon Stevens]

Hey Ted,

What is your status?

-jon


-- Forwarded Message
From: "Tal Dayan" <[EMAIL PROTECTED]>
Date: Fri, 7 Sep 2001 08:32:10 -0700
To: "Jon Stevens" <[EMAIL PROTECTED]>, "lucene dev lists.sourceforge.net"
<[EMAIL PROTECTED]>
Subject: RE: [Lucene-dev] FW: Lucene Acceptance

Hi Jon,

Where are we standing with the switch to Jakarta ?

Tal

> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Jon Stevens
> Sent: Sunday, August 12, 2001 2:01 PM
> To: lucene dev lists.sourceforge.net
> Subject: [Lucene-dev] FW: Lucene Acceptance
> 
> 
> Fyi...
> 
> -jon
> 
> -- Forwarded Message
> From: Ted Husted <[EMAIL PROTECTED]>
> Organization: Apache Software Foundation / Jakarta
> Reply-To: [EMAIL PROTECTED]
> Date: Sun, 12 Aug 2001 16:57:08 -0400
> To: [EMAIL PROTECTED]
> Subject: Re: Lucene Acceptance
> 
> Jon Stevens wrote:
> > If you would like to take over and do the move, then that would
> be great. I
> > have sent several emails to the Lucene list with instructions
> on what needs
> > to be done. Check their list archives.
> 
> OK, I found this:
> 
> < http://www.geocrawler.com/archives/3/2626/2001/6/100/5924381/ >
> 
> I'm out of town most of this week, but will start stepping down the list
> if no one else is working on it.
> 
> -- Ted Husted, Husted dot Com, Fairport NY USA.
> -- Custom Software ~ Technical Services.
> -- Tel +1 716 737-3463
> -- http://www.husted.com/about/struts/
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> -- End of Forwarded Message
> 
> 
> ___
> Lucene-dev mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/lucene-dev

-- End of Forwarded Message


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] Enhydra

[Jon Stevens]

Doh!

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: lists that don't require subscriber approval

[Jon Stevens]

on 9/8/01 5:26 AM, "Vincent Massol" <[EMAIL PROTECTED]> wrote:

> Ok for doing the website but I would have preferred someone who has already
> done it and has everything set up on his machine (I don't and will have to
> learn the mechanism before so it'll take a some time). To summarise, there
> are 2 things to correct: remove the "doc" mailing list and correct the
> commons one.

cvs co jakarta-site2
cd jakarta-site2
edit xdocs/site/mail2.xml
ant
cvs ci

It isn't rocket science.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [PATCH] add jetspeed download links to the jakarta downloadspage

[Jon Stevens]

on 9/7/01 2:17 PM, "Chris Kimpton" <[EMAIL PROTECTED]> wrote:

> +Jetspeed

-1

Why is this in his home directory and not in the main jakarta site?

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Standardizing build.xml files

[Jon Stevens]

Please join the alexandria project's mailing lists. Gump, Maveric, JJAR,
etc, are all trying to do this in one way or another.

I think that the first priority is to get CJAR* working. Once we have that,
using the information provided by Gump to create standardized build files
for projects becomes a whole lot easier.

* I like CJAR better than CJAN as a name now. CJAR == Comprehensive Jar
Archive Repository.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: lists that don't require subscriber approval

[Jon Stevens]

on 9/6/01 7:45 AM, "Pier Fumagalli" <[EMAIL PROTECTED]> wrote:

> "Sam Ruby" <[EMAIL PROTECTED]> wrote:
>> 
>> P.S.  Perhaps the right fix here is to create a jakarta-cactus subproject.
> 
> Agreed... I would kindly ask to the Jakarta-Commons people, to vote on
> making Cactus become a top-level subproject of Jakarta, we'll move from
> there...
> 
>   Pier

Or:

jakarta-commons-cactus

-jon (who is enjoying the current low creation rate of top level projects)



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: The CEO

[Jon Stevens]

on 9/2/01 7:48 PM, "Tal Dayan" <[EMAIL PROTECTED]> wrote:

> For all the Microsoft lovers (and not so lovers) in this list. Take a look
> at http://tal.ontero.net/home/Mocrosoft. This is a 1:15min mpeg file showing
> Steve Balmar shouting, dancing and getting the Microsoft crowd excited.
> 
> Tal

I think that is great. The CEO of M$ is excited about what he is doing.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] Another case for using OSS.

[Jon Stevens]

Doh! That sucks for all those people and their jobs. :-(

Even worse are the people who purchased the software, built a ton of code
(or companies) on top of Netobjects and now are shit out of luck.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] Servlets better for most companies!

[Jon Stevens]

on 8/23/01 4:23 PM, "Kevin A. Burton" <[EMAIL PROTECTED]> wrote:

> Try convincing someone to use Torque instead of their $200,000 EJB server
> it
> is like trying to drive your hand through a 6' wall of steel...

Or Torque instead of TopLink, which I'm hearing has 5/6 digit pricing now,
and is very similar in API and features to Torque.

The mentality of these people is astonishing sometimes.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] Servlets better for most companies!

[Jon Stevens]

Sigh, I have been saying this for well over a year now...



Next I need to just convince people that JSP sucks and I'm sure that Gartner
will eventually write an article about it.

:-)

-jon

---
http://www.informationweek.com/story/IWK20010822S0001

Those damn expensive EJB servers!

$1B Wasted On High-End Servers, Gartner Says

Companies wasted more than $1 billion between 1998 and 2000 on high-end
Java application servers that provide far more capabilities than are
needed on most Web sites, says research firm Gartner. And, if the trend
continues, Gartner estimates that companies could throw away another $2
billion from 2001 to 2003.

Confusion over the appropriate use of the software needed to power Web
applications has led many companies to bypass low-end application
servers that meet most requirements and cost 10 times less than the
high-end products, Gartner says. In the last three years, the cheaper
models were sufficient for 80% of the projects in a typical midsize
company, yet 60% of the deployments were high-end.

Most business Web-site applications are focused on delivering content to
the user and are therefore best run on low-end products that support
servlets and Java Server Pages, technology best suited for those kinds
of applications. Examples of such application servers include Enhydra,
an open-source product; iPlanet Web Server from the Sun Microsystems/AOL
Time Warner alliance; WebLogic Express from BEA Systems; and WebSphere
Standard Edition from IBM.

High-end application servers are intended for large transaction volume
and, therefore, offer more advanced capabilities, such as load
balancing, fault tolerance, transaction management, and system
management. In addition, the expensive software typically supports the
Enterprise JavaBean component model and Java messaging architecture,
which are important for reusing application business logic across
various business processes and clients. Businesses should use a high-end
server handling transactions, back-end integration, and high volume in
conjunction with low-end products running less complicated applications.

"People need to take control and be responsible for their (computer)
architecture and the choices they make," says Gartner analyst David
Smith. "They need to understand that while they may have the requirement
to have the capability of EJB for one aspect, that doesn't mean that all
the different tiers in their system have to have the high-end
application server. They can use the low-end ones to do JSPs, servlets
and make calls to the EJB on the high-end one."

-- Antone Gonsalves 

-- End of Forwarded Message


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Viewcvs MIA

[Jon Stevens]

on 8/21/01 12:49 AM, "Endre Stølsvik" <[EMAIL PROTECTED]> wrote:

> At least _you_ will come up and shout "GO *FUCK OFF* YOU NO-KNOWINGLY
> ASSHOLE SHIT FACE" or something similar (I'm not that fluent in real heavy
> english abuse, I presume you'd be able to teach me a couple of phrases)..
> 
> This to clear the streets of such _maniacs_ ... or something similar.

Woah.

I tell someone where to go for submitting a bug report or getting help with
a piece of software and you try to put really off base words into my mouth.
Your imagination is pretty impressive given that I have never said such
things.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Viewcvs MIA

[Jon Stevens]

on 8/20/01 2:09 AM, "Endre Stølsvik" <[EMAIL PROTECTED]> wrote:

> Maybe he thought that this could be Jakarta's (configuration) problem?
> 
> Or maybe he's just asking about clarification whether this is "a bug or a
> feature"?

Then he should ask on the viewcvs mailing list because Jakarta's system is
configured by the author of the product and isn't subscribed here and can't
do anything to help him.

If you go out into the middle of the street and yell:

"I have a problem with ViewCVS!"

How many people do you think will answer you?

thanks,

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Viewcvs MIA

[Jon Stevens]

on 8/16/01 4:20 AM, "Conor MacNeill" <[EMAIL PROTECTED]> wrote:

> While we are on the topic of ViewCVS, there seems to be a slight config
> issue when you do a "select for diffs". For example, look at this page
> http://cvs.apache.org/viewcvs/jakarta-ant/build.xml?r1=1.173
>
> The coloured diffs link and text appear to be truncated . The text is
> missing the closing bracket (I can live with that), while the link is
> missing the diff_format=h parameter (which I really would like).

The link above looks fine to me...
 
> Anyone know how to fix that?

At the bottom of every page is a link to the person who wrote the
software...



Either report a bug or send a patch.

(I can't believe I have to say this.)

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Viewcvs MIA

[Jon Stevens]

on 8/15/01 10:26 PM, "Peter Donald" <[EMAIL PROTECTED]> wrote:

> Subject saids it all - else checkout http://cvs.apache.org/viewcvs.cgi/

We know.

Fixed now.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] $un, M$ and Java

[Jon Stevens]

on 8/15/01 8:42 PM, "Conor MacNeill" <[EMAIL PROTECTED]> wrote:

> Would you like a patch for that
> page?
> 
> :-)
> 
> Conor

I would rather let you just commit it yourself, but a patch will do.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] $un, M$ and Java

[Jon Stevens]

on 8/15/01 7:08 PM, "Conor MacNeill" <[EMAIL PROTECTED]> wrote:

> What is this, some sort of advocacy forum? I can read this sort of crap on
> slashdot if I want. IMHO, All this stuff is outside the charter of this
> list. Even a flamefest about jars in CVS, or project directory layouts or
> something on-topic, would be better :-)
> 
> Conor

That is why you can filter based on the subject line if you don't want to
see it. I have been very careful to put [OT] in each of my off topic posts
here.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Veltag JSP Taglib

[Jon Stevens]

The value-add is in making IT managers happy (they get J2EE compliance) and
developers happy (they don't have to work with the rest of yuck JSP or get
carpal tunnel by typing long ass Struts tags).

:-)

We all win.

-jon

on 8/14/01 5:47 PM, "Damon" <[EMAIL PROTECTED]> wrote:

> I'm curious, why would you use Velocity in a JSP context? What's the value-add
> over Velocity by itself? I18N or multi-channel delivery support via custom
> taglib?
> 
> Thanks, ~dmr
> 
> -Original Message-
> From: Jon Stevens <[EMAIL PROTECTED]>
> Date: Mon, 13 Aug 2001 19:52:28 -0700
> To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> Subject: FW: Veltag JSP Taglib
> 
> I love it.
> 
> -jon
> 
> -- Forwarded Message
> From: "Geir Magnusson Jr." <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Date: Mon, 13 Aug 2001 22:54:33 -0400
> To: velocity-user <[EMAIL PROTECTED]>
> Subject: Veltag JSP Taglib
> 
> Tonight I committed into the contrib section of CVS a mini-project
> called 'Veltag' which is a JSP taglib that allows you to use VTL within
> a JSP page.  I also added some documentation to the Velocity site under
> 'Tools', titled 'IT Manager wants JSP?'.  The documentation isn't
> complete, but I have been playing with this for quite some time, and I
> didn't want to put off committing it any longer.
> 
> This taglib allows you to put VTL right in your JSP pages :
> 
> <%@ taglib uri="/WEB-INF/veltag.tld" prefix="vel" %>
> 
> 
> 
>  Velocity! 
> 
> 
> 
> 
> 
>   
> 
>#set($mybean = $scopetool.getPageScope("mybean"))
> 
>#if(true)
>   this is true!
>#end
> 
>#foreach($item in $mybean.array)
>$item 
>#end
>  
> 
> 
> 
> JSP experts : if there are any problems with my JSP or taglib
> nomenclature or setup, I would love to know about it.  My JSP is kinda
> weak :)
> 
> geir


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

JavaOne Call for Papers

[Jon Stevens]

Maybe people can write some proposals about talks that don't center around
JSP. Last year was nuts...something like 50+ talks on JSP alone. Ewww.

-jon


* 2002 JavaOne(sm) Conference Call for Papers
  Sun Microsystems is seeking proposals for sessions for the
  JavaOne(sm) Conference, to be held March 25-29, 2002. The Call
  for Papers process begins August 31, 2001. Deadline for
  submitting papers is September 30, 2001.
  Call for Papers contact: [EMAIL PROTECTED]

  http://java.sun.com/javaone/


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] $un, M$ and Java

[Jon Stevens]

on 8/14/01 7:30 AM, "Pier P. Fumagalli" <[EMAIL PROTECTED]> wrote:

> Jon Stevens at [EMAIL PROTECTED] wrote:
> 
>> on 8/13/01 4:53 PM, "Alex Fernández" <[EMAIL PROTECTED]> wrote:
>> 
>>> What would change if Apache used GPL?
>> 
>> I would quit.
> 
> I would follow Jon.
> 
>   Pier

I'm starting to picture lemmings here...

LOL!

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

FW: Veltag JSP Taglib

[Jon Stevens]

I love it.

-jon

-- Forwarded Message
From: "Geir Magnusson Jr." <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Date: Mon, 13 Aug 2001 22:54:33 -0400
To: velocity-user <[EMAIL PROTECTED]>
Subject: Veltag JSP Taglib

Tonight I committed into the contrib section of CVS a mini-project
called 'Veltag' which is a JSP taglib that allows you to use VTL within
a JSP page.  I also added some documentation to the Velocity site under
'Tools', titled 'IT Manager wants JSP?'.  The documentation isn't
complete, but I have been playing with this for quite some time, and I
didn't want to put off committing it any longer.

This taglib allows you to put VTL right in your JSP pages :

<%@ taglib uri="/WEB-INF/veltag.tld" prefix="vel" %>



   Velocity! 







 #set($mybean = $scopetool.getPageScope("mybean"))

 #if(true)
this is true!
 #end

 #foreach($item in $mybean.array)
 $item 
 #end
 



JSP experts : if there are any problems with my JSP or taglib
nomenclature or setup, I would love to know about it.  My JSP is kinda
weak :)

geir

-- 
Geir Magnusson Jr.   [EMAIL PROTECTED]
System and Software Consulting
Developing for the web?  See http://jakarta.apache.org/velocity/
Well done is better than well said - New England Proverb

-- End of Forwarded Message


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] $un, M$ and Java

[Jon Stevens]

on 8/13/01 4:53 PM, "Alex Fernández" <[EMAIL PROTECTED]> wrote:

> What would change if Apache used GPL?

I would quit.

:-)

I let you decide if that is a good thing or not. :-)

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] $un, M$ and Java

[Jon Stevens]

on 8/13/01 10:54 AM, "Kevin A. Burton" <[EMAIL PROTECTED]> wrote:

> Send Stallman an e-mail right now.. [EMAIL PROTECTED]  He will tell you that Apache
> *is* Free Software.

No need to fill his inbox with crap.



> The Apache License, Version 1.1.
> This is a permissive non-copyleft free software license with a few
> requirements that render it incompatible with the GNU GPL.
> 
> We urge you not to use the Apache licenses for software you write. However,
> there is no reason to avoid running programs that have been released under
> this license, such as Apache.


Needless to say, the ASF (ie: Roy Fielding) says that the GPL *is*
compatible with the ASF 1.1 license. I know and trust Roy. I'm going with
Roy over whatever the FSF says any day.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] $un, M$ and Java

[Jon Stevens]

Lets see:

Sun doesn't open Java so that M$ can do cool stuff with Java and put them
out of business.

M$ attempts to do cool stuff with it anyway by creating a clean room
implementation. Go M$!

Sun sues M$ for trying to do something cool with Java:

> "It is ironic that we spent three years in litigation with Sun over their
> attempt to stop us from shipping Java in Windows, and now they are complaining
> that we are not shipping it by default in Windows XP," said Jim Cullinan,
> Windows XP lead product manager."

M$ creates competition with .NET and removes Java from its OS.

Sun takes full page ads out and whines like a baby.

> "Microsoft certainly is not doing Java users any favors," he said. "It's
> entirely understandable and predictable they would do something like that.
> They have been an underminer of Java since day one."


Someone should run an ad in the various newspapers to tell Sun to get a
f*cking clue.

:-)

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] FW: Sun Headquarter Briefings: Developing Web Services

[Jon Stevens]

on 8/8/01 9:59 AM, "Berin Loritsch" <[EMAIL PROTECTED]> wrote:

> All the stuff I've read about for WebServices comprise
> UDDI, SOAP, and WSDL.
> 
> The three combined provide a way to automatically discover remote resources
> that my webapp can use and then actually use it.

I'm surprised no one has mentioned JXTA. Where does that fall into this web
services picture?



P.s. This is great discussion. Thanks.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [OT] FW: Sun Headquarter Briefings: Developing Web Services

[Jon Stevens]

on 8/8/01 8:34 AM, "Waldhoff, Rodney" <[EMAIL PROTECTED]> wrote:

> It's an important part of optimizing your value Chain when dealing with
> everything from SMEs to large scale enterprises. ;)

HAHAHAHA

I'm sure it will increase my ROI on my ENV when my SME hits my JSP and pukes
all over my RTFM.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[OT] FW: Sun Headquarter Briefings: Developing Web Services

[Jon Stevens]

Can someone explain to me what the heck "web services" are so that I can
decide whether or not this is even worthwhile to learn about?



I'm guessing it is fancy marketing foo about SOAP/XML-RPC or it is about how
to build a website with JSP.

-jon

-- Forwarded Message
From: Ann Wilkins <[EMAIL PROTECTED]>
Reply-To: Ann Wilkins <[EMAIL PROTECTED]>
Date: Wed, 8 Aug 2001 07:08:00 -0700 (PDT)
Cc: [EMAIL PROTECTED]
Subject: Sun Headquarter Briefings: Developing Web Services

Dear Developer:

Judging from all the recent announcements in the industry, Web services is
clearly the next big thing.

Sun Microsystems, Inc. invites members of the development community to
attend a one day Sun Headquarter Briefing on "Developing Web Services".
This Briefing is scheduled for Thursday, September 6, 2001.
 
At this briefing, developers will receive first-hand information from the
very people who are working with this new generation of web services.
Developers will also learn how to start developing web services today.  In
addition, this briefing will attempt to clear the fog on web services
development including steps in the process such as design, create, assemble,
publish, and deploy.
 
For more information or to register for the Briefing, go to:

http://sdc.sun.com/briefings  or call:  1.800.795.7578
 
PLEASE NOTE:  When you register on-line, please be sure to click the check
box on the upper left-hand of the description.
  
See you at the Briefing!

Ann Wilkins 
Sun Headquarter Briefings
Phone:  +1-408-635-0854
Email: [EMAIL PROTECTED]



-- End of Forwarded Message


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Loggers, loggers, all over the place

[Jon Stevens]

on 8/7/01 11:04 AM, "Cedric Berger" <[EMAIL PROTECTED]> wrote:

> But this makes my point stronger: JDK 1.4 is a good API,
> and telling people to "stay away from it" (from Berin and Jon
> messages) is stupid and irresponsible.
> 
> Cedric

Go back and read my message.

I never said to stay away from the JDK 1.4 logging system.

WHAT I SAID:

I *personally* prefer to use the Log4J API.

How that got translated into me being "stupid and irresponsible" is beyond
me.

Lastly, the JDK 1.4 Logging API is just that. AN API!.

That means that Log4J can simply implement that API and be compliant.

If I use Log4J now, I know that in the future, my code can be easily
compliant with the JDK 1.4 Logging API by simply changing import statements
yet still use the Log4J code underneath. That is the direction that I'm
*personally* recommending people go in.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Loggers, loggers, all over the place

[Jon Stevens]

on 8/7/01 5:47 AM, "Berin Loritsch" <[EMAIL PROTECTED]> wrote:

> Hopefully the information presented here will help you.  I would stay
> away from JDK1.4 logging, and use either LogKit or Log4J which are of
> equal quality--but slightly different focuses and underlying concepts.

+1

Log4J also has a bit more visibility within Jakarta because it is a top
level project. Therefore, there is the *potential* that more developer
resources will be dedicated to it because people will find that project
first.

*Personally*, I like Log4J better at this point. The 25k .jar file with full
backwards compatibility to the enterprise edition also really makes a big
statement. You write your code to the 25k .jar API's and then drop in the
larger .jar when you need more features. You can't beat simple replacement
of a .jar file.

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Loggers, loggers, all over the place

[Jon Stevens]

on 8/7/01 5:47 AM, "Berin Loritsch" <[EMAIL PROTECTED]> wrote:

> It takes a couple
> iterations of an API to get it right, and Sun foolishly decided to include
> the API without the real world testing and feedback.

I'm sure it isn't the first time. :-)

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Moderation Duties...

[Jon Stevens]

Hi all,

In an effort to cut down on the amount of email I get and spend more time on
Scarab, I'm asking for volunteers to take over the duty of moderating the
emails sent from people who are not subscribed to the mailing list. Note:
people who are subscribed don't get moderated.

The duty is pretty simple...reply-to-all on the emails and the person will
get added to the "approve" list. Reply on the emails and the person will get
approved once. You can also disapprove emails as well if they are clearly
spam or something else lame.

It isn't a huge amount of email, maybe 0-10/day, but it is taking more time
for me to deal with it than I would like...I'm also getting behind on my
duties...

I would appreciate it if one person would just step up and take over all of
the lists. That would make the [EMAIL PROTECTED]'s job of switching me off
easier since it can be scripted.

In order to take over the duties, all you need to do is send email to
[EMAIL PROTECTED] and mention the lists that you would like to take
responsibility of.

I'm currently moderator for at least the following lists (as well as the
-cvs alias), maybe more:

Jmeter-dev
Jmeter-user
Jetspeed-dev
Jetspeed-user
James-user
James-dev
Turbine-dev
Turbine-user
Regexp-dev
Regexp-user
Ecs-dev
Ecs-user
Velocity-user
Velocity-dev
Jserv-user
Jserv-dev

thanks,

-jon


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Enhancement to jakarta-site2 -- XSLT stylesheet equivalent to"site.vsl"

[Jon Stevens]

This entire email is *exactly* why I push for version numbers in jar files.

Yes, classpath was empty

Yes, ant 1.3

-jon


on 7/27/01 3:01 PM, "Craig R. McClanahan" <[EMAIL PROTECTED]> wrote:

> 
> 
> On Fri, 27 Jul 2001, Jon Stevens wrote:
> 
>> on 7/27/01 12:08 PM, "Craig R. McClanahan" <[EMAIL PROTECTED]> wrote:
>> 
>>> Please help me debug this stylesheet, and improve its compatibility with
>>> site.vsl, by checking out the jakarta-site2 module and running the
>>> "xslt" target.  NOTE:  you will need to make sure that your Ant install
>>> includes the appropriate optional.jar file, and has access to either
>>> JAXP/1.1 (crimson.jar, jaxp.jar, and xalan.jar) or Xerces+Xalan.
>>> 
>>> Craig McClanahan
>> 
>> For the life of me, I can't get the .jar file foo correct...
>> 
> 
> Empty classpath, right?
> 
>> -jon
>> 
>> [204][ ~/checkout/jakarta-site2 ]% ant xslt
>> Buildfile: build.xml
>> 
>> xslt:
>> [style] Transforming into /Users/jon/checkout/jakarta-site2/xslt
>> [style] Loading stylesheet
>> /Users/jon/checkout/jakarta-site2/xdocs/stylesheets/site.xsl
>> [style] Failed to read stylesheet stylesheets/site.xsl
>> 
>> BUILD FAILED
>> 
>> /Users/jon/checkout/jakarta-site2/build.xml:103:
>> javax.xml.transform.TransformerConfigurationException: Namespace not
>> supported by SAXParser
>> --- Nested Exception ---
>> 
>> Total time: 2 seconds
>> 
>> [205][ ~/checkout/jakarta-site2 ]% dir $ANT_HOME/lib/
>> total 1584
> 
> Ant 1.3, right?
> 
>>0 drwxrwxr-x   9 jon  staff 262 Jul 27 13:49 ./
>>0 drwxrwxr-x   9 jon  staff 262 Mar 11 13:40 ../
>>4 -rw-r--r--   1 jon  staff 153 Mar  2 04:46 README
>>  292 -rw-r--r--   1 jon  staff  295934 Mar  2 04:46 ant.jar
>>  184 -rw-rw-r--   1 jon  staff  187246 Mar 23 17:23 crimson.jar
>>  244 -rw-rw-r--   1 jon  staff  247802 Mar 14 07:09
>> jakarta-ant-1.3-optional.jar
>>8 -rw-r--r--   1 jon  staff5537 Mar  2 04:46 jaxp.jar
>>  136 -rw-r--r--   1 jon  staff  136198 Mar  2 04:46 parser.jar
>>  716 -rw-r--r--   1 jon  staff  732330 May 23 05:45 xalan.jar
>> 
> 
> In my JAXP/1.1 release (and my $ANT_HOME/lib directory), file sizes are:
> 187162  crimson.jar
>  28404  jaxp.jar
> 801714   xalan.jar
> 
>> [206][ ~/checkout/jakarta-site2 ]% dir lib
>> total 1668
>>0 drwxrwxr-x   9 jon  staff 262 Jul 27 13:47 ./
>>0 drwxrwxr-x  18 jon  staff 568 Jul 27 13:43 ../
>>0 drwxrwxr-x   6 jon  staff 264 Jul 16 16:08 CVS/
>>  292 -rw-rw-r--   1 jon  staff  295934 Mar 11 13:48 ant-1.3.jar
>>  184 -rw-rw-r--   1 jon  staff  187246 Mar 23 17:23 crimson.jar
>>   28 -rw-rw-r--   1 jon  staff   28404 Mar  4 05:35 jaxp.jar
>>   80 -rw-r--r--   1 jon  staff   78541 Feb 14 11:56 jdom-b6.jar
>>  368 -rw-rw-r--   1 jon  staff  373565 Apr 30 13:24
>> velocity-1.0.1.jar
>>  716 -rw-r--r--   1 jon  staff  732330 May 23 05:45 xalan.jar
>> 
> 
> This stuff shouldn't matter when you execute the "ant" script directly,
> instead of through build.sh/build.bat.  The key issue is that
> "ant" resolves to $ANT_HOME/bin/ant for the $ANT_HOME library directory
> you listed above.
> 
> Craig


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]