Spring security

Before Christmas I started to upgrading a spring security in my company's application. It was my second experiment. This time it passed. First time I just changed paths of classes. Yep. Between version 2.0 and 3.x there  is a huge difference in class packages.
Secondly new version is safer than earlier. Csrf, HSTS and other header controlling browser flow and secure connection.
Configuration of my application is a little different than tutorial case. I have two ways of authority:
- by web login and password
- by URL token.
I have to create unsecured controller which authorised user by URL token and forward request to target page. Now when I know dependences of spring security, it is easy. However I spend two days.

This week I tied to make rule hierarchy and  However as I got to know it isn't possible

Anyway main idea is the same.

Oracle procedures in java

Yesterday I found in scripts prepared by my colleague some Java code. I didn't do something like this. I tried to modify a sample of code which returns current time in long number format. However I couldn't do any changes because it is possible only execute a compiled and loaded class and return the result of execution, so if jre fits your needs you are lucky.
From Google I found out that I need to load a class of application but I didn't tried. Example was simply hallo word, so I don't now if it is possible to execute query inside class.

I noticed that Java isn't loaded by default because first start took a few seconds.

Java tests - my notices

Last one or two weeks I spend on reading a blog www.petrikainulainen.net. I focused over testing. I'd like to find solutions of my problem with testing a dao which use advanced pl/sql queries. Unfortunately I didn't. However I get to know other valuable notices about testing. I will list here the most important for me:
1) Test are benefit especially  during maintenance (they describe, how application work) and during changing one of component,
2) Clean code in tests are the same important as in application code,
3) Tests, which are low quality, are unnecessary and you should change it or remove.
4) Don't test framework code. If you don't trust it, you shouldn't use it.
5) Separate unit tests and integration tests. You can do it in maven.
6) Don't do unit tests for dao, do integration tests.
7) Use determined data for test, then you won't have false-positive.
8) To prepare data to test you can use memory db and DbUnit to prepare data.
9) One test should test one logic thing. When it is tested many logic things, nobody now what's goes wrong when test failed.
10) Never accept habit do tests after project deployment. It is almost certain that it won't be time to do that and much more of cases you will forget.


There is one thing that I didn't find solution. How can I test my advanced queries build and executed from Java? Queries uses some specific command for oracle database so I can't use to test them other database. However maybe I should test them from database side, not from Java side, but how to test mappings?