Friday, April 07, 2006

The Difficult Art of Good Example

I am almost done reading Core JavaServer Faces.

Wow. I see you coming, so I must immediately make the following disclaimer: I am not embracing the wild idea of reconverting to presentation-layer development. What I have seen in this book scared the heck out of me and I definitively prefer to stick to more trivial things like high-performance massively-scalable middleware development*.

This said, the book is pretty good, stuffed with detailed examples and very valuable insights and comments on the JSF strengths and weaknesses.

Did I mention examples? Yep! But I forgot to mention this one example that freaked me out, because of the potential bad habits it could create, while giving the impression it is pretty legitimate.

To demonstrate database connectivity, the authors use the infamous and pervasive login example. Type in your name and password, push login, then let's connect to the DB and redirect you to either the jolly welcome page or the less welcoming sorry page.

Now this book will be read by people who have no clue about the capacities of a J2EE container and they will take for granted that security must be implemented in the application. And people like me will have to come after that, clean the mess and watch the grim on their (JS) faces when I will have to explain that not everything in a book must be taken for granted.

Sure the authors detail the J2EE security mechanism afterwards, as a better way of doing things. But come on, it is too late, our reconverted ASP-or-whatever-other-horrific-MVC1 programmers will start implementing their own security algorithm in their JSF applications.

And they will fail.

There are plenty of other things an application can use a database for... Why this login example? Why not the famous stock value lookup example?

Beware bad examples: disastrous consequences might follow!

* shameless boasting