Java programmer lured back by .Net (Questions)

  • Thread starter Thread starter Beatrice Rutger
  • Start date Start date
B

Beatrice Rutger

Hi,

I am a previous Micro$oft desertee (moved from VB/VC++ to Java before
this whole DOTNET thing) because I had several issues with Micro$oft. I
am not completely in love with Windoze, but I have to say that Java
SWING sucks BIG TIME for developing and deploying desktop applications
(especially on Windoze).

Unfortunately, I have been dragged kicking and screaming back to my old
haunts - but the landscape has changed somewhat and I would appreciate
some feedback from people with real world experience of what I'm trying
to achieve. Basically, I'm torn between two worlds (Java programmers
hate me for deserting, and are trying to convince me to use the slow
clunky SWING GUI because it's a better fit - yeah tha'll happen!), and
in the past, I have been bombarded by .NET zealots who want me to
re-write my whole backend to use the flaky IISP etc - and I'm like yeah
right!).

My backend is pure Java (J2EE) running on Unix - but because SWING is so
shitty, I basically am forced to use .NET which, with its (Forms?) is
really cool, looks good and allows you to write an application that
really looks and feels at home on a Windoze box - and blows away crappy
lokking SWING applications in sheer performance and looks.

The problems then are this:

1). Inter-operatability (communication between the front end and backend)
2). Code protection at the client side


INTER-OPEATABILITY
====================
I have a J2EE backend and a .NET frontend. I need to get them to
communicate. I do NOT want to use SOAP/XML because it is far too heavy
weight, and I get the performance hit caused by parsing on both sides. I
would like to use something like base 64bit encoding and servlets to
transfer data in binary format between the backend component - I will
issue HTTPS request from the .NET client, receive the request on the
Servlet at the backend, process it and hand the response back (in base
64 bit encoded form). Any ideas about how I can do this on the .NET side
of things (is theer a library for issuing HTTPS requests and handling
base 64 encoded daat?)


CODE SECURITY
==============
Admitedly, this is a problem that Java also has, but we do have class
loaders, and that (along with code obfuscation) can lead to some pretty
secure code. I would like to be able to place my executable on my remote
server (probably as 64 bit encoded ASII strings - since it will be on a
different platorm) and then "load" the executables on demand from
accross the internet - so that there are no executables on the local
machine for prying eyes to reverse engineer. Is there anyway, I can load
binaries from a remote location and then run it on a local machine?. I
will be very interested in knowing if and how this can be done.

I would not need to worry about code security if I was developing with
VB or VC++ - however, the future of VB seems uncertain (is the plug
going to get pulled on VB at some stage or what?), and also last time I
checked (several years ago), VC++ was lousy at creating GUIs - the
DOTNET framework has these nice forms which unfortunately, I cannot use
in VB or VC++ without making the whole damn executable easy to reverse
engineer - is there another way of getting the fantastic GUIs (which is
the only reason I am back), along with the code security of ("non
reverse engineerable") executables?. Is there a language or language
combination that gives me the desired results ?


Lastly, but not the least, can I use MDD (model driven design in .NET)
you know, UML nad design patterns etc to generate the underlying code?.
I sthere a tool that allows me to create UML designs and then generate
the appropriate code in .NET?

I look forward to your responses


Regards,

B.
 
Hmmm, and this helps me HOW ?
MSDN [1] has quite a few documents for those playing ping pong and the
ASP.NET Forums [2] are also very good for peer support. Lots of victims
around ;-)

<%= Clinton Gallagher
METROmilwaukee (sm) "A Regional Information Service"
NET csgallagher AT metromilwaukee.com
URL http://metromilwaukee.com/
URL http://clintongallagher.metromilwaukee.com/

[1] http://msdn.microsoft.com/
[2] http://asp.net/




Hi,

I am a previous Micro$oft desertee (moved from VB/VC++ to Java before this
whole DOTNET thing) because I had several issues with Micro$oft. I am not
completely in love with Windoze, but I have to say that Java SWING sucks
BIG TIME for developing and deploying desktop applications (especially on
Windoze).

Unfortunately, I have been dragged kicking and screaming back to my old
haunts - but the landscape has changed somewhat and I would appreciate
some feedback from people with real world experience of what I'm trying to
achieve. Basically, I'm torn between two worlds (Java programmers hate me
for deserting, and are trying to convince me to use the slow clunky SWING
GUI because it's a better fit - yeah tha'll happen!), and in the past, I
have been bombarded by .NET zealots who want me to re-write my whole
backend to use the flaky IISP etc - and I'm like yeah right!).

My backend is pure Java (J2EE) running on Unix - but because SWING is so
shitty, I basically am forced to use .NET which, with its (Forms?) is
really cool, looks good and allows you to write an application that really
looks and feels at home on a Windoze box - and blows away crappy lokking
SWING applications in sheer performance and looks.

The problems then are this:

1). Inter-operatability (communication between the front end and backend)
2). Code protection at the client side


INTER-OPEATABILITY
====================
I have a J2EE backend and a .NET frontend. I need to get them to
communicate. I do NOT want to use SOAP/XML because it is far too heavy
weight, and I get the performance hit caused by parsing on both sides. I
would like to use something like base 64bit encoding and servlets to
transfer data in binary format between the backend component - I will
issue HTTPS request from the .NET client, receive the request on the
Servlet at the backend, process it and hand the response back (in base 64
bit encoded form). Any ideas about how I can do this on the .NET side of
things (is theer a library for issuing HTTPS requests and handling base 64
encoded daat?)


CODE SECURITY
==============
Admitedly, this is a problem that Java also has, but we do have class
loaders, and that (along with code obfuscation) can lead to some pretty
secure code. I would like to be able to place my executable on my remote
server (probably as 64 bit encoded ASII strings - since it will be on a
different platorm) and then "load" the executables on demand from accross
the internet - so that there are no executables on the local machine for
prying eyes to reverse engineer. Is there anyway, I can load binaries from
a remote location and then run it on a local machine?. I will be very
interested in knowing if and how this can be done.

I would not need to worry about code security if I was developing with VB
or VC++ - however, the future of VB seems uncertain (is the plug going to
get pulled on VB at some stage or what?), and also last time I checked
(several years ago), VC++ was lousy at creating GUIs - the DOTNET
framework has these nice forms which unfortunately, I cannot use in VB or
VC++ without making the whole damn executable easy to reverse engineer -
is there another way of getting the fantastic GUIs (which is the only
reason I am back), along with the code security of ("non reverse
engineerable") executables?. Is there a language or language combination
that gives me the desired results ?


Lastly, but not the least, can I use MDD (model driven design in .NET) you
know, UML nad design patterns etc to generate the underlying code?. I
sthere a tool that allows me to create UML designs and then generate the
appropriate code in .NET?

I look forward to your responses


Regards,

B.
Click to expand...
Click to expand...
 
Beatrice Rutger said:
Hi,

I am a previous Micro$oft desertee (moved from VB/VC++ to Java before this
whole DOTNET thing) because I had several issues with Micro$oft. I am not
completely in love with Windoze, but I have to say that Java SWING sucks
BIG TIME for developing and deploying desktop applications (especially on
Windoze).
Click to expand...

First thing, it would *really* help to not be so hostile when asking
questions of this magnitude. Answering you is going to be a bit of an
investment of time and few are going to want to put the time in if all they
expect in return is the same level of scarcasm and self-indulgent behavior
that went into the question. Insulting the technology that the people whom
you are asking questions of are using isn't the best way to go about things.
My backend is pure Java (J2EE) running on Unix - but because SWING is so
shitty, I basically am forced to use .NET which, with its (Forms?) is
really cool, looks good and allows you to write an application that really
looks and feels at home on a Windoze box - and blows away crappy lokking
SWING applications in sheer performance and looks.
Click to expand...

Have you ever considered a different java UI toolkit? I'm sure there are
others out there. You would clearly prefer to stay with java, so why not
explore alternatives in the java space first?
INTER-OPEATABILITY
====================
I have a J2EE backend and a .NET frontend. I need to get them to
communicate. I do NOT want to use SOAP/XML because it is far too heavy
weight, and I get the performance hit caused by parsing on both sides. I
would like to use something like base 64bit encoding and servlets to
transfer data in binary format between the backend component - I will
issue HTTPS request from the .NET client, receive the request on the
Servlet at the backend, process it and hand the response back (in base 64
bit encoded form). Any ideas about how I can do this on the .NET side of
things (is theer a library for issuing HTTPS requests and handling base 64
encoded daat?)
Click to expand...

Issuing requests is pretty simple, WebRequest and WebClient allow you to
access http and https uris, as I recall. Going too and from Base64 can be
achieved with methods on the Convert class. Hit MSDN and look up these
classes for the specifics.
CODE SECURITY
==============
Admitedly, this is a problem that Java also has, but we do have class
loaders, and that (along with code obfuscation) can lead to some pretty
secure code. I would like to be able to place my executable on my remote
server (probably as 64 bit encoded ASII strings - since it will be on a
different platorm) and then "load" the executables on demand from accross
the internet - so that there are no executables on the local machine for
prying eyes to reverse engineer. Is there anyway, I can load binaries from
a remote location and then run it on a local machine?. I will be very
interested in knowing if and how this can be done.
Click to expand...

Sure, you can. You'll have to create a shell app that loads the assemblies
you want, but Assembly.Load will take a byte array containing the raw
assembly file, all you would have to do is download it and decrypt\decode
it. I still don't think this will help your security much, but it does force
people to try a little harder I suppose.

The WebClient class should help with your downloading.
I would not need to worry about code security if I was developing with VB
or VC++ - however, the future of VB seems uncertain (is the plug going to
get pulled on VB at some stage or what?), and also last time I checked
(several years ago), VC++ was lousy at creating GUIs - the DOTNET
framework has these nice forms which unfortunately, I cannot use in VB or
VC++ without making the whole damn executable easy to reverse engineer -
is there another way of getting the fantastic GUIs (which is the only
reason I am back), along with the code security of ("non reverse
engineerable") executables?. Is there a language or language combination
that gives me the desired results ?
Click to expand...

I don't think VB is going any where anytime soon. It is in the 2k5 beta
project and going strong. If you want native code and UI's, you are going to
have to use C++ and use a different windowing toolkit. WinForms come with
all the advantages and drawbacks of managed code, the ones that are there in
all of your java apps and that I doubt you are really circumventing, I might
add.
Lastly, but not the least, can I use MDD (model driven design in .NET) you
know, UML nad design patterns etc to generate the underlying code?. I
sthere a tool that allows me to create UML designs and then generate the
appropriate code in .NET?
Click to expand...

I'm sure there is, google is your friend. MS has some tools in the works,
but I do not believe any of them are available for general purpose usage
yet. Other companies, however, do have .NET modelign tools out. I don't use
UML so I don't really know much about them.
 
See inline :0)

--
Regards

John Timney
ASP.NET MVP
Microsoft Regional Director

Beatrice Rutger said:
Hi,

I am a previous Micro$oft desertee (moved from VB/VC++ to Java before this
whole DOTNET thing) because I had several issues with Micro$oft. I am not
completely in love with Windoze, but I have to say that Java SWING sucks
BIG TIME for developing and deploying desktop applications (especially on
Windoze).

Unfortunately, I have been dragged kicking and screaming back to my old
haunts - but the landscape has changed somewhat and I would appreciate
some feedback from people with real world experience of what I'm trying to
achieve. Basically, I'm torn between two worlds (Java programmers hate me
for deserting, and are trying to convince me to use the slow clunky SWING
GUI because it's a better fit - yeah tha'll happen!), and in the past, I
have been bombarded by .NET zealots who want me to re-write my whole
backend to use the flaky IISP etc - and I'm like yeah right!).

My backend is pure Java (J2EE) running on Unix - but because SWING is so
shitty, I basically am forced to use .NET which, with its (Forms?) is
really cool, looks good and allows you to write an application that really
looks and feels at home on a Windoze box - and blows away crappy lokking
SWING applications in sheer performance and looks.

The problems then are this:

1). Inter-operatability (communication between the front end and backend)
2). Code protection at the client side


INTER-OPEATABILITY
====================
I have a J2EE backend and a .NET frontend. I need to get them to
communicate. I do NOT want to use SOAP/XML because it is far too heavy
weight, and I get the performance hit caused by parsing on both sides. I
would like to use something like base 64bit encoding and servlets to
transfer data in binary format between the backend component - I will
issue HTTPS request from the .NET client, receive the request on the
Servlet at the backend, process it and hand the response back (in base 64
bit encoded form). Any ideas about how I can do this on the .NET side of
things (is theer a library for issuing HTTPS requests and handling base 64
encoded daat?)
Click to expand...

There are a whole bunch of classs in the System.Net libraries like the
webrequest and webresponse classes that can help you work with http data,
including https. Requests can be as simple WebRequest myRequest =
WebRequest.Create(http://www.contoso.com) but for https you may have to work
with the certificate. Take a read of this.
http://dotnetjunkies.com/WebLog/joe/archive/2004/09/20/26190.aspx

Also - an alternative approach
http://blogs.msdn.com/dotnetinterop/archive/2005/02/28/381735.aspx

CODE SECURITY
==============
Admitedly, this is a problem that Java also has, but we do have class
loaders, and that (along with code obfuscation) can lead to some pretty
secure code. I would like to be able to place my executable on my remote
server (probably as 64 bit encoded ASII strings - since it will be on a
different platorm) and then "load" the executables on demand from accross
the internet - so that there are no executables on the local machine for
prying eyes to reverse engineer. Is there anyway, I can load binaries from
a remote location and then run it on a local machine?. I will be very
interested in knowing if and how this can be done.
Click to expand...

You can do remoting .
http://www.csharphelp.com/archives/archive187.html
...........or use something like psexec
http://www.sysinternals.com/ntw2k/freeware/psexec.shtml

Either way, not all your code needs to be local.

I would not need to worry about code security if I was developing with VB
or VC++ - however, the future of VB seems uncertain (is the plug going to
get pulled on VB at some stage or what?), and also last time I checked
(several years ago), VC++ was lousy at creating GUIs - the DOTNET
framework has these nice forms which unfortunately, I cannot use in VB or
VC++ without making the whole damn executable easy to reverse engineer -
is there another way of getting the fantastic GUIs (which is the only
reason I am back), along with the code security of ("non reverse
engineerable") executables?. Is there a language or language combination
that gives me the desired results ?
Click to expand...


All of the .net managed languages complile to the same thing, so its the
same regardless of whihc language you choose. Just get a good obfuscator.
There are some (slamander I think) that can compile to native code. I have
never tried it however, you 'll need to fish about.

Lastly, but not the least, can I use MDD (model driven design in .NET) you
know, UML nad design patterns etc to generate the underlying code?. I
sthere a tool that allows me to create UML designs and then generate the
appropriate code in .NET?
Click to expand...

VS.NET as a tool can generate class and method stubs from UML.
 
Hi Daniel,

Thanks for the post. Reaklly useful info. Apologies if I was a bit
cranky at first... I think the solution I'm going to go for is Managed
C++ for the GUI and then my business logic in native DLLs.

I guess I was a little peeved because I have to maintain two branches of
code - just because Java has not got its act together yet on the desktop
side - despite all the years of promise.

Many thanks for your feedback

B.
 
Beatrice Rutger said:
I guess I was a little peeved because I have to maintain two branches of
code - just because Java has not got its act together yet on the desktop
side - despite all the years of promise.
Click to expand...

<snip>

Have you tried looking at SWT? As a good example, I find Eclipse is one
of the nicest desktop apps I use day-in, day-out. (I gather Swing has
improved significantly in terms of performance over the years, and
every time I use Windows Forms I long for the layout management options
of Java...)

By the way, I wouldn't be so convinced that using your own classloaders
and downloading files over the network will keep your code away from
prying eyes. It doesn't take much work at all to use a different
version of java.lang.ClassLoader which dumps out every class it
loads...
 
Hi John,

Swing (or SWT for that matter) is simply not ready for prime tiume
despite the hype. Don't get me started on JNLP either ...
Basically the Java lobby is spending all its efforts on the server side
(which is a good thing), but losing the battle on the desktop.

Java has been around for years, and yet still a novice can spot a Java
app running on Windows a mile away. Talking about Eclipse - have you
seen how it suddenly seems to go to sleep on you (and it uses SWT) - I
don't remeber any windows program behaving like that. The point is Bill
Gates is a pretty smart guy. He rules absolutely supreme on the Windows
platform. Untill Java (or someone else) gives him something to worry
about, developers/ISVs who want to build professional looking code that
competes on an equal footing with native Win32 applications is simply
going to have to use windows (it they have more of a businsess brain
than a techie brain) - if even unfortunately (like in my case), I have
to maintain two code branches - but if you can't beat them, join them.

B

PS: Of course, you *can* build some applications that try to look like
Windows (using JGoodies and the like), but a novice VB programmer on his
first day at work will be far much more productive than a Java
programmer with several years SWING experience. I could go on and on..
and point you to several Urls (even Java is asking why developers don't
deploy SWING apps - check the sun.java site). Basically SWING *currently
sucks - and I'll be dammned if I'm going to conceed any ground to my
competitors on the Windows platform - just because I think SWING/SWT is
the way of the future. Have you seen those crazy, scary dialogue boxes
that come up when you try to install an app using Web start? - whose
bright idea was that anyway?. basically, for serious windows apps, we've
got to go and nestle at the teat of the great guy - he's got us where he
wants and theres not a great deal we can do about it at the mement -
since the tools are the most productive on his platform ...
 
Beatrice Rutger said:
Swing (or SWT for that matter) is simply not ready for prime tiume
despite the hype. Don't get me started on JNLP either ...
Basically the Java lobby is spending all its efforts on the server side
(which is a good thing), but losing the battle on the desktop.
Click to expand...

I guess we'll have to agree to disagree.
Java has been around for years, and yet still a novice can spot a Java
app running on Windows a mile away. Talking about Eclipse - have you
seen how it suddenly seems to go to sleep on you (and it uses SWT) - I
don't remeber any windows program behaving like that.
Click to expand...

Actually, Eclipse seems to have a lot fewer pauses like that than
Visual Studio .NET 2003. It's generally more responsive (as well as
being *much* more useful, but that's a different matter).

Swing certainly takes a while to get to grips with in terms of it being
a different way of looking at UIs, and I'll readily admit I'm not
usually a UI programmer anyway - but in general I prefer the Swing way
of working to the Windows Forms one. (As I said before, in layout terms
Java is miles ahead - at the moment. I expect Avalon to change that.)

Yes, Swing can be frustrating - but so can Windows Forms. I suspect
you'll find just as many quirks and annoyances in the long run.
 
Back
Top