Digital Bob Cratchit

Study after study shows that careful attention to detail when examining code reaps big quality and productivity benefits. Trouble is, sifting Java code for awkward constructs and nonstandard patterns, along with constructing routine unit tests, is mind-numbingly dull, and a numb mind writes schlocky code.

What you need is a digital slave; someone who can go through those thousands of lines without worrying about worker's comp. ("I don't know; his mind just went numb and now he can't write code.")

[click for larger image] Agitar Management Dashboard has its finger on the project's pulse

Agitar has just the tools for you. Its test-support tool Agitator 2.0 can generate test data, create "smart" mock objects, examine your source to help you avoid common pitfalls and adhere to coding standards, and actually build some of your unit tests. Meanwhile, the "observation engine" looks at what your classes are doing and gives you an idea of what's happening under the hood. Agitator is integrated with Eclipse, and interoperates with JBuilder and IntelliJ IDEA. It supports EJBs and Apache Struts, as well as servlets and JDBC.

While Agitator is letting you know how your code is doing, the Agitar Management Dashboard has its finger on the project's pulse. How many classes does it contain? How did that change since the last time you looked? What percentage of classes include unit tests? What's the trend for those numbers over the project's lifespan? The reports can be generated by package, by class or by (gulp!) developer, so you can quickly track down what's right and what's broken. Contact Agitar for pricing.

Agitar Software, 1350 Villa St., Mountain View, CA 94041, Tel: (650) 694-7572, Fax: (650) 694-7573, www.agitar.com

—Rick Wayne

Rule the .NET

[click for larger image]

Hence the business-rules movement, which lets domain experts work in terms (and with tools) geared to their skill set, while the developers mallet the bits about. Following the success of its JRules product for Java, ILOG has come out with Rules for .NET. Your domain-knowledge experts don't have to care what your favorite programming language is, much less code in it—if .NET supports it, you can write the bone and sinews of the application, while they code the brain in near-English syntax. And they can do it in Microsoft Word!

The Rules product consists of four components: Rule Engine, which ships as a .NET assembly and can slurp data from sources such as .NET objects, databases, XML documents and COM-enabled applications; Rule Studio for .NET, a set of Visual Studio plug-ins to help developers build, test and ship rules; Rule Solutions for Office, which simplifies entering and editing rules by hiding their native XML format; and Rule Team Server for SharePoint, which adapts Microsoft's SharePoint product to provide a common repository, versioning and rollback for the rules documents. Development seats start at $2,000; the Rule Engine and Team Server products each cost $20,000 per processor deployed.

ILOG, 1080 Linda Vista Ave., Mountain View, CA 94043, Tel: (650) 567-8000, Fax: (650) 567-8001, www.ilog.com

—RW

Lock It How You Like It
Personally, I'm all about open source, but I work on government funding for a big university. But if your company thinks it's nice to get paid for software, more power to you. To keep freeloaders off your Java applications, consider Protection! Pro from jProductivity. It lets you build highly customizable licensing right in. You can select a named-user (that is, node-locked) model or go with floating licenses supporting concurrent users; you can set up evaluation versions (or develop a subscription system), with a customizable grace period. There's an optional Web service-based product for online registration and unlocking, as well as an API for building your own back end. Finally, you can develop your own stew of product versions, features and licensing levels, from the stone-simple to the baroque.

The whole thing is driven by a set of wizards, and the company's made it as easy as it can to incorporate into your application. Protection! Pro uses some pretty tough encryption, too, just in case your product hits it so big that the crackware community takes an interest.
Protection! Pro is licensed (what, you thought they'd open source it?) on a per-developer, per-server basis: One development license per coder working with the framework, and one server license per machine running the back-end registration/activation software. Those licenses are $699 and $1,149, respectively.

jProductivity, 275 Madison Ave., New York, NY 10016, www.jproductivity.com

—RW

I've Got a Secret—and You Do, Too
Code Red, Nimda, website defacements—highly visible security breaches get a lot of press and developer attention. What passes unknown in most media accounts, but is obvious to the student of security, is that the most dangerous threats are the quiet ones. The body-pierced slacker hacker sitting in Starbucks pounding on your corporate ramparts isn't the problem. The real culprit is Bert, the disaffected HR clerk who just left the building with a USB flash drive in his pocket. Your performance review is about to become blogger fodder.

Privacy is the quiet side of security—information often leaks without you knowing it, in the most prosaic ways imaginable. The difference is that security breaches can often be

repaired, but once private data gets out, you can never get it back. J.C. Cannon's tome Privacy (Addison-Wesley, 2004) is aimed squarely at developers and IT professionals. In it, Cannon discusses common conduits through which private information leaks, how to stop it (from both a personal and corporate perspective), and how to build Web and desktop software that addresses privacy concerns. The included CD-ROM contains examples and source code for sample applications (many of which require Microsoft tools and platforms, by the way). Privacy costs $49.99.

Security is a concern on every platform, but for a variety of reasons, Windows often gets the closest scrutiny. To help Windows coders build security in, rather than trying to trowel it on afterward, Keith Brown wrote The .NET Developer's Guide to Windows Security (Addison-Wesley, 2004). The book is dedicated to "the countless number of programmers struggling daily to write secure code on the Windows platform"; in it, he explicates some of the basic concepts on which those of us who aren't security experts might be a little unclear: secure code, threat modeling, the Principle of Least Privilege. From there, he goes into Windows- and .NET-specific topics and tools, ranging from how to do day-to-day development with as few privileges as possible, through the Windows authentication mechanism. On the way, he covers a multitude of useful details, such as how to select a user for a daemon process and how object ownership works under Windows. The Guide is $44.99.

—RW

Software Development does not review New & Noteworthy inclusions. The features, capabilities and, in some cases, the images have been derived from the manufacturers' information. The words, however, are all ours. New product announcements may be sent to [email protected].