There are those moments when everything just falls into place.

Before Xmas and before I got the notification from the CAB at cf.Objective(), one of my submitted sessions was accepted for Scotch On The Rocks 2014. I’m still extremely happy about that as the amount of submissions they got was massive (around ~160, iirc) and given that it’s a quite small event, it must have been a tremendously hard choice for them to select sessions. And I’m very, very glad that I made the cut.

It’ll be about 6 years ago that I’ve been to Edinburgh the last time and I’m very keen on going back for both the city and the conference. SOTR used to be very much a CFML conference back then. That’s changed quite a bit over the last few years and the conference is now much more of a (web) development conference open for both topics on the frontend development side of things as well as for backend topics. I’ll also get to see my friend Kay again, yay! Co-incidentally she wrote a very interesting piece about SOTR’s “incentive ticketing”.

However, I was actually a bit surprised when my talk: “Digging in the dirt or digging for Gold? The Internals of the Java Virtual Machine!” was selected.

My initial thoughts were along the lines of:

“Yay, they accepted my talk!!!! Awesome, I’m going to Scotland again!!!”

“Oh, hang on. They want… THAT ONE? Really? WTF!”

Please note that this session is a different talk from what I’m going to present on at cf.Objective() – which is about JVM and memory tuning for CFML developers. My session at Scotch On The Rocks will be quite fundamental in a way that I will endeavour to explain the JVM. Well, maybe not all of it in ~50 minutes, but the Essentials; The parts that people really should understand to then being able to understand what happens right below the language/server of their choice and why JVM tuning might even become necessary. It’s actually kind of geeky – read for yourself, below is my talk’s abstract:

Digging in the dirt or digging for Gold? The Internals of the Java Virtual Machine!

The JVM is a funny odd little thing. Loved and hated by just a few, ignored and misunderstood by many. People talk about Memory Management, Garbage Collection and all sorts of stuff, but what IS the JVM and how does it work?

This talk will discuss the common architecture features of Java Virtual Machines. What does it take to compile one’s Java, CFML, Clojure, Scala (or whatever JVM-based language you might prefer) source code into byte code and execute that? What are life cycle and memory constraints of a Virtual Machine running on actual hardware? And yes – how does it manage memory and how does Garbage Collection work?

The session will – as indicated in the title – focus on the Java Virtual Machine. But a lot of concepts that apply to the JVM are generic problems of Computer Science and this talk might bring back some memories from the past: stacks, types, threads, pointers and much more. Along the way we’re also having a discussion about the (sometimes subtle) differences between the Sun/Oracle JVM, JRockit or the SAP JVM (did you even know SAP was in this business?)

You might ask: Why is this important anyway? The answer is astonishingly simple: Without having at least a fundamental understanding of how the JVM works, you will not be able to write effective and efficient code in any language on top of the JVM.


It already happened an few days ago, but I’m very pleased to announce that I’ll be at cf.Objective() 2014 in Minneapolis in May 2014 and that two of my three session proposals got chosen for the conference’s agenda.

I’ve been to cf.Objective() 2013 as an attendee (Kudos to Gert @ Railo for throwing me a ticket of their sponsor contingent) and it was a really, really good event. To be honest, that really wasn’t a big surprise as cf.Objective() has a really good reputation for being the major CFML conference, very well organised and generally awesome; and it’s true. Also, the venue (Radisson Blu right at Mall of America) is kind of interesting in a very special way.

Anyway – in case you’re interested in what my sessions will be about… (you can also find them on the cf.Objective() Lanyrd site or the actual cf.Objective() website — the session descriptions are not yet 100% up-to-date on the latter):

1. The JVM is your friend

Both Adobe ColdFusion and Railo are Java-based web development platforms. In layman’s terms that means: Your CFML engine runs on top of a JEE application server or a servlet container and the JVM (Java Virtual Machine).

The latter is pretty much the low-level runtime environment of your CFML application. To make sure your CFML engine operates in a well performing and stable way, you need to have some knowledge about Java memory management and how that can impact the behaviour of your CFML server.

The objective of this talk is to change developers’ mindsets when it comes to the JVM below ACF and Railo. There’s an myth that JVM behaviour and JVM tuning is a “dark art” and that has to stop. It will also equip you with a level of fundamental knowledge that you can use to push back when someone tries to tell you to “just use my JVM settings” or to “use the settings this guy had on his blog”.

We’re going to cover:

  • Foundations of Java memory management and the important bits for CFML developer
  • Java Garbage Collection and various memory cleanup strategies
  • How load generation, load testing and measuring the right data plays into JVM tuning
  • JVM tuning specifics for CFML developers
  • The JVM and the Garbage Collectors in Java 7 and beyond

2. Real-World lessons in jQuery Mobile

“Hey, let’s build a mobile web app!”
“Awww, what an awesome idea – I’ve heard jQuery Mobile is super-easy, bro! Let’s start right away!”

(6 months later)

“Oh my god, this code is a mess – why did I do this thing 4 months ago?”
“How hard can it be to change this jQuery Mobile UI widget just so that it does what I need?”
“Do you know why my icons render distorted on the new {iOS|Android|Windows} device?”
“Why are the page transitions really rough on some of those Android 2.2 and 4.1 devices?”
“The back button navigation is acting weird – I wish we just had built a native app”

Does that sound familiar? jQuery Mobile is a mobile web development framework that’s really easy to get started with. Product Evangelists from big corporates show their tooling around the framework or build their own products using it and it always looks SOOO easy and straight forward in their scripted demos.

There are pitfalls though and a lot of lessons are to be learned along the way – starting from making decisions on how to architect your application (in particular in conjunction with having to incorporate a backend) and ending with bug-fixing discussions like the ones above.

It doesn’t have to be like that – in this session I’m going to talk about a few fundamental architectural concerns when it comes to building a mobile web app (and maybe to wrapping it into a native app later). We’re also going to have a quick look at the pros and cons of using a framework like jQuery Mobile vs. using responsive design and even if and how those two concepts could work together. We’ll discuss some of those common pitfalls and device quirks and things we had to learn the hard way ourselves when we started building mobile apps with a very early version of jQuery Mobile for our clients.

  • Defining a good architecture for a jQuery Mobile application
  • The relationship between jqM and Responsive Design
  • Data handling mistakes to avoid
  • Quirks on certain devices and how to deal with them
  • The pitfalls of tweaking jqM’s UI widgets
  • jqM beyond markup


When and why you should run when someone (including myself) recommends a certain set of JVM settings

by kai 30/12/2013

This is part two of a loosely connected series of blog posts dealing with JVM settings. Make sure you check out the first post titled “JVM memory settings for Railo (and Adobe ColdFusion) on Tomcat” before continuing to get an idea of the overall context of this series. Today’s post is about why generic recommendations […]

Read the full article →

JVM memory settings for Railo (and Adobe ColdFusion) on Tomcat

by kai 30/12/2013

This is the first post of a loosely connected series about JVM settings (some of them related to memory, some others not). I got kind of inspired by a series of discussion threads on various CFML-related lists sitting in my inbox for a while now (because I felt the urge to comment on them — […]

Read the full article →

NullPointerExceptions from cfcookie when migrating from Adobe ColdFusion 9 to 10

by kai 20/12/2013

A few months ago, one of my clients was testing a possible migration from Adobe ColdFusion 9 to Adobe ColdFusion 10. One of the issues they ran into was a NullPointerException when it came to their cookie use. Something simple such as <cfcookie name=”cfid” value=”574857485748543″> didn’t quite work and resulted in: “The system has attempted […]

Read the full article →

Some cool new tools in Java 7 Update 40

by kai 02/12/2013

Oracle released Java 7 Update 40 back in September. Obviously there are a bunch of improvements in the security department and some new third-party libraries. Apart from this standard stuff, you’ll find a lot of really awesome goodies in this update, too. Depending on how long you’ve been dealing with Java and JVMs you might remember […]

Read the full article →

An update on HTTPOnly marked cookies in Railo 4.1

by kai 30/11/2013

In January this year, I wrote a blog post to advise people how to make the default installation of a Railo 4 server more secure. One of the elements was to make sure you’re using HttpOnly marked cookies for your session cookies (depending on your setup that might be JSESSIONID or CFID/CFTOKEN). In the blog […]

Read the full article →

Displaying PDF documents/forms from Adobe LiveCycle in the browser

by kai 28/11/2013

Users of Adobe LiveCycle quite regularly interact with PDF documents. Some examples are: Rendering customised documents for print purposes Creating PDF forms for on- and offline use to collect data for further processing Rendering pre-filled PDF forms to send out to customers/users for completion and physical signature etc. In a lot of cases those PDF […]

Read the full article →

Adobe ColdFusion and Railo users: be aware of the newest Apache Tomcat trojan/worm

by kai 27/11/2013

Symantec has recently discovered a trojan/worm-ish thing that threatens application servers running Apache Tomcat. It seems to follow the typical command & control pattern with control servers having been found in Taiwan and Luxembourg so far. This threat is using a very specific attack vector by trying to spread via the Apache Tomcat Managers and […]

Read the full article →

ColdFusion and ColdFusion Builder source code have been stolen

by kai 05/10/2013

So, there we go. Adobe got hacked and according to Krebs on Security and Adobe themselves, among other things, the source code of ColdFusion, ColdFusion Builder and other Adobe products has been stolen and shown up on hacker sites. This is obviously an issue. I don’t want to comment on how it might or might […]

Read the full article →