I took and passed the * Java SE 11 Programmer II * exam on May 16, 2020, and obtained the * Java Programmer, Gold SE 11 * qualifications, so I hope this article will help those who are going to take the exam. I decided to write. I didn't really understand the new features myself, so I'm also reviewing them. As a premise, I have * Java Programmer, Silver * qualifications (* Java SE 11 Programmer II * qualifications), and I will proceed with the assumption that I have learned some knowledge about * Java SE 8 Gold *. I will not talk much about Core APIs such as lambda expressions and Stream APIs, but I will mainly write about the new elements added from SE 8. This article is only a brief explanation, so please see the links in each item for details.
The company I work for has a qualification allowance, and I was studying for qualifications to learn Java and obtain a qualification allowance. * Java SE 7/8 Bronze * and * java SE 8 Silver * (* Java SE 8 Programmer I *) were both relatively easy to get after solving the black book for a couple of weeks. After studying Gold for about two months, I was able to pass SE 8 but I wanted to get the latest qualification if I wanted to get the highest qualification, so I decided to take SE 11 Did. However, the reference book has not been published as of May 16, 2020, and it is expected that it will take some time before it is published. Therefore, I had to study new fields from SE 11 without relying on reference books, which was quite difficult. Rough information was gathered by attending a free online seminar held by Oracle. The questioner was the instructor, and the story was easy to understand, so it was very meaningful. If I have the opportunity, I think there is no loss in taking the course. Also, if you take the test by May 31, we are running a campaign where you can take the test again for free, so if you are in doubt, you should take it once. Details can be found at the links below.
[Campaign :: Oracle :: Pearson VUE] (https://www.pearsonvue.co.jp/Clients/Oracle/Special-Offers/Retake2020.aspx)
Let's start with an overview of the exam.
||Java SE 11 Programmer II|Java SE 8 Programmer II| |:-:|:-:|:-:| |Exam name|Java SE 11 Programmer II|Java SE 8 Programmer II| |Exam number|1Z0-816|1Z0-809| |Exam fee(Tax excluded)|¥26,600|¥26,600| |Question format|Choice question|Choice question| |test time|180 minutes|150 minutes| |Number of questions|80 questions|85 questions| |Pass line|63%|65%|
The number of questions has decreased a little and the exam time has increased. It seems that the code of the problem statement is a little longer overall. The number of passing lines has decreased slightly, but I think this is because it is a new qualification. It took about 30 minutes in the actual production, so I don't think it's necessary to rush to solve it.
--Private method of interface --Usage of local variable type inference (var) --Module function --Secure coding
The newly added topics focused on modular functionality and secure coding.
--Serialization --Generics
The rate of serialization is higher than you think, so make sure you understand it. Regarding JDBC, there are also problems related to SQL injection countermeasures related to secure coding. Lambda expressions, Stream API, like SE 8, are the most important topics, and the question ratio is quite high.
I was told that the Date and Time API did not appear at the seminar, but only one question came up with a format problem. It seems better to learn just the basics. As for the design pattern, the Singleton pattern may be asked in connection with secure coding such as synchronization control.
Pleiades Java 11 standard installation and the end of Eclipse codename
There is a complete set of ** Pleiades All In One ** that can be downloaded from the link, so this is the best if you want to use it quickly.
Starting with Java 9, you can define ** private methods ** in your interfaces. It is used for use in static methods and default methods in the same interface, has an implementation, and cannot be inherited or called from an external class.
SampleInterface.java
public interface SampleInterface{
default void defaultMethod(){
privateMethod("Taro");
privateMethod("Jiro");
}
static void staticMethod(){
privateStaticMethod("Saburo");
privateStaticMethod("Shiro");
}
private void privateMethod(String name){
System.out.println( "Hello," + name + "Mr.");
}
private static void privateStaticMethod(String name){
System.out.println( "Hello," + name + "Mr.");
}
}
SampleClass.java
public class SampleClass implements SampleInterface{
public static void main(String[] args) {
SampleClass sc = new SampleClass();
sc.defaultMethod();
SampleInterface.staticMethod();
}
}
Execution result
Hi, Taro
Hi, Jiro
Hi, Saburo's
Hi, Shiro's
In this way, when writing similar processing in an interface, you can write it concisely without writing the same code many times.
Starting with Java 10, type inference using var for local variables is available. The type is automatically inferred from the right side when the variable is assigned.
LocalVariableType.java
public class LocalVariableType {
public static void printInt(int i) {
System.out.println(i + " is int type");
}
public static void printBoolean(boolean bl) {
System.out.println(bl + " is boolean type");
}
public static void printString(String str) {
System.out.println(str + " is String type");
}
public static void main(String[] args) {
var i = 1;
var bl = true;
var str = "String";
printInt(i);//Function that takes an int type argument
printBoolean(bl);//Function that takes a boolean argument
printString(str);//Function that takes an argument of type String
//Can also be used in List and for statements
var list = List.of(i,bl,str);
for(var l :list) {
System.out.print(l + " ");
}
//Starting with Java 11, var can be used as an argument of a lambda expression, which allows it to be annotated.
Function<String,Integer> function = (@Annotation var a) -> a.length();
}
}
Execution result
1 is int type
true is boolean type
String is String type
1 true String
As with JavaScript, you can see that type inference can now be performed from the right side. List type inference can omit the description of generics, so I think it will be easier to see with less code.
If the type cannot be inferred from the right side, a compile error will occur.
LocalVariableType2
public class LocalVariavleType2 {
public static void main(String[] args) {
var v;//Must be initialized at the time of declaration
var f1 = a -> a + 1; //Lambda expressions cannot be assigned
var f2 = (Runnable)() -> new String("Hello");//Can be initialized by casting a functional interface
var list1 = {1, 2, 3};//Cannot be used to initialize an array
var list2 = new int[]{1, 2, 3};//Can be initialized by specifying the type
var list3 = new ArrayList<>();//Compilable, but of type ArrayList<Object>become
var n = null;//null cannot be assigned
}
}
I've only asked about two questions directly about how to use var, but it's taken for granted that it's written in the code of the problem statement, so let's understand the meaning.
I proceeded with the learning by referring to the following Oracle page.
Starting with Java 9, module functionality is available. A module is a superordinate concept of a package, which is a collection of related packages, resources, and module descriptors. Basic libraries such as java.lang are also stored in the java.base module. This java.base module can be accessed without using module descriptors such as the requires keyword described below.
By describing the dependencies on a module-by-module basis, it is now possible to simply describe the dependencies between packages.
Since the access authority to the subordinate packages can be specified in more detail, stronger encapsulation is possible.
By creating the runtime with only the modules you need, you can reduce the size of the runtime and improve the effectiveness of JVM optimization.
Modules can be defined by placing the following module definition files at the top of the source folder. The module name must be an inverse domain expression and must be unique (it cannot contain the same name).
module-info.java
module Java_SE_11_Gold {
//Describe module descriptor etc.
}
requires
module-info.java
module A {
requires B;
}
A descriptor that indicates that the module depends on another module. For the above code, module A reads module B. requires transitive
module-info.java
module A {
requires B;
}
module B{
requires transitive java.sql;
}
Allows the specified module to be read when the module that describes the requires transitive descriptor is read while reading the specified module. For the above code, module B reads java.sql. Module A also reads module B, but at that time module A also reads java.sql at the same time. If you just use requires in module B, module A will not be able to load java.sql. requires static The existence of module is required only at compile time. Not required at runtime. It's just an imagination, but I think it's used for annotations. exports
module-info.java
module A{
exports samplePackage;
exports samplePackage2 to B,C;
}
The following packages of modules are not accessible from the outside by default. Use the exports descriptor to allow access from outside the module. When exportings, allow access to public types (and nested public and protected types). In the above code, the package samplePackage is specified to be accessible from the outside. Also, by using the exports ... to descriptor, you can specify the packages to be allowed access (multiple comma-separated ones can be specified). The above code allows module B and module C access to package samplePackage2. opens It cannot be referenced at compile time, but it can be controlled so that it can be referenced at runtime. There are two types: opens ... to, which is set for each package, and open module, which is set for the entire module.
mojule-info.java
module Java_SE_11_Gold{
opens samplePackage;//Makes the specified package visible to all modules
opens aamplePackage2 to B,C;//You can individually specify multiple modules to be opne separated by commas.
}
mojule-info.java
open module Java_SE_11_Gold{//Make it possible to refer to all the modules under it
}
uses Specifies the service used by the module. A service is a set of known interfaces and classes (usually abstract classes). See the javadoc link below for more information. https://docs.oracle.com/javase/jp/8/docs/api/java/util/ServiceLoader.html provides...with Specifies that the module provides an implementation of the service. After provides, specify the interface or small and medium-sized class to be provided to uses, and after with, specify the name of the class that implements the interface or inherits the abstract class.
Anonymous modules and automatic modules are special modules primarily for applying module systems to pre-Java 8 code. Here, we will explain the parts that are likely to be involved in the exam, so if you want to know more, please refer to the link below. Learn the module system
Packages and types loaded from the classpath will now belong to a module called * anonymous module *. Anonymous modules cannot have a module definition (module-info.java), so you can't write dependencies using module descriptors, but they implicitly behave as follows:
--All packages in anonymous modules will be exported. --Anonymous module is [Module Graph](https://qiita.com/opengl-8080/items/93c8e0cf58654d5f73cb#%E3%83%A2%E3%82%B8%E3%83%A5%E3%83%BC % E3% 83% AB% E3% 82% B0% E3% 83% A9% E3% 83% 95) Requires all modules on.
A module for treating non-modules as modules. Code that does not have a module definition will be recognized as an automatic module. Like anonymous modules, module descriptors cannot be explicitly defined and have the following implicit behavior:
--All packages in the automatic module will be exported. --Automatic modules require all modules on the module graph.
A named module is a regular module that has a module definition. Also, the --add-module command is a command that allows you to add any module to the root module. In the table below, the types of modules that are referenced by the side marked (referenced) and the modules that are referenced by the other side are shown.
Named module(Referenced) | Automatic module(Referenced) | Anonymous module(Referenced) | Features | |
---|---|---|---|---|
Named module | Can be referred | Can be referred | Cannot be referenced | There is a module definition and it is placed in the module path |
Automatic module | --add-Can be referenced using the module command | Can be referred | Can be referred | No module definition, placed in module path |
Anonymous module | --add-Can be referenced using the module command | --add-Can be referenced using the module command | Can be referred | No module definition, placed in classpath |
It is a class for handling a mechanism for providing implementation by a third party called SPI (Survice Provider Interface). The library provides services that are SPIs (a set of interfaces and classes (usually abstract classes)), and the Service Loader loads a third-party implementation. For detailed specifications and methods, refer to the following Oracle docs. ServiceLoader (Java Platform SE 8 ) - Oracle Docs
You can use the jdeps command to find out which module the jar file (or class file) depends on, as shown below.
jdeps -s jar file
(jar file name) -> (Dependent module name)
(jar file name) -> (Dependent module name)
(jar file name) -> (Dependent module name)
……
-s is an option to print a summary of dependencies. The options are detailed on the following Oracle docs page: Print summaries -s and -summary, print dependencies -v and -verbose, specify dependencies in the specified package -p
For a concrete operation example of each command, refer to the links below. Try jdeps, a dependency analysis tool that comes with Java 8
In the field of secure coding, there are questions about how to prevent data leakage and tampering when exchanging important data such as credit card numbers, and how to prevent attacks such as SQL injection from malicious attackers. .. If you think in common sense, there are problems that can be solved without much knowledge, so I think that it will be a relatively easy category in the new field. At the Oracle seminar, the following JPCERT links "00. Input Value Inspection and Data Detoxification (IDS)", "12. Input / Output (FIO)", "13. Serialization (SER)", "14. Platform There was information that the questions will be asked from "Security (SEC)" and "49. Miscellaneous Rules (MSC)". Java Coding Standard CERT / Oracle Version The main issues are SQL injection, encapsulation and serialization. It's a good idea to compare the conformance code with the violation code in the link above to understand what's wrong. Also, as a prerequisite, it is good to understand the basic attack method for websites. The links below describe each attack method. Types of cyber attacks and web security
By performing input value inspection, you can prevent SQL injection and XSS (Cross-site scripting). For example, consider the following query.
SELECT * FROM db_user WHERE username='<USERNAME>' AND password='<PASSWORD>'
Given "username'or '1' = '1" as the username, this query looks like this:
SELECT * FROM db_user WHERE username='username' or '1'='1' AND password='<PASSWORD>'
Originally, both the user name and password are checked, but by rewriting the query in this way, "username ='username'" or "'1' = '1' AND password ='
Basically, the question is whether the file is properly closed. If the file is not closed, it will leak memory and consume resources. As a method of closing the file, there are a method using the try-with-resource statement and a method using the close () method. Also, when outputting a file, it is a good idea to make a read-only deep copy so that the original data does not change.
** Serialization ** is to output a Java instance as a byte string and save it. Conversely, the operation to convert a byte string to a Java instance is called ** deserialization **. It is mainly used to store an instance of Java as a file and make the instance information persistent. Since it is in the range of * SE 8 *, detailed explanation is omitted and only the part related to secure coding is explained.
If you change the fields of the serialized class, there may be a conflict between the instance restored when the serialization is restored and the modified class. To prevent this, give a value to serialVersionUID and change this value every time there is a change. The serialVersionUID should have a final qualifier so that its value does not change. Also, by using the static modifier and the transient modifier, you can specify the fields that are not serialized in advance. This helps improve compatibility when you make changes to classes, etc.
In addition, when important information such as credit card information is included in the data to be serialized, it may be tampered with maliciously unless processing such as encryption is performed in advance.
When performing parallel processing, there was a problem asking whether it was thread safe and whether deadlock or live rock occurred. Concurrency is covered in SE 8 as well, so I won't explain it in detail, but I'd like to explain about deadlock and live rock because I was asked a couple of questions in production.
If one thread uses one exclusive resource, it can be processed in parallel without any problem by waiting until another thread releases the resource. Deadlock is a condition in which one thread needs two or more resources, and when parallel processing is performed, separate threads compete for exclusive resources and become inoperable. Workarounds include ordering the locks (for example, when a thread attempts to acquire a lock on a second or subsequent resource, it attempts to acquire the lock on the first resource first). .. Illustrations, code examples, etc. are described in detail on this site, so please refer to it. About Deadlock-Introduction to Java-IT Specialized
Multiple threads are acquiring and releasing shared resources to avoid deadlock, but the waiting time is the same, and the priority of the thread to proceed to the next process is lower than that of other threads. Repeating the process that does not proceed is called live rock. To avoid this, use a random number for the waiting time of the thread, or give priority to other threads (yield method, etc.). Code examples etc. are described in detail on this site, so please refer to it. About Live Rock-Nee-kun
Regarding SE 11 Gold, even if you don't have a reference book, if you study the old range well, I think that you will not have a hard time except for completely new elements such as module functions. Also, if there are any deficiencies or omissions in the content, we would appreciate it if you could point them out in the comments.
Java SE 11 Programmer II | Oracle University Understanding Java 9 Modules Learn the module system ServiceLoader (Java Platform SE 8 ) - Oracle Docs jdeps - Oracle Docs Try jdeps, a dependency analysis tool that comes with Java 8 Java Coding Standard CERT / Oracle Version Types of cyber attacks and web security About Deadlock-Introduction to Java-IT Specialized About Live Rock-Nee-kun
Recommended Posts