HomeDigital EditionSys-Con RadioSearch Java Cd
Advanced Java AWT Book Reviews/Excerpts Client Server Corba Editorials Embedded Java Enterprise Java IDE's Industry Watch Integration Interviews Java Applet Java & Databases Java & Web Services Java Fundamentals Java Native Interface Java Servlets Java Beans J2ME Libraries .NET Object Orientation Observations/IMHO Product Reviews Scalability & Performance Security Server Side Source Code Straight Talking Swing Threads Using Java with others Wireless XML

I'm developing an Internet application where the user can register. How would i check if the e-mail address entered is valid?

I have a couple of ideas you can implement. First, I suggest using JavaScript in the browser to check for allowable characters by scanning the input. The JavaScript could also look for a single instance of the @ character and at least one period. For a list of all allowable characters go to www.faqs.org/rfcs/rfc822.html.

Now for the server side. Make sure (1) the e-mail address is syntactically correct, and (2) the supplied domain name is valid. The reason is that we can't ascertain whether an e-mail address is truly valid until we send e-mail to it. Let's take a look at some sample code that performs the JavaScript equivalent on the server.

import javax.mail.internet.*;

public boolean isValidEmail (String email) {

boolean emailOK = true;

// Use javax.mail.internet.InternetAddress to validate email format

try {
InternetAddress addr = new InternetAddress( email );
catch ( AddressException ae) {
emailOK = false;
return emailOK;

This routine performs a simple format check of the supplied e-mail address. We could also take the domain name and do a simple lookup following the same principle. You would use a StringTokenizer to parse out the host portion of the supplied e-mail address and pass it to the isValidHost method. Here's how it can be done:

import java.net.*;
import java.util.*;
public boolean isValidHost ( String host ) {
boolean hostOK = true;
try {
InetAddress addr = InetAddress.getByName( host ) ;
catch ( UnknownHostException uhe ) {
hostOK = false;
return hostOK;

If the host is valid and the e-mail address is in the right format, you should be all set. To perform deeper validation could be time-consuming and could slow down your application. We could get more elaborate and use the JNDI provider for DNS as well as check to see whether the supplied domain name has a valid MX address. We could also open a socket connection to the server that has the appropriate MX record for the domain and send it RCPT TO and VRFY commands, but this would be slow and isn't recommended.

I'd like to convert an XML document into a PDF. Can you tell me the best way?

The Apache project has the right package for you - see http://xml.apache.org/fop/index.html. FOP is a print formatter that takes advantage of XSL formatting objects. Essentially, it reads the formatting object tree and then turns it into a PDF document. The formatting object tree can be in the form of an XML document. You can pass it in memory as a DOM document using Xalan/Xerces or via SAX events.

We're doing some XML parsing using the jaxp.jar and crimson.jar, and the sealing violation occurs when we run code as an EJB but not as a stand-alone Java application. Could you explain what a sealing violation is?

Sealing violations occur when you try to load different classes from the same page from different libraries. A sealed package is contained within a library whose manifest specifies that all classes for that package must be loaded from the same library. This typically occurs when you have more than one DOM implementation on your classpath.

Move the crimson.jar and jaxp.jar to the first elements on the classpath and your problem should disappear.

Is there any additional overhead in using import java.util.* compared to import java.util.Vector?

I run across this type of question frequently. The answer is simple but will require some explanation. When you use imports in the form of java.util.Vector, it's referred to as a single type import. When you use imports in the form of java.util.*, it's referred to as an import on demand. Both types of imports are passive by nature. The Java compiler will load imported classes only when the class is actually used, not when it's simply imported. This is a hint to the compiler to tell it where to locate the class. The Java bytecode doesn't contain any references to the import statement. In other words, there's no additional overhead.

My bias states that it's bad practice to use import on demand. I believe that developers should list each imported class they intend to use. This helps your peers as it provides additional documentation on what the program is actually using. The rule of thumb I recommend is that if you're importing four or fewer classes from a particular package, you should use single type import.

I know how to access an HTTP-based URL using java.net.URL. How do I access an HTTPS-based URL?

The prescription for your problem is to use the Java Secure Sockets Extension (JSSE) package, which you can download from http:// java.sun.com and install on your classpath. If you try to use the URL connection object without this package, you'll receive MalformedURLException. You'll have to set a couple of system properties programmatically and add a new security provider. Here's the code:

System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

After setting the security provider, you can then use:

URL url = new URL("https://doctorjava");

There are a couple of issues with using this approach. If the URL you're connecting to has either an invalid or an unsigned certificate, then the URL connection will throw an SSL Exception. You'll still be able to use the input stream. The example above assumes that SSL is on the default port of 443. For URLs where you're not using a nondefault port, you can simply append it as follows:

URL url = new URL("https://doctorjava:7002");

I'm currently using java.net.URL to access an HTTP-based URL but keep getting an authentication challenge from my proxy. Can you point me in the right direction?

This question is perfectly timed. A fellow colleague asked me the same one the other day so I didn't have to do any research on the answer. I'll outline a solution that works on JDK 1.2 and above and will encourage those still running an older VM to upgrade.

The first symptom you'll notice is getting a FileNotFoundException thrown at you when you try to read the associated InputStream. Java provides a mechanism that allows us to pass authentication credentials as part of the java.net package. Let's discuss the Authenticator class.

When a Web or proxy server requires authentication, the Authenticator's getPasswordAuthentication() method is invoked. You can return a PasswordAuthentication instance that contains the appropriate username and password. It's really simple. Here's some code that demonstrates this functionality:

// Install a new Authenticator
// Subclass Authenticator
class NetegrityAuthenticator extends
Authenticator {
protected PasswordAuthentication
getPasswordAuthentication() {
return newPasswordAuthentication

The values uid and pass in this example are hard-coded, but you could retrieve them programmatically from any source. The code would be typically invoked before your URL call. It really is this simple.

I need a method that will recursively list all files in a directory. Can you help me out?

Here's a simple routine that should do the trick:

public static void recurseFiles(Vector list, File root) {
if (root.isFile()) {

File[] files = root.listFiles();
for (int i=0; i < files.length; i++) {
if ( files[i].isFile() && files[i].getName().endsWith(".doc")) {
if ( files[i].isDirectory()) {

* * *

I would like to conclude this column with my sincere condolences to the families and friends of the victims of the horrific tragedies that occurred in New York and Washington, DC. My heartfelt prayers are with you all.

* * *

Send your questions, praise, comments, and admiration to [email protected].

Published letters will be edited for length and clarity. Any reference to third parties or third-party products should not be construed as an endorsement by Doctor Java or Java Developer's Journal.

Author Bio
Doctor Java, a.k.a. James McGovern, moonlights as an enterprise architect with Hartford Technology Services Company L.L.C. (www.htsco.com), an information technology consulting and services firm dedicated to helping businesses gain competitive advantage through the use of technology. [email protected]

All Rights Reserved
Copyright ©  2004 SYS-CON Media, Inc.
  E-mail: [email protected]

Java and Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. SYS-CON Publications, Inc. is independent of Sun Microsystems, Inc.