Testing, Security and Development of Enterprise Systems

Build Status

This repository contains a set of examples related to the testing, security and development of enterprise systems. Currently, this repository focuses on Java/Kotlin, targeting frameworks like Spring and Java EE.

The material in this repository is used in two university-level courses at the university college H√łyskolen Kristiania. In particular:

The repository is built with Maven, and it is divided in two main sub-modules:

For building GUIs, the second part of the course advanced relies on knowledge of JavaScript and Single-Page-Applications. This is covered in a different course, called Web Development and API Design (PG6301). Such course should be taken before the advanced one (PG6100), in parallel or after the intro course (PG5100).

Before taking these courses, you might want to refresh your knowledge of algorithms and data structures (e.g., PG4200), as those are widely used here (e.g., maps, sets and streams).

Philosophy of This Repository

There are many resources (e.g., courses and books) out there that deal with the development of enterprise/web systems, using different technologies (e.g, Java and C#). However, often such resources only deal with the development of these systems, whereas important concepts like testing and security are treated like just secondary concerns, if treated at all. This situation has been improved in recent years, but more could be done, and we hope that the courses in this repository are a step in that direction.

There are plenty of applications out of there that are afflicted with bugs and security holes. Correctness and security should play a major role when developing software, and we try to reflect it in this repository.

Furthermore, software engineering is a practical discipline, like any other engineering discipline. As such, although theory is important, it is also important to get your hands dirty by actually developing software, and putting theory into practice. Therefore, in this repository, all concepts are explained also via examples, with test cases (unit and integration/system ones). In other words, we follow the principle of Code is King, i.e., if something is worth discussing, then you must have a working example with test cases for it. In the past, it would had been a problem when you had to download and configure all needed software manually, like for example a PostgreSQL database or a RabbitMQ server. Fortunately, with the coming of Docker, this is not a problem any more.

In this repository two languages are used: Java and Kotlin. Also two different frameworks are used: Spring and Java EE. Why such choices? When studying the concepts of enterprise software development/testing/security, the actual used languages/frameworks are not so important. The languages/frameworks are just used to get practice, and get your hands dirty. For example, using C# with .Net would had been a viable option as well. When you get a degree in software engineering, by all means afterwards you could end up working with C#/.Net and never touch Java again. Therefore, it is important to learn the fundamental concepts behind those languages/frameworks, and not just their low level technical details.

Trying and getting some experience with all the main languages and frameworks would be good. However, when studying such topics for a university degree, time is limited, and one needs to make some choices. And switching between too many languages/frameworks would just be a too large overhead (e.g., learning different IDEs and building tools). The motivation for the choices of languages and frameworks in this repository is as follows:


Current documentation is available here for the intro course, and here for the second advanced course.


The code in this repository should run on all major operating systems, i.e. Mac, Linux and Windows.

On Windows, if you have problems with too long file names when checking out the code with Git, then you might need to run the following command on a terminal:

git config --system core.longpaths true

Useful Maven Command

How to Contribute

There are many ways in which you can contribute. If you found the material in this repository of any use, the easiest way to show appreciation is to star it. Furthermore, if you find issues, you can report them on the issues page. Possible types of issues:

License & Copyright

The materials herein are all Copyright (c) of Andrea Arcuri and contributors. The material was/is produced while working at Westerdals Oslo ACT and H√łyskolen Kristiania.

All the source code in this repository is released under LGPL version 3 license.

<img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-nc-nd/4.0/88x31.png" />
The documentation is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 4.0 Unported License.

YourKit supports open source projects with its full-featured Java Profiler. YourKit, LLC is the creator of YourKit Java Profiler and YourKit .NET Profiler, innovative and intelligent tools for profiling Java and .NET applications.