Platinum Sponsor
Über Conf 2010 Brochure - Download
Ken Sipe
Architect, Web Security Expert
Ken is an international speaker on the subject of software engineering speaking at conferences such as JavaOne, JavaZone, Jax-India, and The Strange Loop. He is a regular speaker with NFJS where he is best known for his architecture and security hacking talks. In 2009, Ken was honored by being awarded the JavaOne Rockstar Award at JavaOne in SF, California and the JavaZone Rockstar Award at JavaZone in Oslo, Norway as the top ranked speaker.
Blog
Constant Pain with Non-Constant Constants
Posted Tuesday, December 20, 2011
This thought has crossed my mind before.more »Advanced Spock Techniques
Posted Wednesday, December 14, 2011
In recent years there have been a couple of tools that stand out when it comes to helping me be productive. One of those is the groovy test framework Spock. It is worthy of an introductory blog posmore »MongoDB Grails and Copying Collections
Posted Thursday, October 13, 2011
I currently find myself working on a project where Grails and MongoDB are the technology stack.more »JavaOne: Rocking the Gradle
Posted Wednesday, October 5, 2011
Presenting Rocking the Gradle at JavaOne tomorrow 12:30pm at the Parc 55.more »Throughput and High Velocity
Posted Tuesday, January 11, 2011
Wow… has it really be 11 months since I’ve blogged. I had many ideas for blogs half written or half thought out… but last year was extremely busy. It’s a new year… and I’m back :) Let’s not focus on the past, let’s get right into imore »3 Core Principles from 1998
Posted Monday, February 22, 2010
I was off for the holidays which gave me some time to clean out the storage area. I ran across some notes from a conference I attended in 1998 and 3 core principles stood out that I thought I would share as we start this new year.Core Principles (as I more »Presentations
Agile Velocity
The agile development process is all about early and often feedback. One aspect of feedback is how is the team doing..more »Architecture: Non-Functional Requirements
The agile focus of software development puts heavy focus on user requirements through user stories. However we can not lose sight of the non-functional requirements as well. The software could be written to the exact specification and desire of the usermore »So you want to be an Architect
This session is a quick look at all aspects of being a corporate software architect. Whither you are a developer looking to move into the role of architect, needing to have an understanding of what is expected or already in the role of software architectmore »Hacking - The Dark Arts
A live Hacking demonstration exposing the tools and techniques used by Hackers.more »Security Boundaries
Security is a large concern in today's world of software development. Security is a multi-dimensional problem requiring skills at a number of different levels. This session is a security overview of a typical Java web development stack.more »Security Code Review
Security concerns abound...more »Enterprise Security API library from OWASP
When it comes to cross cutting software concerns, we expect to have or build a common framework or utility to solve this problem. This concept is represented well in the Java world with the loj4j framework, which abstracts the concern of logging, where imore »Agile Velocity
By Ken Sipe
The agile development process is all about early and often feedback. One aspect of feedback is how is the team doing... Are we accurate in our estimates? Are we consistent in our velocity? As velocity varies, what is it telling me?
This session will focus on the art of estimating project stories and look at several techniques of assigning "points" to stories. We will discuss the advantages and disadvantages of the various approaches of point assignment. Regardless of the point system, the end result at the end of the iteration is a number... velocity. We will look at the value of velocity and contrast that with other feedback loops with the agile process.
Architecture: Non-Functional Requirements
By Ken Sipe
The agile focus of software development puts heavy focus on user requirements through user stories. However we can not lose sight of the non-functional requirements as well. The software could be written to the exact specification and desire of the user, however if it takes 5 minutes for a request response, or it only supports 2 users or it isn't secure, then we still haven't done our jobs as developers.
This session will focus on the non-functional requirements of software development, namely: Performance, Scalability, Security, and Software Monitoring and Management. Each subject area discussion will include, goals, design practices, tools, and where it fits in the software development life-cycle.
So you want to be an Architect
By Ken Sipe
This session is a quick look at all aspects of being a corporate software architect. Whither you are a developer looking to move into the role of architect, needing to have an understanding of what is expected or already in the role of software architect looking for new and interesting ideas, this session is for you.
This session is designed to be a jam session on all aspects of software architecture and many of the roles of software architect. The following subject areas will be covered: - Software Development Process - Project Key Mechanisms: Languages and Frameworks - Security: Threats, Securing Code Review, Adding Security to you process - Layers, Partitions and Topologies - VM Optimizations - Usability and User Experience - Optimizing the Web - Ready for Production: Monitoring - Integration - Data Modeling
Hacking - The Dark Arts
By Ken Sipe
A live Hacking demonstration exposing the tools and techniques used by Hackers.
A look at the growing space referred to as ethical hacking or penetration testing. We'll look at example attacks which include: Client-side exploits Sql-Injections Brute force attacks Man-in-the-middle attacks Key logging
Security Boundaries
By Ken Sipe
Security is a large concern in today's world of software development. Security is a multi-dimensional problem requiring skills at a number of different levels. This session is a security overview of a typical Java web development stack.
This session initiates a discussion in the following overlapping areas of security: - Java security - JEE security, which includes JAAS - Spring Security - Operating System security and it's roll in web security - Web Application security - Securing the wire with SSL - Key Management with keystore
Security Code Review
By Ken Sipe
Security concerns abound... According to Gartner 75% of all attacks are at the web application tier. There has never been a more urgent time to understand the security concerns and how to apply solutions to our web applications.
This session will look through the details of threat modeling, who should do it and how does it fit into the software development life-cycle.
Enterprise Security API library from OWASP
By Ken Sipe
When it comes to cross cutting software concerns, we expect to have or build a common framework or utility to solve this problem. This concept is represented well in the Java world with the loj4j framework, which abstracts the concern of logging, where it logs and the management of logging. The one cross cutting software concern which seems for most applications to be piecemeal is that of security. Security concerns include certification generation, SSL, protection from SQL Injection, protection from XSS, user authorization and authentication. Each of these separate concerns tend to have there own standards and libraries and leaves it as an exercise for the development team to cobble together a solution which includes multiple needs.... until now... Enterprise Security API library from OWASP.
This session will look at a number of security concerns and how the ESAPI library provides a unified solution for security. This includes authorization, authentication of services, encoding, encrypting, and validation. This session will discuss a number of issues which can be solved through standardizing on the open source Enterprise Security API.
Books
by Gary Mak, Daniel Rubio, and Josh Long
List Price: $49.99
Price: $31.49
You Save: $18.50 (37%)
-
With over 3 million users/developers, Spring Framework is the leading “out of the box” Java framework. Spring addresses and offers simple solutions for most aspects of your Java/Java EE application development, and guides you to use industry best practices to design and implement your applications.
The release of Spring Framework 3 has ushered in many improvements and new features. Spring Recipes: A Problem-Solution Approach, Second Edition continues upon the bestselling success of the previous edition but focuses on the latest Spring 3 features for building enterprise Java applications. This book provides elementary to advanced code recipes to account for the following, found in the new Spring 3:
- Spring fundamentals: Spring IoC container, Spring AOP/ AspectJ, and more
- Spring enterprise: Spring Java EE integration, Spring Integration, Spring Batch, jBPM with Spring, Spring Remoting, messaging, transactions, scaling using Terracotta and GridGrain, and more.
- Spring web: Spring MVC, Spring Web Flow 2, Spring Roo, other dynamic scripting, integration with popular Grails Framework (and Groovy), REST/web services, and more.
This book guides you step by step through topics using complete and real-world code examples. Instead of abstract descriptions on complex concepts, you will find live examples in this book. When you start a new project, you can consider copying the code and configuration files from this book, and then modifying them for your needs. This can save you a great deal of work over creating a project from scratch!
What you’ll learn
- How to use the IoC container and the Spring application context to best effect.
- Spring’s AOP support, both classic and new Spring AOP, integrating Spring with AspectJ, and load-time weaving.
- Simplifying data access with Spring (JDBC, Hibernate, and JPA) and managing transactions both programmatically and declaratively.
- Spring’s support for remoting technologies (RMI, Hessian, Burlap, and HTTP Invoker), EJB, JMS, JMX, email, batch, scheduling, and scripting languages.
- Integrating legacy systems with Spring, building highly concurrent, grid-ready applications using Gridgain and Terracotta Web Apps, and even creating cloud systems.
- Building modular services using OSGi with Spring DM and Spring Dynamic Modules and SpringSource dm Server.
- Delivering web applications with Spring Web Flow, Spring MVC, Spring Portals, Struts, JSF, DWR, the Grails framework, and more.
- Developing web services using Spring WS and REST; contract-last with XFire, and contract–first through Spring Web Services.
- Spring’s unit and integration testing support (on JUnit 3.8, JUnit 4, and TestNG).
- How to secure applications using Spring Security.
Who this book is for
This book is for Java developers who would like to rapidly gain hands-on experience with Java/Java EE development using the Spring framework. If you are already a developer using Spring in your projects, you can also use this book as a reference—you’ll find the code examples very useful.
Table of Contents
- Introduction to Spring
- Advanced Spring IoC Container
- Spring AOP and AspectJ Support
- Scripting in Spring
- Spring Security
- Integrating Spring with Other Web Frameworks
- Spring Web Flow
- Spring @MVC
- Spring RESTSpring and Flex
- Grails
- Spring Roo
- Spring Testing
- Spring Portlet MVC Framework
- Data Access
- Transaction Management in Spring
- EJB, Spring Remoting, and Web Services
- Spring in the Enterprise
- Messaging
- Spring Integration
- Spring Batch
- Spring on the Grid
- jBPM and Spring
- OSGi and Spring
Price: $31.49
You Save: $18.50 (37%)
-
With over 3 million users/developers, Spring Framework is the leading “out of the box” Java framework. Spring addresses and offers simple solutions for most aspects of your Java/Java EE application development, and guides you to use industry best practices to design and implement your applications.
The release of Spring Framework 3 has ushered in many improvements and new features. Spring Recipes: A Problem-Solution Approach, Second Edition continues upon the bestselling success of the previous edition but focuses on the latest Spring 3 features for building enterprise Java applications. This book provides elementary to advanced code recipes to account for the following, found in the new Spring 3:
- Spring fundamentals: Spring IoC container, Spring AOP/ AspectJ, and more
- Spring enterprise: Spring Java EE integration, Spring Integration, Spring Batch, jBPM with Spring, Spring Remoting, messaging, transactions, scaling using Terracotta and GridGrain, and more.
- Spring web: Spring MVC, Spring Web Flow 2, Spring Roo, other dynamic scripting, integration with popular Grails Framework (and Groovy), REST/web services, and more.
This book guides you step by step through topics using complete and real-world code examples. Instead of abstract descriptions on complex concepts, you will find live examples in this book. When you start a new project, you can consider copying the code and configuration files from this book, and then modifying them for your needs. This can save you a great deal of work over creating a project from scratch!
What you’ll learn
- How to use the IoC container and the Spring application context to best effect.
- Spring’s AOP support, both classic and new Spring AOP, integrating Spring with AspectJ, and load-time weaving.
- Simplifying data access with Spring (JDBC, Hibernate, and JPA) and managing transactions both programmatically and declaratively.
- Spring’s support for remoting technologies (RMI, Hessian, Burlap, and HTTP Invoker), EJB, JMS, JMX, email, batch, scheduling, and scripting languages.
- Integrating legacy systems with Spring, building highly concurrent, grid-ready applications using Gridgain and Terracotta Web Apps, and even creating cloud systems.
- Building modular services using OSGi with Spring DM and Spring Dynamic Modules and SpringSource dm Server.
- Delivering web applications with Spring Web Flow, Spring MVC, Spring Portals, Struts, JSF, DWR, the Grails framework, and more.
- Developing web services using Spring WS and REST; contract-last with XFire, and contract–first through Spring Web Services.
- Spring’s unit and integration testing support (on JUnit 3.8, JUnit 4, and TestNG).
- How to secure applications using Spring Security.
Who this book is for
This book is for Java developers who would like to rapidly gain hands-on experience with Java/Java EE development using the Spring framework. If you are already a developer using Spring in your projects, you can also use this book as a reference—you’ll find the code examples very useful.
Table of Contents
- Introduction to Spring
- Advanced Spring IoC Container
- Spring AOP and AspectJ Support
- Scripting in Spring
- Spring Security
- Integrating Spring with Other Web Frameworks
- Spring Web Flow
- Spring @MVC
- Spring RESTSpring and Flex
- Grails
- Spring Roo
- Spring Testing
- Spring Portlet MVC Framework
- Data Access
- Transaction Management in Spring
- EJB, Spring Remoting, and Web Services
- Spring in the Enterprise
- Messaging
- Spring Integration
- Spring Batch
- Spring on the Grid
- jBPM and Spring
- OSGi and Spring
