Matt Raible

To simplify development and deployment, you want everything in the same artifact, so you put your React app “inside” your Spring Boot app, right? But what if you could create your React app as a standalone app and make cross-origin requests to your API? A client app that can point to any server makes it easy to test your current client code against other servers (e.g. test, staging, production). This session shows how to develop with Java 8, Spring Boot, React, and TypeScript. You’ll learn how to create REST endpoints with Spring MVC, configure Spring Boot to allow CORS, and create an React app to display its data. If time allows we’ll cover authentication with OpenID Connect and deployment to Cloud Foundry.

This is a presentation that I used to do about Angular, but since so many people speak about Angular, I decided to do it for React.

Apache Camel is an integration framework that allows you to define routing and mediation rules in a number of domain-specific languages.

This session shows how Apache Camel was used to replace IBM Message Broker on a project. It includes information on how routes were developed using Camel’s Java API and how Camel can be integrated with Spring Boot. It also covers unit, integration and load testing (using Gatling) of these services. Finally, it touches on monitoring with hawtio and New Relic.

This session takes you through the nitty-gritty of online video and what it takes to build a high-traffic video portal. How do you get content, encode it properly and deliver it to a CMS and CDN? How do you program the backend infrastructure to handle load and high-availability? We'll also talk about various clients (Flash, HTML5, iPhone, iPad, Android, Sony) and lessons we've learned implementing applications on them.

This session should be particularly interesting since it's being delivered by members of the Online Video Team at Time Warner Cable, the 2nd Largest Cable Provider in the US.

Are you a backend developer that’s being pushed into front end development? Are you frustrated with all JavaScript frameworks and build tools you have to learn to be a good UI developer? If so, this session is for you! We’ll explore the tools of the trade for fronted development (npm, yarn, Gulp, Webpack, Yeoman) and learn the basics of HTML, CSS, and JavaScript.

We’ll dive into the intricacies of Bootstrap, Material Design, ES6, and TypeScript. Finally, after getting you up to speed with all this new tech, we’ll show how it can all be found and integrated through the fine and dandy JHipster project.

This session shows you how to use some of the hottest technologies today to build a webapp, an API and a mobile application to track fitness workouts. Using HTML5 technologies (specifically geo and local storage), I’ll show you how you can track the time, distance and music you listened to while exercising. Play with Scala is used for the backend and services, while CoffeeScript and Jade are used for the front-end templating and Ajax communication.

This session will explain limitations encountered with HTML5 and discuss when native apps might work better.

There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:

✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM

I'll also share some performance numbers and pretty graphs to compare community metrics.

During this presentation, you'll learn how to implement authentication in your Java web applications using Java EE 7 Security, Spring Security and Apache Shiro. If Java EE Security 1.0 is done, that will be covered as well.

This session will also touch on best practices for securing a REST API and using SSL.

In this session, you'll learn how to implement authentication in your Java web applications using Spring Security, Apache Shiro and good ol' Java EE 6 Container Managed Authentication. You'll also learn how to secure your REST API with OAuth and lock it down with SSL.

After learning how to develop authentication, I'll introduce you to OWASP, the OWASP Top 10, its Testing Guide and its Code Review Guide. From there, I'll discuss using Zed Attack Proxy to verify your app is secure and commercial tools like webapp firewalls and accelerators.

In this session, Matt and James will develop two apps that do the same thing. One will be written in Grails and one will be written in Play. We'll deploying them to Heroku and hammer them to see how they both perform under load. Afterward, we'll compare performance, lines of code, etc.
Who will be declared the winner?!

Who will be declared the winner?!

AngularJS is one of today's hottest JavaScript MVC Frameworks. In this session, we'll explore many concepts it brings to the world of client-side development: dependency injection, directives, filters, routing and two-way data binding. We'll also look at its recommended testing tools and build systems. Finally, you'll learn about my experience developing several real-world applications using AngularJS, HTML5 and Bootstrap.

AngularJS is one of today's hottest JavaScript MVC Frameworks. In this session, we'll explore many concepts it brings to the world of client-side development: dependency injection, directives, filters, routing and two-way data binding. We'll also look at its recommended testing tools and build systems. Finally, you'll learn about my experience developing several real-world applications using AngularJS, HTML5 and Bootstrap.

Web app security is not just authentication and authorization. It's also the things you do to protect your web app from attackers with their XSS (cross-site scripting), SQL injection, DoS/DDoS attacks, and CSRF (cross-site request forgery), to name a few.

Web app security is a central component of any web-based business. The internet exposes web apps to attacks from different locations and various levels of scale and complexity. Web application security deals specifically with the security surrounding websites, web applications, and web services such as APIs.

In this presentation, you'll learn seven ways to better web app security, using Spring Security for code samples. You'll also see some quick demos of Spring Boot, Angular, and JHipster with Okta.

OAuth is not an API or a service: it is an open standard for authorization and any developer can implement it. OAuth is a standard that applications can use to provide client applications with “secure delegated access”. OAuth works over HTTP and authorizes Devices, APIs, Servers and Applications with access tokens rather than credentials, which we will go over in depth below. OpenID Connect (OIDC) is built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the user and, as well as to obtain their basic profile information.

This session covers how OAuth/OIDC works, when to use them, and frameworks/services that simplify authentication.