WARNING! Continue reading only if you’re interest in the abstract description of the sessions. These are just some of the sessions that caught my eye. There’s a lot to review since we’re finally moving from Java 1.4 to Java 1.6.
A Lean, RESTful Java Architecture for Building Rich HTML5 Web Applications
The role server-side Java plays in a Web application is rapidly changing due to the rising use of high-performance Java Virtual Machines and browser support for advanced HTML5 APIs such as Canvas, WebSockets, and Web Workers. This session will show how a RESTful Java back end can provide scalable rich data and services to complement a smart client-side framework, such as jQuery, Dojo, or GWT, and its use of the HTML5 APIs. The session is for experienced Java Web developers and will cover: * Rapidly building lightweight RESTful services with Spring 3.0 and Spring Roo to support rich HTML5 clients * Carrying over concepts of Java EE APIs (JPA and Bean Validation) to a smart client * Asynchronous, message-based communication over WebSockets.
Application Security Enhancements in Java EE 6
Java EE 6 includes some interesting security enhancements in the areas of Web container security as well as authentication and authorization aspects in Web application development. This session will give an overview of these new security features and discuss the details of how to use them, with help of a sample Java application, in real-world enterprise Java applications. The discussion will include how developers can take advantage of programmatic and declarative (@ServletSecurity, @DeclareRoles) security features. It will also include a discussion on Java EE security technologies such as Java Authentication Service Provider Interface for Containers (JSR 196) and Java Authorization Contract for Containers (JSR 115).
Attack and Defense: Java EE Applications
Java EE technology is now the mainstream building blocks to create Web and enterprise applications. And like other Web technologies, Java EE applications have a similar range of security vulnerabilities. In this lab, we’ll use Java EE sample applications to show you how to identify some popular vulnerabilities in your applications and how to defense against the attacks based on those weakness. The session will cover the following 6 popular vulnerabilities: 1. Cross-site scripting (XSS) 2. Improper input validation 3. SQL injections 4. Cross-site request forgery (XSRF) 5. Session hijacking 6. Bypassing client-side controls.
Beginning with the Java EE 6 Platform
This lab will offer an overview of Java EE 6 through a rundown of its key new features. Participants will build an application from scratch via incremental steps and a dozen demos and exercises, each illustrating new features of the platform. The lab is an ideal opportunity to get up to speed with Java EE 6. Attendees will learn about: – Managed beans, Enterprise JavaBeans (EJB) 3.1 packaging and testing – Java Persistence API (JPA) improvements – JavaServer Faces (JSF) with facelets, composite components, Ajax – RESTful resources – Contexts and Dependency Injection (CDI) and more The content was initially created with Antonio Goncalves (Java EE 6 book author and EG member) and is perpetually improving at beginningee6.kenai.com.
Extreme Java Productivity: Enterprise Applications in Just Minutes
Delight your customers and impress your colleagues by delivering enterprise Java applications faster than ever before. In this session, we’ll introduce Spring Roo, an open source tool that makes it easy to build applications using the Java language, standards, and technologies you already know. This demonstration-oriented session will cover: ‡ Support for Java standards such as JPA, Java Servlet Spec, JSP, Bean Validation, JavaMail, JMS, EJB 3.0 annotations, and more ‡ Transparent database reverse engineering and schema synchronization ‡ Automatic JUnit tests, Maven POMs, JSP, toString() methods, and more ‡ Extending Roo via add-ons ‡ Removing Roo from your project in four clicks This session assumes basic enterprise Java knowledge.
Diagnosing and Fixing Memory Leaks in Web Applications: Tips from the Frontline
It’s all too easy to trigger a memory leak within a Web application, particularly in PermGen when the application is reloaded. These leaks are often the unintended and unexpected consequences of using a library or even parts of the standard Java APIs. This session will explore the various ways these leaks can be triggered, how to diagnose them when they occur, and the techniques that can be used to avoid them. The session will be based around the successful memory leak prevention code recently added to Apache Tomcat codebase, although the causes, process of diagnosis, and remedies are widely applicable to any Java EE application server or, in fact, any other environment that provides a ?reload?mechanism that uses multiple class loaders.
Java Persistence API 2.0: An Overview
The Java Persistence API (JPA) is one of the most exciting technologies recently added to Java EE. In response to requests from the community, it has been expanded in release 2.0 to include a number of key features. This session is intended for application developers who want to access a relational database via a Java object model. The session will present the new functionality available with JPA 2.0 and how to use it, and will conclude with a discussion of future directions. Attendees will learn about: * New JPA object-relational mapping and modeling features * Additions to the query language * New metamodel and criteria query APIs * Pessimistic locking * Support for validation, caching, and configuration options.
Maven 3.x: The Evolution of Enterprise Java Build Infrastructures
Maven 3.x is the best version of Maven yet. Maven 3.x is faster, has been optimized for IDE use, and is fully backward compatible with Maven 2.x. Maven 3.x has also been outfitted with new dynamic-language support in the form of Polyglot Maven, and the Maven Shell provides a new workflow-driven, blindingly fast shell interface for Maven 3.x. Maven 3.x, though great pains were taken to ensure backward capability, has been reworked to run on Google’s Guice, provides new support for components through JSR 330, and provides innovative new features like build mixins and a cutting-edge artifact resolution system based on SAT4J.
More Best Practices for Large-Scale Web Sites: Lessons from eBay
Building on last-year’s Best Practices for Large-Scale Web Sites presentation, this session will cover five additional architectural and operational best practices used in eBay’s Java technology-based infrastructure. The session will highlight the next set of challenges faced by internet-scale systems, including dependency management, in-flight system changes, data processing/collection, and purpose-built infrastructure, and outline reusable patterns associated with each challenge. This session is for intermediate and advanced developers, technical leads, and system architects. Attendees will walk away with a set of proven strategies and techniques for massively scaling a Web site as well as specific reusable software and system patterns.
Testing Java EE 6 Applications: Tools and Techniques
This session will outline tools and techniques for effectively testing Java EE APIs such as JSF 2.0, Java Servlet 3.0, CDI, EJB 3.1, JPA 2.0, JAX-WS, and JAX-RS. Java EE 6 includes features that enhance testability, like generic dependency injection, CDI @Alternative, portable extensions, embedded containers, and JSF project stages. Using these features and tools such as JUnit, JSFUnit, HttpUnit, DbUnit, Selenium, soapUI, Arquillian, and HSQLDB, it is possible to perform unit, integration, and system testing for Java EE 6 APIs at all layers of the application. In addition to discussing tools and features, the session will cover testing techniques like designing for testability, mock objects, isolation, test configuration, and test data.