Justin Gehtland
Rocky Mountain Software Symposium
Denver · May 13 - 15, 2005
Founder of Relevance, co-author of Better, Faster, Lighter Java
Justin is the co-founder of Relevance, a consulting/training/research organization located in the Research Triangle of North Carolina. Justin has been developing applications with static and dynamic languages since 1992. He has written code with Java, .NET, C#, Visual Basic, Perl, Python and Ruby. He loves to talk, especially in front of people, but all by himself in the corner if he must. Justin is currently focused on: Rails (because its the law), Spring (because Java isn't going anywhere) and security (because paranoia is your friend).
Presentations
Advanced Hibernate
Hibernate is easy to get started with, but can sometimes be hard to make efficient or secure. In fact, the default settings for Hibernate createapplications that will run slowly, cause unwanted round trips to the database, and may be more restrictive and/or permissive from a security standpointthan you would otherwise want.
Introduction to Hibernate
O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer. This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.
Cryptography for Programmers
For centuries people have used crypto to build (and break) secure systems. Computers have only raised the pitch of conflict, providing enormous cryptographic power at commodity prices. Most programmers do not write their own crypto libraries, instead relying on the services of an operating system or virtual machine. But even with all this support, building secure systems is a daunting task.
Java Platform Security and JAAS
The Java platform is built from the ground up with security in mind. This talk will introduce the security features of the J2SE, building quickly from the basic classes to realistic examples. You will learn the core APIs: SecurityManager, AccessController, Permissions and Policy JAAS Subjects, Principals,
and LoginModules
Writing Secure Web Services (with Java and Axis)
Web Services are message-oriented. This means that any application intention (the need for security, for transactionality, for reliability, etc.) must be
included in the message and not just assumed as external context. The WS-Security specifications are very advanced and currently being used in the wild to create robust, secure web services.