Getting software released to users is often a painful, risky, and time-consuming process. This workshop sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers and operations, delivery teams can get changes released in a matter of hours–sometimes even minutes–no matter what the size of a project or the complexity of its code base.

In this workshop we take the unique approach of moving from release back through testing to development practices, analyzing at each stage how to improve collaboration and increase feedback so as to make the delivery process as fast and efficient as possible. At the heart of the workshop is a pattern called the deployment pipeline, which involves the creation of a living system that models your organization's value stream for delivering software. We spend the first half of the workshop introducing this pattern, and discussing how to incrementally automate the build, test and deployment process, culminating in continuous deployment.

Getting software released to users is often a painful, risky, and time-consuming process. This workshop sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers and operations, delivery teams can get changes released in a matter of hours–sometimes even minutes–no matter what the size of a project or the complexity of its code base.

In this workshop we take the unique approach of moving from release back through testing to development practices, analyzing at each stage how to improve collaboration and increase feedback so as to make the delivery process as fast and efficient as possible. At the heart of the workshop is a pattern called the deployment pipeline, which involves the creation of a living system that models your organization's value stream for delivering software. We spend the first half of the workshop introducing this pattern, and discussing how to incrementally automate the build, test and deployment process, culminating in continuous deployment.

Getting software released to users is often a painful, risky, and time-consuming process. This workshop sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers and operations, delivery teams can get changes released in a matter of hours–sometimes even minutes–no matter what the size of a project or the complexity of its code base.

In the second half of the workshop, we introduce agile infrastructure, including the use of Puppet to automate the management of testing and production environments. We'll discuss automating data management, including migrations. Development practices that enable incremental development and delivery will be covered at length, including a discussion of why branching is inimical to continuous delivery, and how practices such as branch by abstraction and componentization provide superior alternatives that enable large and distributed teams to deliver incrementally.

Getting software released to users is often a painful, risky, and time-consuming process. This workshop sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers and operations, delivery teams can get changes released in a matter of hours–sometimes even minutes–no matter what the size of a project or the complexity of its code base.

In the second half of the workshop, we introduce agile infrastructure, including the use of Puppet to automate the management of testing and production environments. We'll discuss automating data management, including migrations. Development practices that enable incremental development and delivery will be covered at length, including a discussion of why branching is inimical to continuous delivery, and how practices such as branch by abstraction and componentization provide superior alternatives that enable large and distributed teams to deliver incrementally.

Most of the time when people talk about agile software development, they talk about project and planning practices and never mention actual development practices. This talk delves into best development practices for agile projects, covering all of its aspects.

Most of the time when people talk about agile software development, they talk about project and planning practices but never mention actual development, as if development where an afterthought when writing software. This talk bills into the real details of how to do agile development. I discuss best practices like continuous integration, pair programming, how developers should interact with story cards, how to handle enterprise concerns like integration with other software packages, and a slew of other topics related to agile software development.

A Technology Radar is a tool that forces you to organize and think about near term future technology decisions, both for you and your company. This talk discusses using the radar for personal breadth development, architectural guidance, and governance.

ThoughtWorks Technical Advisory Board creates a “technology radar” twice a year, a working document that helps the company make decisions about interesting technologies and where we spend our time. ThoughtWorks then started conducting radar-building exercises for our clients, which provides a great medium for technologists company-wide to express their opinions about the technologies they use every day. For companies, creating a radar helps you document your technology decisions in a standard format, evaluate technology decisions in an actionable way, and create cross-silo discussions about suitable technology choices. This session describes the radar visualization and how to conduct a radar building session for yourself. After a brief introduction, the bulk of the workshop consists of attendees building a radar for the group, following the same procedure you'll use when you do this exercise at your company. At the end, we'll have created a unique Radar for this event and practiced doing it for yourself.

Emergent design is a big topic in the agile architecture and design community. This session covers the theory behind emergent design and shows examples of how you can implement this important concept.

This session describes the current thinking about emergent design, discovering design in code. The hazard of Big Design Up Front in software is that you don't yet know what you don't know, and design decisions made too early are just speculations without facts. Emergent design techniques allow you to wait until the last responsible moment to make design decisions. This talk covers four areas: emergent design enablers, battling things that make emergent design hard, finding idiomatic patterns, and how to leverage the patterns you find. It includes both proactive (test-driven development) and reactive (refactoring, metrics, visualizations, tests) approaches to discovering design, and discusses the use of custom attributes, DSLs, and other techniques for utilizing them. The goal of this talk is to provide nomenclature, strategies, and techniques for allowing design to emerge from projects as they proceed, keeping you code in sync with the problem domain. This talk shows lots of examples of how to make this concept work in your environment.

Learn how to add Neo4j to your projects to add social, recommendation and other graph based capabilities to your applications.

We'll start by introducing the strengths, weaknesses and common use cases for neo4j. We'll then look at how to write effective graph based queries - directly or using Spring Data.

With NoSQL data stores you need to completely rethink how to model your data.

In this session we'll look at the very different approaches to data modeling required for MongoDB and Neo4j.

After almost a decade and several significant releases, Spring has gone a long way from challenging the then-current Java standards to becoming the de facto enterprise standard itself. Although the Spring programming model continues to evolve, it still maintains backward compatibility with many of its earlier features and paradigms. Consequently, there's often more than one way to do anything in Spring. How do you know which way is the right way?

In this session, we'll explore several ways that Spring has changed over the years and look at the best approaches when working with the latest versions of Spring.

The first in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.

The REpresentational State Transfer (REST) architectural style has emerged as a winning strategy for building scalable, flexible, resilient systems that lead with an information focus. Far from being the simple “Web Services through URLs” idea many people have about them, REST-based systems require a new perspective, a fair amount of consideration and the discipline to look beyond simple point-to-point interactions.

The benefits are exciting and provide a gateway to a whole new world of information technology. This first talk will be an introductory session covering the basics of the REST architectural style.

The second in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.

People already familiar with REST (or who have attended the first session) will be walked through the deeper topics of building Level 3 Hypermedia-based RESTful systems, security, content negotiation, etc.

The third in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.

The move to a good REST API yields an explosive combination of options due to content-negotiation and arbitrary workflows. At the same time, the uniform interface you project (representations, how you respond to verbs, response codes, etc.) becomes your contract with your clients. The API itself becomes a completely transportable, reusable bit of organizational knowledge when done well. Testing it sufficiently will give you a safety net but may drive you crazy unless you do it right. We will walk through the use of Behavior-Driven Development (BDD) to test these kinds of APIs.

We will highlight the problems of sufficiently testing REST APIs while providing a rich and relatively straight-forward solution to the problem. We will use a Behavior-Driven Development (BDD) tool like Cucumber to establish reusable steps and comprehensive, but lightweight testing strategies for testing REST APIs.

This talk will not be an introduction to REST. If you have come to the REST I or REST II talk, or have a good understanding, it should be very accessible.

As a web application developer, most of the focus is on the user stories and producing business value for your company or clients. Increasingly however the world wide web is more like the wild wild web which is an increasingly hostile environment for web applications. It is absolutely necessary for web application teams to have security knowledge, a security model and to leverage proper security tools.

This training workshop on security will provide an overview of the security landscape starting with the OWASP top ten security concerns with current real world examples of each of these attack vectors. The first session will consist of a demonstration and labs using hacker tools to get an understanding of how a hacker thinks. It will include a walk through of the ESAPI toolkit as an example of how to solve a number of these security concerns including hands-on labs using the OWASP example swingset.

The workshop will include several hands on labs from the webgoat project in order to better understand the threats that are ever so common today.

Attendees will come away with the following skills / capabilities:

• threat modeling
• security audit plan
• introduction to Pen testing
• key / certificate management
• fixing web application security issues

Don't be the weakest link on the web!

Of all the non-functional requirements of software development, complexity receives the least attention and seems to be the most important from a long term standard point. This talk will look at some of forces that drive complexity at the code level and at a system level and their impact. We will discuss what causes us to over look complexity, how our perception of it changes over time and what we can do about it?

In this session we will break down the meaning of complexity and simplicity and measure the application of those means against the common software development dogma. Looking at common development trends and pressures, we'll discuss where simplify does and doesn't help. We will examine areas of development which at first glance seem to be simple (such as the creation of an equals method in Java), that end up being difficult or impossible based on normal constraints. We will example the drivers of complexity with some discussion on what you can do about it. This session will finish with a discussion around several challenges to high scale software architectures and how to keep it simple.

The Spock framework brings simple, elegant testing to Java and Groovy projects. It integrates cleanly with JUnit, so Spock tests can be integrated as part of an existing test suite. Spock also includes an embedded mocking framework that can be used right away.

In this presentation, we'll look at several examples of Spock tests and review most of its capabilities, including mock objects and integration with Spring.

In this session, we're going to combine the magic of Spring Boot and the magic of Spring Data to yield something even more powerful. You'll see how to quickly build an application's persistence layer, whether it stores data in a RDBMS, Mongo, Neo4j, or several other popular data stores. You'll also see how to create a functioning REST API with nothing more than an interface and a domain type.

Spring Boot dramatically simplifies application development with Spring. But before Spring Boot came along, Spring Data was already making developers' lives easy when it comes to working with data. When combined, Spring Data and Spring Boot can make data persistence the easiest part of your application.

For a long while, we've built applications pretty much the same way. Regardless of the frameworks (or even languages and platforms) employed, we've packaged up our web application, deployed it to a server somewhere, and asked our users to point their web browser at it.

But now we're seeing a shift in not only how applications are deployed, but also in how they're consumed. The cost and hassle of setting up dedicated servers is driving more applications into the cloud. Meanwhile, our users are on-the-go more than ever, consuming applications from their mobile devices more often than a traditional desktop browser. And even the desktop user is expecting a more interactive experience than is offered by simple page-based HTML sites.

With this shift comes new programming models and frameworks. It also involves a shift in how we think about our application design. Standing up a simple HTML-based application is no longer good enough.

In this session, we'll discuss what the next generation of applications looks like, exploring such things as the mobile web and cloud computing. We'll also dig into some of the technologies and practices such as REST, OAuth, and JavaScript microframeworks that enable us to move forward.

In this session, I'll show you how to secure your Spring application with Spring Security 3.2. You'll see how to declare both request-oriented and method-oriented security constraints. And you'll see how SpEL can make simple work of expressing complex security rules.

Although we may invite guests into our homes and give someone a ride in our car, we locks and alarms on our homes and our cars to keep uninvited and malicious visitors out. Similarly, we allow people to use the applications that we develop, but we probably want to control the access that they have.

Security is an important aspect of any application. And while we could program security rules into the web controllers and methods in our application, we'd find ourselves cluttering our business logic with repetitive security code. Security is a cross-cutting concern–begging to be handled with aspect-oriented techniques.

Spring Security is an authentication and access-control framework based on Spring that provides security aspects. With Spring Security, you can declare who is allowed to access your application and what they're allowed to see, keeping your application logic focused and uncluttered with security details.

The fourth of a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.

The Web of Documents we are so familiar with is being extended with the technologies of the Semantic Web. Information will be freed from its containers and connected regardless of where it comes from. Building on the concepts of REST services and the Web Architecture, we will introduce the Resource Description Framework (RDF) as the basis of a new collection of tools for information sharing and integration. Once the information is woven together, we will want to query it and produce new information resources with technologies like the SPARQL query language.

People already familiar with REST and the Web (or who have attended the REST sessions) will be given both conceptual and technical examples of how and why these technologies are laying the foundation of future information systems.

The fifth in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.

Once we have a flexible and extensible data model like RDF, we will want to find ways to weave it into our documents to make them easier to organize, find and extract value from on the Web. This talk will highlight techniques for adopting RDFa but will also motivate attendees to dig deeper by showing them how it is already being used by the biggest names on the Web. Improve your search results and allow your customers to leverage relevant information for their own purposes.

You understand how important it is to be on the Web. Come learn how important it is to be on the Web of Data.

Interested in HTML5? Want a change to play around with the latest and greatest in web app development? This workshop is for you! We'll cover feature detection, web forms, the new HTML elements, take a spin around the canvas, and we'll finish up with offline/local storage and web sockets.

Detecting 101
Before you can take advantage of a new HTML5 feature, you have to make sure a given browser can support it. This section will cover the basics of detection as well as getting the most out of rocking cool libraries like Modernizer. We'll also look at just what to do when a browser doesn't support a feature you're trying to leverage.

New elements
Along with a new human type-able doctype, HTML5 introduces several new semantic elements. Recognizing that nearly every website in existence has a header, a footer and some navigation divs, HTML5 gives us a header, a footer and a nav element along with a few others. HTML5 seeks to pave cowpaths, not force the web to bend to its ways…

Canvas
One of the most exciting features of HTML5 is the canvas, a space you can use to draw anything from shapes to text to, well, anything! From basic drawing to graphs to full fledged games, canvas opens up a whole new world of possibility, a world sans browser plugins.

Local Storage
Web apps are, in many cases, indistinguishable from their thick client brethren, at least if you're not on an airplane. OK, so many planes have wifi, but there are parts of the world that don't have reliable Internet connections! Thanks to local storage and the offline API, all is not lost - you can create a web app that works offline.

Web sockets and web workers
Ajax is like so many things in the web world - a simple (but very powerful) hack that isn't defined by a spec. With the advent of the web socket API, we'll finally have a native way to have bi-directional communication with the server. As we create richer and richer clients, we're writing more and more JavaScript. While the JS engines are getting faster and faster, there are cases where it'd be very handy to run scripts in the background. Web workers give us just such an opportunity.

The word just came down from the VP - you need a mobile app and you need it yesterday. Wait, you've never built a mobile app…it's pretty much the same thing as you've built before just smaller right? Wrong. The mobile experience is different and far less forgiving. How do you design an application for touch? How does that differ from a mouse? Should you build a mobile app or a mobile web site? This talk will get you started on designing for a new, and exciting, platform. Whether that means iPhone, Android, Windows Phone or something else, you need a plan, this talk will help.

The word just came down from the VP - you need a mobile app and you need it yesterday. Wait, you've never built a mobile app…it's pretty much the same thing as you've built before just smaller right? Wrong. The mobile experience is different and far less forgiving. How do you design an application for touch? How does that differ from a mouse? Should you build a mobile app or a mobile web site? This talk will get you started on designing for a new, and exciting, platform. Whether that means iPhone, Android, Windows Phone or something else, you need a plan, this talk will help.

Mobile is the next big thing and your company needs to there. But what does there actually entail? Should you build a native app? On which platforms? Do you have the skills for that? What about the web? Can you deliver an awesome experience using nothing but a mobile web browser? This talk will help you navigate these treacherous waters. We'll discuss the pros and cons of the various approaches and give you a framework for choosing.

Mobile is the next big thing and your company needs to there. But what does there actually entail? Should you build a native app? On which platforms? Do you have the skills for that? What about the web? Can you deliver an awesome experience using nothing but a mobile web browser? This talk will help you navigate these treacherous waters. We'll discuss the pros and cons of the various approaches and give you a framework for choosing.

Like it or not, with application servers like node.js and increasingly rich client MVC frameworks like backbone.js, Javascript is in your future.

In this session we'll look deeply at the fundamental strengths and weaknesses of the language and how to become a javascript professional. We'll include information on using Jasmine for testing your Javascript.

Intuit and even the US government want to be “lean startups”.

Learn how businesses of any size can improve the effectiveness and efficiency of their software development processes using lean startup principles like Minimum Viable Product, Validated Learning and Metrics Driven Development.

You're all over jQuery - you write plugins in your sleep - and before that, you were a Prototype ninja. Your team treats JavaScript like a first class citizen, you've even written more tests than Kent Beck. Is that all there is in the land of the JavaScript developer? Believe it or not, the JavaScript party hasn't stopped. What other libraries are out there? What do they offer? This talk will survey the field of modern JavaScript libraries getting you up to speed on what's new. We'll dive in just deep enough to whet your appetite on a wide variety of libraries such as Backbone, Underscore, Zepto and more.

You're all over jQuery - you write plugins in your sleep - and before that, you were a Prototype ninja. Your team treats JavaScript like a first class citizen, you've even written more tests than Kent Beck. Is that all there is in the land of the JavaScript developer? Believe it or not, the JavaScript party hasn't stopped. What other libraries are out there? What do they offer? This talk will survey the field of modern JavaScript libraries getting you up to speed on what's new. We'll dive in just deep enough to whet your appetite on a wide variety of libraries such as Backbone, Underscore, Zepto and more.

It's been ages since you copied random JavaScript off a nameless webpage and your JavaScript is every bit as elegant as any server side code. You know the ins and outs of jQuery and you've even built a plugin or three…but is that it? How do we build rich web applications without resorting to heavy weight proprietary components? How do we leverage HTML5 and everything it brings to the table? How do we craft elegant user experiences that integrate fully with the RESTful web services that are all the rage on the backend? How do we build apps that are at home on a 3.5 inch phone as they are on the 15 inch notebook? This talk goes beyond jQuery to explore new libraries like Backbone are bringing even more to the front end developer's toolbox.

It's been ages since you copied random JavaScript off a nameless webpage and your JavaScript is every bit as elegant as any server side code. You know the ins and outs of jQuery and you've even built a plugin or three…but is that it? How do we build rich web applications without resorting to heavy weight proprietary components? How do we leverage HTML5 and everything it brings to the table? How do we craft elegant user experiences that integrate fully with the RESTful web services that are all the rage on the backend? How do we build apps that are at home on a 3.5 inch phone as they are on the 15 inch notebook? This talk goes beyond jQuery to explore new libraries like Backbone are bringing even more to the front end developer's toolbox.

Successful projects require any number of practices but if you don't know who you're building it for or what you're supposed to build, failure is a distinct possibility. How do we capture the who and what? Personas and story maps are two effective techniques that you can leverage. After discussing the basics, we'll break into small groups and you'll have a chance to actually try building a set of personas as well as a story map.

Personas are a time tested technique to help teams understand their users and facilitate building the right interface. While personas are often backed by extensive ethnographic research, they don't require months and months of effort.

Of course just knowing who we're building for is only part of the picture, we have to know what our users are trying to do. Wether you favor use cases, user stories or more traditional requirements documents, at the end of the day our customers are using our application to further some other goal.

Learn why key agile practices work.

We'll look at the underlying theory from fields as diverse as queueing theory and computer networking to show why popular agile approaches work.

Even with the recent explosion in alternative languages for the JVM, the vast majority of us are still writing code in “Java the language” in order to put bread on the table. Proper craftsmanship demands that we write the best Java code that we can possibly write. Fortunately we have a guide in Joshua Bloch's Effective Java.

In his foreward to the first edition, Guy Steele writes about the importance of learning three aspects of any language: grammar, vocabulary, and idioms. Unfortunately many programmers stop learning after mastering the first two. Effective Java is your guide to understanding idiomatic Java programming.

Effective Java is organized into 78 standalone “items,” all of which will be impossible to cover in one session. Instead I've chosen a subset of the most important techniques and practices that are commonly missed by today's Java programmers. You'll pick from a menu and decide where we'll head. Regardless of the path we take, you'll leave this session thoroughly equipped to write better Java code tomorrow!

Even with the recent explosion in alternative languages for the JVM, the vast majority of us are still writing code in “Java the language” in order to put bread on the table. Proper craftsmanship demands that we write the best Java code that we can possibly write. Fortunately we have a guide in Joshua Bloch's Effective Java.

Effective Java is organized into 78 standalone “items,” all of which will be impossible to cover in one session. Instead I've chosen a subset of the most important techniques and practices that are commonly missed by today's Java programmers.

*In Part II of this session, we'll cover those items we were unable to reach during Part I. We'll follow that up with a dive into the new features available in Java 7, describing new idioms for effective Java programming in the following areas:

• Strings in switch statements
• Enhanced syntax for numeric literals
• Improved exception handling
• ARM (automatic resource management) blocks
• Type inference for construction of parameterized types (the “diamond” operator)

Object-oriented programming was formally introduced in the 1970's with the advent of Smalltalk. C++ took it mainstream in the 1980's, and Java carried it to the next level in the 1990's. Unfortunately, if you examine the vast majority of Java codebases, what you'll find is a bunch of C-style structs (a.k.a. JavaBeans) and functions. As these codebases grow, a number of design smells can potentially crop up, which in turn cripple our ability to respond to change. We need SOLID principles that we can apply to keep our software clean and malleable.

Robert C. “Uncle Bob” Martin identified several design smells in his book Agile Software Development: Principles, Patterns, and Practices:

• Rigidity
• Fragility
• Immobility
• Viscosity
• Needless Complexity
• Needless Repetition
• Opacity

We can reverse and in fact avoid these techniques by following the principles of SOLID software design:

• Single Responsibility
• Open-Closed
• Liskov Substitution
• Interface Segregation
• Dependency Inversion

You'll leave this session equipped to ferret out design smells and apply these principles on your next project.

What is the DevOps movement? It a nutshell, it is the idea that the days of silos are over. Development, QA, and operations can no longer be thought of as separate warring divisons with their own “turfs.” Instead, we must focus on the fact that we are all part of a single value stream for the customer. By collaboration and shared expertise, we can find real overlaps between our previously segregated areas of expertise and optimize that value stream.

We'll cover the following topics:

• Death to Silos: developing an culture of collaborative software delivery
• Developing communication and bridge-building skills
• Understanding your business and its domain
• The automated “infrastructure as code” revolution
• Driving performance, process, and people improvements through metrics
• The DevOps' Toolkit: Puppet, Chef, Flapjack, Vagrant, and friends

In this presentation I will introduce an open source tool called Akka. This tool is written in Scala and provides the right abstract level we need to write fault tolerant and scalable application in Java. Akka framework comes with three different approaches that we could use to build concurrent applications: Actors, STM (Software Transaction Memory) and Agent. I will discuss each of these approaches with code examples so that audience could see how these approaches works and some of its use cases.

Akka is the only framework that I think is able to provide the right set of tools that we need to build correctly a scalable and concurrent application. And knowing Akka will help audience to select the right abstraction when they build their next concurrent application.

Chef is a community-developed platform for automated provisioning, configuration, and integration of software infrastructure. It currently boasts 190+ individuals and 40+ companies (including parent company OpsCode) as contributors, and companies like EngineYard, ElectronicArts, GoTime, and Rhapsody as adopters.

Chef achieves fully automated infrastructure via three primary disciplines:

• Automated provisioning of bare metal, virtualized, and cloud environments
• Configuration of servers via roles (“webserver”, “appserver”, “loadbalancer”) and recipes, which are declarative descriptions of resource (e.g. Apache, MySQL, Hadoop) configurations written in a Ruby DSL
• Systems integration via dynamic lookup and discovery

We'll dive deeply into Chef's architecture and features, including its idempotency, its thick client/thin server philosophy, its intentional lack of dependency management (preferring and order-based configuration), and its deep integration with other tools. We'll then leverage Chef to set up infrastructure of a typical JVM-based web development project with various OS, application server and datastore configurations. You'll leave a ready to get cooking with Chef on your next software delivery effort.

Puppet is a powerful framework for the automation of tasks typically performed by system administrators as part of software infrastructure provisioning and maintenance. Puppet adoption is rapidly increasing, boasting use by companies such as Google, RedHat, Constant Contact, Zynga, and Shopzilla.

Puppet is composed of three principle components:

• a declarative language for expressing system configuration,
• a client and server for distributing it,
• and a library for realizing the configuration

We'll dive deeply into Puppet's architecture and features, including its idempotent configurations, cross-platform resource abstraction layer, and graph-based modeling of resources, resource providers, and resource relationships. We'll then leverage puppet to set up infrastructure of a typical JVM-based web development project with various OS, application server and datastore configurations. You'll leave a “Master of Puppet,” ready to apply it on your next software delivery effort.

Feature requests are steadily pouring in, but the team cannot respond to them. They are paralyzed. The codebase on which the company has “bet the business” is simply too hard to change. It's your job to clean up the mess and get things rolling again. Where do you begin? Your first task is to get the lay of the land by applying a family of techniques we'll call “Code Archaeology.”

In this session we will learn how to systematically explore a codebase. We'll look at what tools are available to help us out, slinging some wicked shell-fu along the way. We'll look at “code islands” and “code bridges,” and how to construct a “map of the code.” We'll also examine the wisdom that thought leaders like Michael Feathers and Dave Thomas have leant to this subject.



Once we've gained a thorough understanding of what we have in front of us, we'll learn approaches for getting the system under test and refactoring so that we can start to pick up the pace and respond to user requirements without making a bigger mess. You'll leave this session well prepared to tackle the next “big ball of mud” that gets dumped on your desk.

One of the hallmarks of lean software development is the elimination of waste. Several of the key wastes in software development revolve around incomplete, incorrect, or obsolete documentation, especially documentation of requirements. One effective means of ensuring that your requirements documentation is complete, correct, and up-to-date is to make it executable. That sounds nice, but how do we get it done, especially in the world of modern, cross-browser web applications?

Executable web application specifications are within your reach through the combination of Spock, a testing and specification framework written for the JVM in Groovy, and Geb, an elegant Groovy wrapper around the powerful WebDriver browser automation framework. In this session we'll take a close look at Spock specifications for describing and verifying the behavior of our applications. We'll then examine how we can use Geb's implementation of the Page Object pattern and its “jQuery-ish” API for interacting with our web applications in WebDriver's range of supported browsers. Finally, by gluing these two technologies together via Geb's Spock integration, we'll automate the requirements specification for a simple web app.

Learning the syntax of a new language is easy, but learning to think under a different paradigm is hard.

Learning the syntax of a new language is easy, but learning
to think under a different paradigm is hard. This session
helps you transition from a Java writing imperative programmer to a
functional programmer, using Java, Clojure and Scala for
examples. This session takes common
topics from imperative languages and looks at alternative ways of
solving those problems in functional languages. As a Java developer, you know how to achieve code-reuse
via mechanisms like inheritance and polymorphism. Code reuse is
possible in functional languages as well, using high-order
functions, composition, and multi-methods. I show examples from my book Functional Thinking of shifting your perspective on problems, ceding messy details to the language, working smarter, not harder, and how to deal with multiparadigm languages.

Why is Clojure the best new language on the JVM? Come to this session and see why this functional, dynamic Lisp is the best thing on the JVM since Java.

Clojure is the most interesting new language on the horizon, but many developers suffer from the Blub Paradox when they see the Lisp syntax. This talk introduces Clojure to developers who haven't been exposed to it yet, focusing on the things that truly set it apart from other languages. I discuss all of Clojure's syntax (in about 10 minutes), then delve into fascinating features like destructuring, building macros like thread-first and thread-last, the Atomic Succession Model of Concurrency, Clojure's use of Protocols to organize code and solve The Expression Problem, and many more cool features. Come see why some of our most sophisticated projects are using Clojure.

Poorly designed web applications fail to serve both the business and the users, leading to a unnecessary costs, and frustrated customers. By keeping the user in mind, and following a few simple guidelines, you can make huge leaps in the way your users interact with your applications.

In this session, we will focus on the enterprise - where the user-base is known and fairly consistent, but typically where user interface and interaction are not the top most priorities. We will discuss some rules for good design, look at a few simple design elements that can make your web apps shine, and your users rejoice.

As a web application developer, most of the focus is on the user stories and producing business value for your company or clients. Increasingly however the world wide web is more like the wild wild web which is an increasingly hostile environment for web applications. It is absolutely necessary for web application teams to have security knowledge, a security model and to leverage proper security tools.

This training workshop on security will provide an overview of the security landscape starting with the OWASP top ten security concerns with current real world examples of each of these attack vectors. The first session will consist of a demonstration and labs using hacker tools to get an understanding of how a hacker thinks. It will include a walk through of the ESAPI toolkit as an example of how to solve a number of these security concerns including hands-on labs using the OWASP example swingset.

The workshop will include several hands on labs from the webgoat project in order to better understand the threats that are ever so common today.

Attendees will come away with the following skills / capabilities:

• threat modeling
• security audit plan
• introduction to Pen testing
• key / certificate management
• fixing web application security issues

Don't be the weakest link on the web!

Google “MongoDB is Web Scale” and prepare to laugh your tail off. With such satire, it easy to pass off MongoDB as a passing joke… but that would be a mistake. The humor is in the fact there seems to be no end to those who parrot the MongoDB benefits without a clue. This session is about getting a clue.

Get past the hype and hyperbole associated with NoSQL. This session will introduce MongoDB through live working sessions demonstrating the pros and cons of MongoDB development. The session will then focus on a recent short project focused on large scale. We’ll discuss database design to support high scale read access. Throughout this case study we will discuss the consequences of the MongoDB choice. The session will finish with a review of the production topology to support growth in scale.

Think Clojure is only for the back-end functional geeks? Think again. Noir is a web application framework written in Clojure.

In this talk we will see how we can create a simple site using Noir, and with Heroku's support for Clojure, deploy and run it in the cloud.

You are a JavaScript developer who has gotten past writing one-off scripts on pages and wants to leverage the true power of the language. You have tasted the power of objects, and inheritance in Java, and hope to put the same to work for you in JavaScript.

This talk will aim to explain how inheritance works in JavaScript, albeit in the prototypal world rather than the “class"ical world. We will see how to create your own inheritance trees, and create instances that are born with a predefined set of behaviors.

The Play 2.0 web framework bundles all these features in a nice developer friendly framework where you can actually have fun building web applications again.

In this presentation I will show audience how easy it is to build scalable web applications in Play using Scala and Java in matter of minutes without any hassle. And then take a dive to understand various components of playframework and why playframework is such a powerful tool for building scalable web applications. At the end of the presentation it will be clear using playframework you can build web applications for fun and profit. And combination of Play and Scala meets the demand we have from our web applications these days.

JodaTime is Java Date/Time and Calendering done right. There are many problems with the original Date/Time API that came prepackaged in the early Java days. There are even
One of the obvious issues is that Calendar is mutable and can unintentionally be changed. Another issue is that constructing Calendars in Java involves setting certain fields at certain times during coding, but not always getting the expected result. Joda Time repairs those issues and offers a robust and immutable date, time, and duration API.

In Joda Time and a Brief History of the World, I provide a quick rundown of calendaring throughout the centuries, describe UTC, compare UTC to GMT, discuss how time is calculated, and then dive into Joda Time in every popular JVM language. The end result provides the audience with compelling proof that Joda Time should always be their Date Time API of choice.

This presentation covers the Guava library developed by Google (http://code.google.com/p/guava-libraries/). Guava provides collection extensions to the Java Collection API and, along with this, a cornucopia of time-saving utilities that bring Java as close as possible to some of the more functional and dynamic language competitors like Scala, Ruby, and Clojure.

This presentation focuses on the following topics: how to make Predicates and Functions; how to use new collection constructs that make life easier, including MultiMap, BiMaps, and MultiSets; how to set up and use Guava preconditions; and how to create truly immutable collections, and more. All of this is done with Java.

Time is very precious and is often threatened by phone calls, emails, co-workers, bosses, and most of all, yourself. The Pomodoro Technique reigns in unfocused time and gives your work the urgency and the attention it needs, and it's done with a kitchen timer.

In this presentation we discuss how to set up, estimate time, log time, deal with interruptions, and integrate with Agile as a team. We discuss timer software and even some of the great health benefits of the Pomodoro Technique.

Build processes are a pain point in most organizations. Ant is mature but very low level, Maven is powerful but hard to customize, and so on. The Gradle project brings the power and flexibility of Groovy to build files and processes.

Gradle makes it easy to do dependency management, build subprojects, incremental builds, and more. Custom tasks are easy to add, and basic Groovy capabilities like closures, parameterized strings, and builders are all available. Gradle also includes many plugins that make developing Java projects, Groovy projects, web projects, and more very easy.

Build a Grails application from start to finish in this half-day workshop. We'll start with domain classes, apply constraints, add controllers and services, apply both unit and integration tests, and then add additional functionality through plugins.

This rapid introduction to Grails will take advantage of the newest features of Grails 2.0 using the interactive scripts and db console. In addition to building an application, existing samples will be reviewed as a source of good practices and plugins.

Some knowledge of Groovy is assumed but not required.

Workshop Requirements

Software:

• JDK 1.6+ (I'm using 1.7; 1.8 not yet supported)
• Grails 2.2.3 (any 2+ is fine), available from http://grails.org

Unzip the Grails distribution, set a GRAILS_HOME variable to its location, and add the bin subdirectory to your path.

As an alternative installation mechanism, please consider GVM, located at http://gvmtool.net . That will allow you to switch Grails version with a single command. It works for Macs and Unix flavors, as well as Windows through Cygwin.

No IDE is required, but if you want to use one, consider Groovy and Grails Tool Suite. The current version is 3.3.0 and can be downloaded from http://grails.org/products/ggts. IntelliJ IDEA has Grails support in its Ultimate edition only. NetBeans also has Grails support.

Build a Grails application from start to finish in this half-day workshop. We'll start with domain classes, apply constraints, add controllers and services, apply both unit and integration tests, and then add additional functionality through plugins.

This rapid introduction to Grails will take advantage of the newest features of Grails 2.0 using the interactive scripts and db console. In addition to building an application, existing samples will be reviewed as a source of good practices and plugins.

Some knowledge of Groovy is assumed but not required.

Workshop Requirements

Software:

• JDK 1.6+ (I'm using 1.7; 1.8 not yet supported)
• Grails 2.2.3 (any 2+ is fine), available from http://grails.org

Unzip the Grails distribution, set a GRAILS_HOME variable to its location, and add the bin subdirectory to your path.

As an alternative installation mechanism, please consider GVM, located at http://gvmtool.net . That will allow you to switch Grails version with a single command. It works for Macs and Unix flavors, as well as Windows through Cygwin.

No IDE is required, but if you want to use one, consider Groovy and Grails Tool Suite. The current version is 3.3.0 and can be downloaded from http://grails.org/products/ggts. IntelliJ IDEA has Grails support in its Ultimate edition only. NetBeans also has Grails support.

In this session, we're going to start with the basics of how to setup Spring for developing web applications. With that foundation set we'll quickly move into the nuts and bolts of developing web applications that leverage the capabilities offered by Spring MVC, including several new features introduced in recent releases, up to and including Spring 4.0.

From the very beginning, Spring has included Spring MVC, a web framework built around the Spring Framework. Originally based on a rich hierarchy of controller classes, Spring MVC served developers well, but began to look a little long in the tooth compared to other web frameworks.

Fast-forward to 2014. With Spring 4.0, Spring MVC is vastly different than its 1.0 namesake. The annotation-driven programming model has been improved, making it more powerful, more flexible, and incredibly simple to work with.

In this session, we'll look at OAuth, focusing on OAuth 2, from the perspective of an application that consumes an OAuth-secured API as well as see how to use OAuth to secure your own APIs.

Web security is nothing new. As users of the web, we're all accustomed to entering our usernames and fumbling to recall our passwords when trying to access private data on one of the many online services we use. But while traditionally web security could be described as a two-party process between a web application and a user, the modern web involves applications that seek to access other applications on behalf of their users. This presents some new challenges in keeping a user's sensitive data secure while still allowing a the third party application to access it.

OAuth is an open standard for authorization, supported by many online services, that allows one application to access a user's data in another application, all while giving the user control of what information is shared.

In this session, we'll start with an empty directory and use Spine.js to create an interactive client-side web application. Then we'll leverage what we learned to build a mobile web application with a native feel that can be deployed either through a phone's web browser or via native wrapper frameworks such as Apache Cordova (aka, PhoneGap).

Model View Controller (MVC) is often thought of in terms of server-side frameworks such as Spring MVC and Struts. But as web applications become more interactive, it becomes important to apply the same principles in the client. Roll-your-own MVC in JavaScript is possible, but as was the case with server-side MVC frameworks, it can get messy and is often better to seek out help from established frameworks.

Recently, several JavaScript-based microframeworks have emerged to address these concerns in the browser. Spine.js is one such framework that brings MVC to the client-side of web development. Based in CoffeeScript, Spine.js stands out due to its simplicity and a programming model resembling that of Rails and Grails. Also, unlike many other client-side MVC frameworks, Spine.js has a clear and well-paved path to mobile application development.

The Web is changing faster than you can imagine and it is going to continue to do so. Rather than starting over from scratch each time, it builds on what has succeeded already. Webs of Documents are giving way to machine-processable Webs of Information. We no longer care about data containers, we only care about data and how it connects to what we already know.

Roughly 25% of the Web is semantically marked up now and the search engines are indexing this information, enriching their knowledge graphs and rewarding you for providing them with this information.

In the past we had to try to convince developers to adopt new data models, storage engines, encoding schemes, etc. Now we no longer have to worry about that. Rich, reusable interface elements like Web Components can be built using Semantic Web technologies in ways that intermediate developers don’t have to understand but end users can still benefit from. Embedded JSON-LD now allows disparate organizations to communicate complex data sets of arbitrary information through documents without collaboration.

Perhaps the concepts of the Semantic Web initiative are new to you. Or perhaps you have been hearing for years how great technologies like RDF, SPARQL, SKOS and OWL are and have yet to see anything real come out of it.

Whether you are jazzed or jaded, this workshop will blow your mind and provide you with the understanding of a technological shift that is already upon us.

In this workshop, we will:

Explain the Web and Web architecture at a deeper level
Apply Web and Semantic Web technologies in the Enterprise and make them work together
Integrate structured and unstructured information
Create good, long-lived logical names (URIs) for information and services
Use the Resource Description Framework (RDF) to integrate documents, services and databases
Use popular RDF vocabularies such as Dublin Core, FOAF
Query RDF and non-RDF datastores with the SPARQL query language
Encode data in documents using RDFa and JSON-LD
Create self-describing, semantic Web Components
Model and use inferencing with the Web Ontology Language (OWL)

Workshop Requirements

• Laptop
• Java 7/8

The Web is changing faster than you can imagine and it is going to continue to do so. Rather than starting over from scratch each time, it builds on what has succeeded already. Webs of Documents are giving way to machine-processable Webs of Information. We no longer care about data containers, we only care about data and how it connects to what we already know.

Roughly 25% of the Web is semantically marked up now and the search engines are indexing this information, enriching their knowledge graphs and rewarding you for providing them with this information.

In the past we had to try to convince developers to adopt new data models, storage engines, encoding schemes, etc. Now we no longer have to worry about that. Rich, reusable interface elements like Web Components can be built using Semantic Web technologies in ways that intermediate developers don’t have to understand but end users can still benefit from. Embedded JSON-LD now allows disparate organizations to communicate complex data sets of arbitrary information through documents without collaboration.

Perhaps the concepts of the Semantic Web initiative are new to you. Or perhaps you have been hearing for years how great technologies like RDF, SPARQL, SKOS and OWL are and have yet to see anything real come out of it.

Whether you are jazzed or jaded, this workshop will blow your mind and provide you with the understanding of a technological shift that is already upon us.

In this workshop, we will:

Explain the Web and Web architecture at a deeper level
Apply Web and Semantic Web technologies in the Enterprise and make them work together
Integrate structured and unstructured information
Create good, long-lived logical names (URIs) for information and services
Use the Resource Description Framework (RDF) to integrate documents, services and databases
Use popular RDF vocabularies such as Dublin Core, FOAF
Query RDF and non-RDF datastores with the SPARQL query language
Encode data in documents using RDFa and JSON-LD
Create self-describing, semantic Web Components
Model and use inferencing with the Web Ontology Language (OWL)

Workshop Requirements

• Laptop
• Java 7/8

Technology changes, it's a fact of life. And while many developers are attracted to the challenge of change, many organizations do a particularly poor job of adapting. We've all worked on projects with, ahem, less than new technologies even though newer approaches would better serve the business. But how do we convince those holding the purse strings to pony up the cash when things are “working” today? At a personal, how do we keep up with the change in our industry?

This talk will explore ways to stay sharp as a software professional. We'll talk about how a technology radar can help you stay marketable (and enjoying your career) and how we can use the same technique to help our companies keep abreast of important changes in the technology landscape. Of course it isn't enough to just be aware, we have to drive change - but how? This talk will consider ways we can influence others and lead change in our organizations.

What's the point attending a conference unless you do something with the knowledge you gain?

In this session we look at practical strategies for selecting new technologies and proven approaches for driving adoption back at the office.

Have you looked into Scala? Scala is a new object-functional JVM language. It is statically typed and type inferred. It is multi-paradigm and supports both object oriented and functional programming. And it happens to be my favorite programming language.

If you are interested in Scala, how you are planning to learn Scala? You probably are going to pick up a book or two and follow through some examples. And hopefully some point down the line you will learn the language, its syntax and if you get excited enough maybe build large applications using it. But what if I tell you that there is a better path to enlightenment in order to learn Scala?

Scala Koans, a set of test cases that will teach you Scala language. The Scala koans will help the audience learn the language, syntax and the structure of the language through test cases. It will also teach the functional programming and object oriented features of the language. Since learning is guided by failing tests it allows developers to think and play with the language while they are learning.

Workshop Requirements

Namaste,

For those planning to attend the Scala Koans…

Welcome to Scala Koans!

Scala Koans is an interactive session that puts the programming and learning in your hands. Therefore, a laptop is required by all participants. If you do not have a laptop, then perhaps you have a friend with a laptop, is so, well, that would work too. In order to participate in the Scala Koan endeavor, a few things are required:

• A laptop
• A modern JDK installation. JDK 1.6+ will suffice. Remember that it should be a JDK and not a JRE!
• Your JDK should be mapped properly to JAVA_HOME and your PATH variables.
• An installation of your favorite IDE or editor.
• An inquisitive mind.

The process of actually running the koans will be covered during the session. Unfortunately, Internet connectivity is sometimes a dicey affair and at times it can rain on our parade. To avoid having to wait for the install at the conference you can prepare for the koans before the conference! If you don't have the opportunity to do this, we will have either memory sticks or private networks at the conference.

If you want to get started with the set up:

1. Download the koans by visiting https://bitbucket.org/dmarsh/scalakoansexercises and click on the download link on the right hand side of the page. (or you can clone the bitbucket project)
2. Unzip the koans: dmarsh-scalakoansexercises-#####.zip
3. cd into the dmarsh-scalakoansexercises-#### folder
4. If you are in Linux or MacOSX run: ./koans, on Windows ./koans.bat
5. After some initialization, you are now in the koans/sbt shell (you should see a > prompt)
6. In the shell run the following commands:
   a. test:compile
   b. eclipse (if you are planning to use Eclipse)
   c. gen-idea (if you are planning to IntelliJ Idea)
7. Exit the shell by typing exit

Before attending the koans session, you may want to take the opportunity to load some Scala Plugins onto your favorite IDE and Editor. Below is a list of resources that you can use to enhance your environment so that you can enjoy Scala syntax highlighting and other helpful tools like refactoring, debugging and analysis.

Eclipse - The Eclipse has an IDE plugin for Scala called aptly scala-ide. All the information about the plugin can be found at http://scala-ide.org including an easy to follow along video located at http://scala-ide.org/docs/current-user-doc/gettingstarted/index.html

IntelliJ - IntelliJ has a Scala plugin that can be found by going to Settings -> Plugins, clicking on 'Browse Repositories' button and searching for the 'Scala' plugin on the left. Right click on the 'Scala' and choose 'Install'. IntelliJ will prompt you to restart the IDE, do so, and enjoy.

NetBeans - Currently, Github user 'dcaoyuan' hosts a NetBeans Scala plugin at the address: https://github.com/dcaoyuan/nbscala. I have not tried this out since the number of NetBeans users has shrunk in recent years. If you are an avid NetBeans user, and wish to try it, you can let me know the results during the session. There is additional information at: http://wiki.netbeans.org/Scala

Emacs - Github user 'aemoncannon' has created 'ENSIME' (ENhanced Scala Interaction Mode for Emacs) at the address and has a great following. https://github.com/aemoncannon/ensime with some documentation at http://aemoncannon.github.io/ensime.

VIM - For VIM users you can use https://github.com/derekwyatt/vim-scala as a VIM plugin that offers Scala color highlighting

That is it. Hope to see you soon.

Scala is known for both its clarity in some cases, and its obscurity in others. Well, this presentation sticks with the obscurity. We will cover abstract types, the Predef, implicit conversions, creating infix types, singleton types, type variance, type bounds, type variance, partially applied functions vs. partial functions, type projections, and overcoming type erasure using Manifests.

This presentation is geared in at the programmer level and not at a scientific level, with no type theory or calculus. Basic knowledge of Scala is preferrable, though not required. Asking tough questions is mandatory.

Enterprise integration is a hard problem. Not only you have deal with multiple applications build using various programming languages and deployed in various platforms, they also speak different protocols. In this presentation we will introduce you to an open source tool integration framework called Apache Camel. This tool implements all the well know integration patterns from “Enterprise Integration Patterns” book by Gregor Hohpe and Bobby Woolf and provides you with a nice DSL to integration heterogeneous systems.

Here is the outline of the presentation

• What is Camel?
• Talk about enterprise integration patterns
• Camel under the hood
• Code example integrating 2-3 applications using Camel
• Synchronous vs Asynchronous application
• Designing application based on message passing using Camel

The single most important tool in any developers toolbox isn't a fancy IDE or some spiffy new language - it's our brain. Despite ever faster processors with multiple cores and expanding amounts of RAM, we haven't yet created a computer to rival the ultra lightweight one we carry around in our skulls - in this session we'll learn how to make the most of it. We'll talk about why multitasking is a myth, the difference between the left and the right side of your brain, the importance of flow and why exercise is good for more than just your waist line.

The single most important tool in any developers toolbox isn't a fancy IDE or some spiffy new language - it's our brain. Despite ever faster processors with multiple cores and expanding amounts of RAM, we haven't yet created a computer to rival the ultra lightweight one we carry around in our skulls - in this session we'll learn how to make the most of it. We'll talk about why multitasking is a myth, the difference between the left and the right side of your brain, the importance of flow and why exercise is good for more than just your waist line.

Computer science is built on a shaky tower of abstractions, but we've been distracted by other things until we believe it is reality.

This talk teases apart some of the tangled abstractions that have become so common they are invisible yet impact important decisions. I cover languages, tools, platforms, and burrow all the way down to fundamental concepts. This wide-ranging keynote answers these questions and more:

* Which language should I learn next? And should I bother?
* Why is the iPad is the most revolutionary device in the last 30 years?
* Why do some people hate Maven so much?
* How can I choose technologies with long shelf lives?
* Is hiding always a good thing? 

Oh, and some jokes too.

This half-day workshop will bring you up to speed on the specifics of the Groovy programming language. We'll touch on most of the major features of the language, from collections and closures to builders, AST transformations, and metaprogramming. Specific examples will cover topics from Groovy itself and will be supported by unit and integration tests and built using Gradle.

Featured topics will include: collections, closures, operator overloading, scripts and classes, unit and integration testing, AST transformations, parsing and building both XML and JSON, and working with SQL. If time is available, other projects from the Groovy ecosystem, like Gradle, Spock, and GPars, will be included.

A minimum comfort level with Java is assumed. Some exposure to Groovy would be helpful but not required.

Workshop Requirements

• JDK 1.5+
• Groovy 1.8+
• Eclipse with Groovy plugin (optional)

This half-day workshop will bring you up to speed on the specifics of the Groovy programming language. We'll touch on most of the major features of the language, from collections and closures to builders, AST transformations, and metaprogramming. Specific examples will cover topics from Groovy itself and will be supported by unit and integration tests and built using Gradle.

Featured topics will include: collections, closures, operator overloading, scripts and classes, unit and integration testing, AST transformations, parsing and building both XML and JSON, and working with SQL. If time is available, other projects from the Groovy ecosystem, like Gradle, Spock, and GPars, will be included.

A minimum comfort level with Java is assumed. Some exposure to Groovy would be helpful but not required.

Workshop Requirements

• JDK 1.5+
• Groovy 1.8+
• Eclipse with Groovy plugin (optional)