Advanced Message Queuing Protocol (AMQP) is a new way of looking at messaging that is quickly gaining in popularity and use, particularly in the financial services industry. Unlike JMS, which defines a standard API across platforms, AMQP defines a standard wire-level protocol across languages and platforms, finally making true cross-platform messaging a reality. In this session I will start by describing exactly what AMQP is and what problems it specifically solves (that JMS can't!). I will then describe the basic architecture and how AMQP routes messages, and then, through live interactive coding, demonstrate how to build a simple producer and consumer using RabbitMQ to send and receive AMQP messages. We will also take a brief look at other aspects of AMQP such as performance and how to guarantee that the message reaches a consumer.
Agenda:
Enterprise Architecture (EA) is one of the most misunderstood terms in our industry. Ask 10 people what EA is and you will get 10 different answers. To better understand what EA is and how it impacts your company (and you!) we will go back in time to maritime Britain in the late 1700's. Through exercises in designing a fleet of war ships and making decisions about what to do with the fleet you will understand the various approaches, directions, and implications of EA and how necessary EA is to achieve any company goal. So put your admirals hat on and climb aboard for a maritime adventure you won't forget!
Agenda:
I commonly think of those of us in the IT industry as problem solvers. Whether developer, designer, or architect, we are all presented with problems and work to find a way to solve them, usually through technology. In my opinion this is what makes this industry so much fun. Let's face it - we all love challenges. Sometimes, however, the problems we have to solve are hard - really hard. So how do you go about solving really hard problems? That's what this session is about - Heuristics, the art of problem solving. In this session you will learn how to approach problems and also learn some the common techniques for solving them effectively. So put on your thinking cap and get ready to solve some easy, fun, and hard problems.
Agenda:
JavaScript is one of those very powerful languages that is often misunderstood and underutilized. It's quite popular, yet there's so much more we can do with it.
In this presentation we'll deep dive into the capabilities and strengths of this prominent language of the web.
Programmers often complain that it is hard to automate unit and acceptance tests for JavaScript. Testability is a design issue and with some discipline and careful design we can realize good
automated tests.
In this presentation we'll learn how to automate the testing of JavaScript using both TDD and BDD tools.
Developing a rich user interface for web applications is both exciting and challenging. HTML 5 has closed the gaps and once again brought new vibe into programming the web tier. Come to this session to learn how you can make use of HTML 5 to create stellar applications.
.
Attendees are expected to pair up and work on the labs. Software requirements:
Successful software development is about building the right product at the right time for your customers. This means focusing attention on the right places in the portfolio of projects and products that your company provides, and optimizing the entire value stream from “concept to cash” for your customers and the development teams.
Agility is more than just adopting Scrum or some other agile process framework; it involves adopting a new set of Lean-Agile values, principles and practices through the entire software development lifecycle and beyond in order to provide value to customers earlier and more often.
Lean-Agile software development consists of frequent feedback loops, intense team collaboration, continuous improvement, business and customer involvement, baking quality in and consistent delivery of valuable software. Learn how these Lean principles and practices transform software development and the radical difference it can make in your development work and wider organization.
This presentation explores the nature of motivation and the place of metrics and measurement in software development, and how lean software development principles and practices shed light on motivation and metrics and how they can be used to support deep organizational improvement.
We will examine the nature of motivation in terms of the four intrinsic rewards that drive positive engagement, and also how certain approaches to measuring and managing performance lead to organizational dysfunction. We will also show how the application of lean principles such as building quality into the product, respect for people and optimizing the whole enable more effective approaches to motivation and metrics in software development.
A Technology Radar is a tool that forces you to organize and think about near term future technology decisions, both for you and your company. This talk discusses using the radar for personal breadth development, architectural guidance, and governance.
ThoughtWorks Technical Advisory Board creates a “technology radar” twice a year, a working document that helps the company make decisions about interesting technologies and where we spend our time. ThoughtWorks then started conducting radar-building exercises for our clients, which provides a great medium for technologists company-wide to express their opinions about the technologies they use every day. For companies, creating a radar helps you document your technology decisions in a standard format, evaluate technology decisions in an actionable way, and create cross-silo discussions about suitable technology choices. This session describes the radar visualization and how to conduct a radar building session for yourself. After a brief introduction, the bulk of the workshop consists of attendees building a radar for the group, following the same procedure you'll use when you do this exercise at your company. At the end, we'll have created a unique Radar for this event and practiced doing it for yourself.
Alternative databases continue to establish their role in the technology stack of the future—and for many, the technology stack of the present. Making mature engineering decisions about when to adopt new products is not easy, and requires that we learn about them both from an abstract perspective and from a very concrete one as well. If you are going to recommend a NoSQL database for a new project, you're going to have to look at code.
In this talk, we'll examine three important contenders in the NoSQL space: Cassandra, MongoDB, and Neo4J. We'll review their data models, scaling paradigms, and query idioms. Most importantly, we'll work through the exercise of modeling a real-world problem with each database, and look at the code and queries we'd use to implement real product features. Come to this session for a thorough and thoroughly practical smackdown between three important NoSQL products.
Want to go deep on a popular NoSQL database? Cassandra is a scalable, highly available, column-oriented data store in use at Netflix, Twitter, Reddit, Rackspace, and other web-scale operations. It offers a compelling combination of a rich data model, a robust deployment track record, and a sound architecture, making it a good choice of NoSQL databases to study first.
In this session, we'll talk about Cassandra's data model, look at its query idioms, talk about how to deploy it, and look at use cases in which it is an appropriate data storage solution. We'll study its origins in the Amazon Dynamo project and Google's BigTable, and learn how its architecture helps us achieve the gold standard of scalability: horizontal scalability on commodity hardware. You'll leave prepared to begin experimenting with Cassandra immediately and planning its adoption in your next project.
The ancient Chinese warrior Sun Tzu taught his men to “know your enemy” before going into battle. For us, the same thing is knowing and understanding anti-patterns - things that we repeatably do that produce negative results. Anti-patterns are used by developers, architects, and managers every day, and are one of the main factors that prevent progress and success. In this session we will look at some of the more common and significant software development anti-patterns. Through coding and design examples, you will see how these anti-patterns emerge, how to recognize when the antipattern is being used, and most importantly, how to avoid them. Although most of the coding examples will be in Java, this is a technology-agnostic session. Remember, like motorcycles, anti-patterns are everywhere - so be careful out there!
Agenda
For each anti-pattern covered in this session we will look at the symptoms of the anti-pattern, what the effects are, and some techniques on how to avoid the anti-pattern.
Very few applications stand alone anymore. Rather, they are combined together to form holistic systems that perform complex business functions. One of the big challenges when integrating applications is choosing the right integration styles and usage patterns. In this session we will explore various techniques and patterns for application integration, and look at what purpose and role open source integration hubs such as Camel and Mule play in the overall integration architecture space (and how to properly use them!). Through actual integration scenarios and live coding examples using Apache Camel you will learn which integration styles and patterns to use for your system and how open source integration hubs play an part in your overall integration strategy
Agenda:
Economics, psychology, game theory, and marketing; those fields of study imply a distinct lack of semicolons and curly braces. However, even the venerable Adam Smith, were he alive today, would recognize the applicability of those seemingly tangential components to the business we call software.
Many of us self-identify with the hard core branding of “geek” and “nerd,” or the softer choices, “programmer” and “developer.” However, we rarely hear mentioned “business person,” “saleswoman,” salesman,” “inventor,” “strategist,” or “economist,” yet they are equally, if not more accurate in the description of the talents of a software craftsperson. Though unstated, we, as developers, are expected to be skilled in each of those areas. Rarely in business are so many combined talents expected from an individual contributor.
Together, we'll harness the secrets that classical and 20th century research have uncovered from observing strategic interactive decision making through a large lens. Surprisingly, smart businesses and crafty developers are just now able to fully leverage these historical findings with the advent of commodity big-data processing, machine learning, evolutionary game theory, and a dash of intuition. All of these tactics can be neatly tied together via the occasionally-maligned threads of pop psychology and behavioral economics. Discover how to seat these newfound applications of knowledge in their well-deserved place at the table of computer science for better playing of the game that we call “programming.”
After almost a decade and several significant releases, Spring has gone a long way from challenging the then-current Java standards to becoming the de facto enterprise standard itself. Although the Spring programming model continues to evolve, it still maintains backward compatibility with many of its earlier features and paradigms. Consequently, there's often more than one way to do anything in Spring. How do you know which way is the right way?
In this session, we'll explore several ways that Spring has changed over the years and look at the best approaches when working with the latest versions of Spring.
For a long while, we've built applications pretty much the same way. Regardless of the frameworks (or even languages and platforms) employed, we've packaged up our web application, deployed it to a server somewhere, and asked our users to point their web browser at it.
But now we're seeing a shift in not only how applications are deployed, but also in how they're consumed. The cost and hassle of setting up dedicated servers is driving more applications into the cloud. Meanwhile, our users are on-the-go more than ever, consuming applications from their mobile devices more often than a traditional desktop browser. And even the desktop user is expecting a more interactive experience than is offered by simple page-based HTML sites.
With this shift comes new programming models and frameworks. It also involves a shift in how we think about our application design. Standing up a simple HTML-based application is no longer good enough.
In this session, we'll discuss what the next generation of applications looks like, exploring such things as the mobile web and cloud computing. We'll also dig into some of the technologies and practices such as REST, OAuth, and JavaScript microframeworks that enable us to move forward.
You've heard a bit about Git, Gradle, Jenkins, and Sonar, but are you putting them to use? Are you maximizing what they can offer in terms of standardized project models, faster incremental compiles, automated commit-triggered builds, and rapid source code analysis? In this intense presentation, live demonstrations will be given for all of the latest versions of the aforementioned tools and what they have to offer a highly proficient Java developer.
Don't struggle to get the build out, functioning, and analyzed. Develop, build, analyze and deploy smartly and efficiently with a Build Lifecycle Craftsmanship approach and tooling.
You're serious about improving the quality of your code base, but with 10,000 lines of code, where do you start and how do you ensure the greatest ROI for the re-work your team members will perform?
Sonar is an open source tool that brings together the best of breed static and dynamic analysis of Java projects. The result is a unified view of problematic areas of your code on a time-line basis, allowing the team to attack the problems with the best ROI, and maintain a more watchful eye for positive and risky trends in the codebase in the future.
This workshop will get you up and running with Sonar on your laptop and analyzing the source code of a project in under 90 minutes.
java -version
and javac -version
reporting back a 1.6.x series version number in both cases.JAVA_HOME
environment variable set to point to the JDK (not a JRE)git
is on your PATH
(in the environment variable list of paths)Git is a version control system you may have been hearing a bit about lately. But simply hearing more about it may not be enough to convince you of its value. Getting hands on experience is what really counts. In this workshop, you'll bring your Windows, Mac or Linux laptop and walk through downloading, installing, and using Git in a collaborative fashion.
The workshop style of this class will allow you to observe and discover the value of this new version control tool first hand. You'll be cloning, creating, commiting, and pushing repositories by the conclusion of this session.
git
is on your PATH
(in the environment variable list of paths)Gradle. Another build tool? Come on! But before you say that, take a look at the one you are already using.
Whether your current tool is Make, Rake, Ant, or Maven, Gradle has a lot to offer. It leverages a strong object model like Maven, but a mutable, not predetermined one. Gradle relies on a directed acyclic graph (DAG) lifecycle like Maven, but one that can be customized. Gradle offers imperative build scripting when you need it (like Ant), but declarative build approaches by default (like Maven). In short, Gradle believes that conventions are great – as long as they are headed in the same direction you need to go. When you need to customize something in your build, your build tool should facilitate that with a smile, not a slap in the face. And customizations should be in a low-ceremony language like Groovy. Is all this too much to ask?
Gradle has received the attention of major open source efforts and has chalked up significant conversions by the Spring Integration, Hibernate, and Grails projects. What do these technology leaders see in this bold new build tool? They see not only a better way to build Java applications, but an extensive ecosystem of connecting to existing Ant and Maven build files while expanding the horizon of test, CI, and deployment automation in an easy manner. Join us for 90 minutes and let us take you on this same walk of discovery of the most innovative build tool you've ever seen.
java -version
and javac -version
reporting back a 1.6.x series version number in both cases.JAVA_HOME
environment variable set to point to the JDK (not a JRE)Take one ugly legacy schema, a toolbox full of simple database refactorings, and a world-class schema refactoring tool, and you've got 90 minutes of workshop that will equip you to bring a culture of database responsibility to your team.
In this workshop, we'll start with a live schema in need of some help, and slowly improve it in a controlled fashion using Liquibase. We'll see how to create and alter tables, add constraints, drop columns, control changes in stored procedures, and more. You should come away with a solid understanding of how to use the tool and how to integrate it into your team's development, build, and deployment processes.
Attendees should already have a conversational understanding of Liquibase, or have attended Scripting the Schema with Liquibase session. Please bring a laptop or be prepared to pair with a friend.
Actor based concurrency was popularized by languages like Erlang and Scala. This model of programming provides isolated mutability (as opposed to shared mutability) and easy way implement coordinating processes or tasks. Actors can be local to a JVM, or distributed across VMs and machines. In this presentation we will learn how to use Akka Actors to design and implement distributed concurrent Java applications.
.
Mutability is something we're quite used to in Java. Sharing is a good thing. However, shared mutability is pure devil's work. If we remove shared mutability, all the problems of concurrent go away. In practice, however, it's hard to completely get rid of shared mutability. This is where STM comes in with managed shared mutable variables. In this presentation we will take an example driven approach to dive deep into STM, look at what it has to offer, explore different implementations, and how we can design concurrent applications without any explicit locks.
.
Domain Specific Langauges seems like a cool idea, but where's the payoff? This talk provides an overview of how to build both internal and external DSLs (including the state of the art tools), stopping along the way to show how this is practical to your day job.
This talk defines of DSLs (Domain Specific Languages), distinguishes the types of DSLS (internal and external), and shows examples of building DSLs of several kinds. It shows how to utilize DSLs for externalizing configuration (which you're already doing, whether you realize it or not), how to make your code readable to humans, how DSLs make developer tools better (and how to use DSL techniques to build your own tools), and how DSLs can provide your users unprecedented flexibility and power, by building DSLs customized to their job. This talk provides a good foundation for the subject if you've never seen anything about it, but keeps the focus on practical goals.
Ratpack is a hyper-lightweight, Groovy-based web framework for developing and deploying simple apps in a hurry. Like its high-achieving cousin Gaelyk, it provides Groovy developers with a way to create web apps without days of iteration zero setup time.
In this talk, we'll look over Ratpack's very simple structure and live-code a small, practical example application. We'll look at how to evolve simple controller logic, how to manage templates, how to persist data, and how to deploy Ratpack applications to the web. The Java world needs ways to build small applications in a hurry, and Ratpack is the latest way to do it!
Alistair Cockburn has described software development as a game in which we choose among three moves: invent, decide, and communicate. Most of our time at No Fluff is spent learning how to be better at inventing. Beyond that, we understand the importance of good communication, and take steps to improve in that capacity. Rarely, however, do we acknowledge the role of decision making in the life of software teams, what can cause it to go wrong, and how to improve it.
In this talk, we will explore decision making pathologies and their remedies in individual, team, and organizational dimensions. We'll consider how our own cognitive limitations can lead us to to make bad decisions as individuals, and what we might do to compensate for those personal weaknesses. We'll learn how a team can fall into decisionmaking dysfunction, and what techniques a leader might employ to healthy functioning to an afflicted group. We'll also look at how organizational structure and culture can discourage quality decision making, and what leaders to swim against the tide.
Software teams spend a great deal of time making decisions that place enormous amounts of capital on the line. Team members and leaders owe it to themselves to learn how to make them well.
Whether you are just getting started, or you’ve made an attempt and well… it could be better… a lot better, this session is for you. Ken has been working on Agile projects as a coach and mentor for a number of years. Come discover the common reasons teams fail to get it right. Bring your own challenges and lets discuss. This is set to be an engaging and illuminating discussion.
This can be a dynamic discussion where challenges facing attendees may have us to focus on some areas and tips of agile development. We will certainly talk about how team or management choices to deviate from core agile practices add risk to a project with suggestions on how to resolve many of these challenges.
The first in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.
The REpresentational State Transfer (REST) architectural style has emerged as a winning strategy for building scalable, flexible, resilient systems that lead with an information focus. Far from being the simple “Web Services through URLs” idea many people have about them, REST-based systems require a new perspective, a fair amount of consideration and the discipline to look beyond simple point-to-point interactions.
The benefits are exciting and provide a gateway to a whole new world of information technology. This first talk will be an introductory session covering the basics of the REST architectural style.
What is the DevOps movement? It a nutshell, it is the idea that the days of silos are over. Development, QA, and operations can no longer be thought of as separate warring divisons with their own “turfs.” Instead, we must focus on the fact that we are all part of a single value stream for the customer. By collaboration and shared expertise, we can find real overlaps between our previously segregated areas of expertise and optimize that value stream.
We'll cover the following topics:
Chef is a community-developed platform for automated provisioning, configuration, and integration of software infrastructure. It currently boasts 190+ individuals and 40+ companies (including parent company OpsCode) as contributors, and companies like EngineYard, ElectronicArts, GoTime, and Rhapsody as adopters.
Chef achieves fully automated infrastructure via three primary disciplines:
We'll dive deeply into Chef's architecture and features, including its idempotency, its thick client/thin server philosophy, its intentional lack of dependency management (preferring and order-based configuration), and its deep integration with other tools. We'll then leverage Chef to set up infrastructure of a typical JVM-based web development project with various OS, application server and datastore configurations. You'll leave a ready to get cooking with Chef on your next software delivery effort.
Puppet is a powerful framework for the automation of tasks typically performed by system administrators as part of software infrastructure provisioning and maintenance. Puppet adoption is rapidly increasing, boasting use by companies such as Google, RedHat, Constant Contact, Zynga, and Shopzilla.
Puppet is composed of three principle components:
We'll dive deeply into Puppet's architecture and features, including its idempotent configurations, cross-platform resource abstraction layer, and graph-based modeling of resources, resource providers, and resource relationships. We'll then leverage puppet to set up infrastructure of a typical JVM-based web development project with various OS, application server and datastore configurations. You'll leave a “Master of Puppet,” ready to apply it on your next software delivery effort.
Even with the recent explosion in alternative languages for the JVM, the vast majority of us are still writing code in “Java the language” in order to put bread on the table. Proper craftsmanship demands that we write the best Java code that we can possibly write. Fortunately we have a guide in Joshua Bloch's Effective Java.
In his foreward to the first edition, Guy Steele writes about the importance of learning three aspects of any language: grammar, vocabulary, and idioms. Unfortunately many programmers stop learning after mastering the first two. Effective Java is your guide to understanding idiomatic Java programming.
Effective Java is organized into 78 standalone “items,” all of which will be impossible to cover in one session. Instead I've chosen a subset of the most important techniques and practices that are commonly missed by today's Java programmers. You'll pick from a menu and decide where we'll head. Regardless of the path we take, you'll leave this session thoroughly equipped to write better Java code tomorrow!
Even with the recent explosion in alternative languages for the JVM, the vast majority of us are still writing code in “Java the language” in order to put bread on the table. Proper craftsmanship demands that we write the best Java code that we can possibly write. Fortunately we have a guide in Joshua Bloch's Effective Java.
Effective Java is organized into 78 standalone “items,” all of which will be impossible to cover in one session. Instead I've chosen a subset of the most important techniques and practices that are commonly missed by today's Java programmers.
*In Part II of this session, we'll cover those items we were unable to reach during Part I. We'll follow that up with a dive into the new features available in Java 7, describing new idioms for effective Java programming in the following areas:
The second in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.
People already familiar with REST (or who have attended the first session) will be walked through the deeper topics of building Level 3 Hypermedia-based RESTful systems, security, content negotiation, etc.
You're all over jQuery - you write plugins in your sleep - and before that, you were a Prototype ninja. Your team treats JavaScript like a first class citizen, you've even written more tests than Kent Beck. Is that all there is in the land of the JavaScript developer? Believe it or not, the JavaScript party hasn't stopped. What other libraries are out there? What do they offer? This talk will survey the field of modern JavaScript libraries getting you up to speed on what's new. We'll dive in just deep enough to whet your appetite on a wide variety of libraries such as Backbone, Underscore, Zepto and more.
You're all over jQuery - you write plugins in your sleep - and before that, you were a Prototype ninja. Your team treats JavaScript like a first class citizen, you've even written more tests than Kent Beck. Is that all there is in the land of the JavaScript developer? Believe it or not, the JavaScript party hasn't stopped. What other libraries are out there? What do they offer? This talk will survey the field of modern JavaScript libraries getting you up to speed on what's new. We'll dive in just deep enough to whet your appetite on a wide variety of libraries such as Backbone, Underscore, Zepto and more.
It's been ages since you copied random JavaScript off a nameless webpage and your JavaScript is every bit as elegant as any server side code. You know the ins and outs of jQuery and you've even built a plugin or three…but is that it? How do we build rich web applications without resorting to heavy weight proprietary components? How do we leverage HTML5 and everything it brings to the table? How do we craft elegant user experiences that integrate fully with the RESTful web services that are all the rage on the backend? How do we build apps that are at home on a 3.5 inch phone as they are on the 15 inch notebook? This talk goes beyond jQuery to explore new libraries like Backbone are bringing even more to the front end developer's toolbox.
It's been ages since you copied random JavaScript off a nameless webpage and your JavaScript is every bit as elegant as any server side code. You know the ins and outs of jQuery and you've even built a plugin or three…but is that it? How do we build rich web applications without resorting to heavy weight proprietary components? How do we leverage HTML5 and everything it brings to the table? How do we craft elegant user experiences that integrate fully with the RESTful web services that are all the rage on the backend? How do we build apps that are at home on a 3.5 inch phone as they are on the 15 inch notebook? This talk goes beyond jQuery to explore new libraries like Backbone are bringing even more to the front end developer's toolbox.
The word just came down from the VP - you need a mobile app and you need it yesterday. Wait, you've never built a mobile app…it's pretty much the same thing as you've built before just smaller right? Wrong. The mobile experience is different and far less forgiving. How do you design an application for touch? How does that differ from a mouse? Should you build a mobile app or a mobile web site? This talk will get you started on designing for a new, and exciting, platform. Whether that means iPhone, Android, Windows Phone or something else, you need a plan, this talk will help.
The word just came down from the VP - you need a mobile app and you need it yesterday. Wait, you've never built a mobile app…it's pretty much the same thing as you've built before just smaller right? Wrong. The mobile experience is different and far less forgiving. How do you design an application for touch? How does that differ from a mouse? Should you build a mobile app or a mobile web site? This talk will get you started on designing for a new, and exciting, platform. Whether that means iPhone, Android, Windows Phone or something else, you need a plan, this talk will help.
Mobile is the next big thing and your company needs to there. But what does there actually entail? Should you build a native app? On which platforms? Do you have the skills for that? What about the web? Can you deliver an awesome experience using nothing but a mobile web browser? This talk will help you navigate these treacherous waters. We'll discuss the pros and cons of the various approaches and give you a framework for choosing.
Mobile is the next big thing and your company needs to there. But what does there actually entail? Should you build a native app? On which platforms? Do you have the skills for that? What about the web? Can you deliver an awesome experience using nothing but a mobile web browser? This talk will help you navigate these treacherous waters. We'll discuss the pros and cons of the various approaches and give you a framework for choosing.
In this session, we'll look at OAuth, focusing on OAuth 2, from the perspective of an application that consumes an OAuth-secured API as well as see how to use OAuth to secure your own APIs.
Web security is nothing new. As users of the web, we're all accustomed to entering our usernames and fumbling to recall our passwords when trying to access private data on one of the many online services we use. But while traditionally web security could be described as a two-party process between a web application and a user, the modern web involves applications that seek to access other applications on behalf of their users. This presents some new challenges in keeping a user's sensitive data secure while still allowing a the third party application to access it.
OAuth is an open standard for authorization, supported by many online services, that allows one application to access a user's data in another application, all while giving the user control of what information is shared.
In this session, I'll show you how to secure your Spring application with Spring Security 3.2. You'll see how to declare both request-oriented and method-oriented security constraints. And you'll see how SpEL can make simple work of expressing complex security rules.
Although we may invite guests into our homes and give someone a ride in our car, we locks and alarms on our homes and our cars to keep uninvited and malicious visitors out. Similarly, we allow people to use the applications that we develop, but we probably want to control the access that they have.
Security is an important aspect of any application. And while we could program security rules into the web controllers and methods in our application, we'd find ourselves cluttering our business logic with repetitive security code. Security is a cross-cutting concern–begging to be handled with aspect-oriented techniques.
Spring Security is an authentication and access-control framework based on Spring that provides security aspects. With Spring Security, you can declare who is allowed to access your application and what they're allowed to see, keeping your application logic focused and uncluttered with security details.
When it comes to cross cutting software concerns, we expect to have or build a common framework or utility to solve this problem. This concept is represented well in the Java world with the loj4j framework, which abstracts the concern of logging, where it logs and the management of logging. The one cross cutting software concern which seems for most applications to be piecemeal is that of security. Security concerns include certification generation, SSL, protection from SQL Injection, protection from XSS, user authorization and authentication. Each of these separate concerns tend to have there own standards and libraries and leaves it as an exercise for the development team to cobble together a solution which includes multiple needs…. until now… Enterprise Security API library from OWASP.
This session will look at a number of security concerns and how the ESAPI library provides a unified solution for security. This includes authorization, authentication of services, encoding, encrypting, and validation. This session will discuss a number of issues which can be solved through standardizing on the open source Enterprise Security API.
Groovy has been around for some time and is generally recognized as a highly productive object-oriented language with a tight association with Java. Groovy seems to be going through a second wave of popularity with a more diverse repertoire of benefits, including building, deploying and testing, in addition to rapid web development. The fastest growth of productivity tools are all powered by Groovy. Discover the Groovy Truth!
This session will start with a short introduction to Groovy and will walk through a number of groovy tools that can increase the speed of delivery of any Java software development shop. We will review the following Groovy Power Tools:
Spock is a groovy based testing framework that leverages all the “best practices” of the last several years taking advantage of many of the development experience of the industry. So combine Junit, BDD, RSpec, Groovy and Vulcans… and you get Spock!
This is a significant advancement in the world of testing.
This session assumes some understanding of testing and junit and builds on it. We will introduce and dig deep into Spock as a test specification and mocking tool.
The fourth of a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.
The Web of Documents we are so familiar with is being extended with the technologies of the Semantic Web. Information will be freed from its containers and connected regardless of where it comes from. Building on the concepts of REST services and the Web Architecture, we will introduce the Resource Description Framework (RDF) as the basis of a new collection of tools for information sharing and integration. Once the information is woven together, we will want to query it and produce new information resources with technologies like the SPARQL query language.
People already familiar with REST and the Web (or who have attended the REST sessions) will be given both conceptual and technical examples of how and why these technologies are laying the foundation of future information systems.
The fifth in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.
Once we have a flexible and extensible data model like RDF, we will want to find ways to weave it into our documents to make them easier to organize, find and extract value from on the Web. This talk will highlight techniques for adopting RDFa but will also motivate attendees to dig deeper by showing them how it is already being used by the biggest names on the Web. Improve your search results and allow your customers to leverage relevant information for their own purposes.
You understand how important it is to be on the Web. Come learn how important it is to be on the Web of Data.
Google “MongoDB is Web Scale” and prepare to laugh your tail off. With such satire, it easy to pass off MongoDB as a passing joke… but that would be a mistake. The humor is in the fact there seems to be no end to those who parrot the MongoDB benefits without a clue. This session is about getting a clue.
Get past the hype and hyperbole associated with NoSQL. This session will introduce MongoDB through live working sessions demonstrating the pros and cons of MongoDB development. The session will then focus on a recent short project focused on large scale. We’ll discuss database design to support high scale read access. Throughout this case study we will discuss the consequences of the MongoDB choice. The session will finish with a review of the production topology to support growth in scale.
Of all the non-functional requirements of software development, complexity receives the least attention and seems to be the most important from a long term standard point. This talk will look at some of forces that drive complexity at the code level and at a system level and their impact. We will discuss what causes us to over look complexity, how our perception of it changes over time and what we can do about it?
In this session we will break down the meaning of complexity and simplicity and measure the application of those means against the common software development dogma. Looking at common development trends and pressures, we'll discuss where simplify does and doesn't help. We will examine areas of development which at first glance seem to be simple (such as the creation of an equals method in Java), that end up being difficult or impossible based on normal constraints. We will example the drivers of complexity with some discussion on what you can do about it. This session will finish with a discussion around several challenges to high scale software architectures and how to keep it simple.
In this session, we're going to combine the magic of Spring Boot and the magic of Spring Data to yield something even more powerful. You'll see how to quickly build an application's persistence layer, whether it stores data in a RDBMS, Mongo, Neo4j, or several other popular data stores. You'll also see how to create a functioning REST API with nothing more than an interface and a domain type.
Spring Boot dramatically simplifies application development with Spring. But before Spring Boot came along, Spring Data was already making developers' lives easy when it comes to working with data. When combined, Spring Data and Spring Boot can make data persistence the easiest part of your application.
You see them everywhere: “Like” buttons, “Tweet” buttons, and now there are “+1” buttons. The social networks have extended their reach beyond their own websites and into almost every web site you visit. But did you know that these simple little buttons are just the tip of the iceberg when it comes to adding social features to your website?
Several of the popular social networks (including Facebook, Twitter, and LinkedIn) provide client-side APIs that enable you to build social capabilities into you application. With these APIs, your application can not only show a simple button for your users to express their opinion, but can also let you query information about their profile, friends, interests, and much more.
In this example-driven presentation, we'll examine the client-side APIs offered by Facebook, Twitter, and LinkedIn. We'll dig even deeper than the “Like” button as we see how the APIs can be used to build rich social applications.
One of the hallmarks of lean software development is the elimination of waste. Several of the key wastes in software development revolve around incomplete, incorrect, or obsolete documentation, especially documentation of requirements. One effective means of ensuring that your requirements documentation is complete, correct, and up-to-date is to make it executable. That sounds nice, but how do we get it done, especially in the world of modern, cross-browser web applications?
Executable web application specifications are within your reach through the combination of Spock, a testing and specification framework written for the JVM in Groovy, and Geb, an elegant Groovy wrapper around the powerful WebDriver browser automation framework. In this session we'll take a close look at Spock specifications for describing and verifying the behavior of our applications. We'll then examine how we can use Geb's implementation of the Page Object pattern and its “jQuery-ish” API for interacting with our web applications in WebDriver's range of supported browsers. Finally, by gluing these two technologies together via Geb's Spock integration, we'll automate the requirements specification for a simple web app.
This presentation seeks to provide a solid introduction to the fundamentals of DDD. Learn why modeling a complex business domain in software is so advantageous to your business and ways in which your team can go about delivering software models to give your business a competitive edge.
The philosophy of domain-driven design (DDD) – first described by Eric Evans in his book [of the same name – is about placing our attention at the heart of the application, focusing on the complexity that is intrinsic to the business domain itself. We also distinguish the core domain (unique to the business) from the supporting sub-domains (typically generic in nature, such as money or time), and place appropriately more of our design efforts on the core.
Domain-driven design consists of a set of patterns for building enterprise applications from the domain model out. In your software career you may well have encountered many of these ideas already, especially if you are a seasoned developer in an OO language. But applying them together will allow you to build systems that genuinely meet the needs of the business.
The premise of domain-driven design is two-fold:
Domain-driven design is not a technology or a methodology. It is a way of thinking and a set of priorities, aimed at accelerating software projects that have to deal with complicated domains.
Note: Laptops are not required - there is no hands-on coding for this workshop.
This workshop consists of lecture and participation exercises.
Note that there is no hands-on coding for this workshop so laptops will not be required. Bring materials for taking notes.
Not every part of a software system will be well-designed. How do you know where to put the time and effort to refine the design, or refactor existing code? Learn how strategic Domain-Driven Design (DDD) patterns can show you how to know which parts of your system matter most to your business and how to focus your team's design efforts most effectively.
Context mapping and Core Domain are key concepts in DDD, providing valuable techniques and insights into where to focus your design attention, yet most developers have never heard of them. This session will introduce the tools of strategic DDD and show you how they can shine a light on your design challenges.
Come on a guided tour of how applying Domain-Driven Design (DDD) building block patterns can make your code cleaner, more expressive, and more amenable to change. We cover examples of DDD patterns such as entities, value objects, closure of operations and side-effect-free functions. We will focus particularly on how implementing value objects can lead to more supple design.
When good design really matters, DDD building block patterns enable your design to model the business domain you are working with more richly. They allow you to collaborate with domain experts to build deep, useful models of the domain in your code that solve difficult business problems with elegance and simplicity.
This is a highly interactive modeling session which walks through diagrams and code samples to demonstrate how the application of these patterns to modeling can make writing and reading coding fun again, while improving the effectiveness of the code you write. Come prepared to think, ask and answer questions, and learn how to write the best code where it matters most.
The third in a series of talks that are part of an arc covering next-generation information-oriented, flexible, scalable architectures. The ideas presented apply to both external and internal-facing systems.
The move to a good REST API yields an explosive combination of options due to content-negotiation and arbitrary workflows. At the same time, the uniform interface you project (representations, how you respond to verbs, response codes, etc.) becomes your contract with your clients. The API itself becomes a completely transportable, reusable bit of organizational knowledge when done well. Testing it sufficiently will give you a safety net but may drive you crazy unless you do it right. We will walk through the use of Behavior-Driven Development (BDD) to test these kinds of APIs.
We will highlight the problems of sufficiently testing REST APIs while providing a rich and relatively straight-forward solution to the problem. We will use a Behavior-Driven Development (BDD) tool like Cucumber to establish reusable steps and comprehensive, but lightweight testing strategies for testing REST APIs.
This talk will not be an introduction to REST. If you have come to the REST I or REST II talk, or have a good understanding, it should be very accessible.
Getting software released to users is often a painful, risky, and time-consuming process. This workshop sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers and operations, delivery teams can get changes released in a matter of hours–sometimes even minutes–no matter what the size of a project or the complexity of its code base.
In this workshop we take the unique approach of moving from release back through testing to development practices, analyzing at each stage how to improve collaboration and increase feedback so as to make the delivery process as fast and efficient as possible. At the heart of the workshop is a pattern called the deployment pipeline, which involves the creation of a living system that models your organization's value stream for delivering software. We spend the first half of the workshop introducing this pattern, and discussing how to incrementally automate the build, test and deployment process, culminating in continuous deployment.
Getting software released to users is often a painful, risky, and time-consuming process. This workshop sets out the principles and technical practices that enable rapid, incremental delivery of high quality, valuable new functionality to users. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers and operations, delivery teams can get changes released in a matter of hours–sometimes even minutes–no matter what the size of a project or the complexity of its code base.
In the second half of the workshop, we introduce agile infrastructure, including the use of Puppet to automate the management of testing and production environments. We'll discuss automating data management, including migrations. Development practices that enable incremental development and delivery will be covered at length, including a discussion of why branching is inimical to continuous delivery, and how practices such as branch by abstraction and componentization provide superior alternatives that enable large and distributed teams to deliver incrementally.
This is a BOF, which is an informal two-way chat on a focused topic.
This particular BOF is focused on the productivity of developers on the Mac.