By Neal Ford

This session talks about how to actually get XP done in the real world (and what to tell your boss).

Extreme programming sounds a little too ?ESPN2? for most managers, but there is a lot of sound engineering behind its principles. My employer, ThoughtWorks, has been extremely successful using the full XP stack and we have developed lots of experience with it. This session talks about how to do XP in the real world. XP is all about feedback loops, so I discuss how to replace the radical sounding ones with more palatable ones. I talk about the parts of XP that are absolutely vital (unit testing, collective ownership, continuous integration, etc) and the ones that you can introduce a little more slowly (pair programming, only a 40 hour work week). This session focuses on the practicality of XP and how you can adopt it at your organization. I also talk about political battles with managers, other departments, and barriers that pop up anytime you try to introduce change in a large enterprise. Discussion is encouraged (required) in this session.

Key Session Points: XP and Feedback Loops A pragmatic look at the XP practices     The planning game     Small releases     Metaphor     Simple design     Testing     Refactoring     Pair programming     Collective ownership     Continuous integration     40-hour week     On-site customer     Coding standards XP in the real world

By Neal Ford

This session discusses techniques and tools for debugging enterprise applications (without using System.out.println()!)

It's an interesting dilemma – we have the best tools for software development ever, yet developers are still debugging enterprise applications using ystem.out.println()! This session discusses techniques and tools for debugging enterprise applications. It shows how to perform remote debugging through all the major IDEs, either on the same machine or across a network. It also shows how to debug using the command-line jdb debugger (the only one guaranteed to always be available).This session shows how to debug web, EJB, and lightweight enterprise applications. It discusses class loaders, interactive enterprise debugging with Groovy, and how to automate repetitive tasks using JWebUnit and Selenium, making the computer do work for you instead of vice versa (how many times do you have to walk multiple pages through a web application to get to the point where you can debug it?). This session shows you how to automate these and other common debugging tasks. The goal is to make hunting and eliminating bugs in complex applications much easier.

Key Session Points: • Setting up remote debugging in IDE's    o Eclipse    o IntelliJ • Effective remote debugging • When it's all you've got: jdb and enterprise applications • Forensic debugging using loggers • Debugging web applications    o Inspector    o Bookmarklets • Debugging EJB • Debugging in lightweight frameworks • Interactive Debugging with Groovy • Automating debugging tasks    o JWebUnit    o Selenium

By Neal Ford

Is Service Oriented Architecture the next wave of distributed computing or just the same old crap in a shiny new package? This session provides an overview of what most people agree is the definition of SOA. I talk about SOA, ESB, CORBA, your MOM, and a bunch of other acronyms.

This session is a pragmatic look at SOA from a developer perspective, including such (never talked about) topics like tranports, granularity, versioning services, transformations, and whether you should be doing this or not. I show lots of slides with diagrams and talk about how to evolve towards an SOA. SOA can work if you ignore the hype and focus on the real meat: building loosely coupled message-based applications. This session discusses just that.

By Neal Ford

Regular expressions should be an integral part of every developer?s toolbox, but most don?t realize what an important topic it is. Regular expressions have existed for decades, but many developers don't understand how to take full advantage of this powerful mechanism, either through command line tools and editors or in their development.

This session shows how to fully exploit regular expressions. It begins with the basic premise of how regular expressions work, then shows how to take advantage of the RegEx library built into the Java platform. This session shows how to use wildcards, escape characters, meta-tags, character class operators, look-aheads/look-behinds, and how to use the greedy operators effectively. It covers regular expressions from the beginning through to advanced usage, both in Java and in tools that support regular expressions. This session is packed with real examples of regular expressions (including a game show with no fabulous prizes).

Key Session Points:

Common Regex mistakes

By Neal Ford

This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques.

Building secure web applications is difficult. Common trivial mistakes in other programming environments break web applications. This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques. The material in this session is derived from the Open Web Application Security Project (OWASP) and other sources. It covers the OWASP top 10 list of vulnerabilities (including examples). It also demonstrates some (legal!) hacker tools that malicious developers use against you. This session includes case studies showing complete attacks, from vulnerability acquisition to compromise. It also covers open-source tools (such as Stinger) that automate some of the security jobs for developers. This session is designed to scare you – but in a good way!

Key Session Points:
* OWASP List of Vulnerabilities

1. Insecure configuration management
2. Denial of service
3. Insecure storage
4. Improper error handling
5. Injection flaws
6. Buffer overflows
7. Cross site scripting flaws
8. Broken authentication and session management
9. Broken access control

10. Unvalidated input

    • Security Tools and frameworks
    • Case Study: Hacking Oracle through a browser
    • Case Study: Cross-site scripting
    • Case Study: SQL Injection

By Neal Ford

This session shows how to use Java as the building block for domain-specific languages. It discusses the next revolution in programming: language-oriented programming and the nascent tools that support it.

If you look at the way advanced programmers in highly dynamic languages (like Lisp, Smalltalk, Ruby, etc.) work, they tend to build domain specific languages on top of their low-level language. The language syntax itself becomes building blocks for languages that are highly specific to their problem domain. It’s not as easy to apply this technique to a static language (like Java), but it is possible. This session shows how to use Java as the building block for domain-specific languages. It discusses internal and external DSLs, with pros and cons for each. This session progresses from creating an internal DSL using Java syntactic elements as keywords through using compiler-building tools to create your own external DSL arriving ultimately at the new tools that allow you to build, edit, and deploy external DSL (language workbenches). This session covers the theory and practice of building DSL's and why this is an important step in the evolution of programming paradigm.

Key Session Points: 1. Why Dynamic languages? 2. Building domain languages 3. Language-oriented Programming    a. Internal DSLs    b. External DSLs 4. Internal DSL    a. Characteristics    b. Advantages    c. Disadvantages 5. External DSL    a. Characteristics    b. Advantages    c. Disadvantages 6. Case Study: Building your own language    a. Building the parser    b. Building the lexer    c. Abstract Syntax Trees 7. Parsing other languages    a. Parsing Java    b. Parsing HTML, JavaScript, and others 8. Language Workbenches

By Neal Ford

This session builds on the theory presented in part 1 and shows how to use the new breed of tools, Language Workbenches, to build your own domain languages.

This session builds on the theory presented in part 1 and shows how to build domain specific languages by hand and how to use the new breed of tools, Language Workbenches, to build your own domain languages. This session uses Antlr and JetBrains' new Meta Programming System, which allows you to generate schemas, editors, and generators for domain specific languages. This session is an in-depth demonstration of how to create domain specific languages that have their own syntax, editors, and code generation.

Key Session Points: 1. Our Target Languages 2. Building Schemas 3. Building Editors 4. Building Generators 5. What does the future hold?

By Venkat Subramaniam

A number of new features have been introduced in Java. What benefit do these features offer you. Are there issues with using these features. For instance, when should you use annotation? The objective of this presentation is not simply to introduce you to the features, but to the effective use of these as well.

We will take a close look at a number of features that you will be expected to know well when you program using Java 5.

By Venkat Subramaniam

Java introduced Generics in the 1.5 version (Java 5). What are the capabilities of Generics? How do you use it? Are there some gotchas in using it? In this example driven presentation, we will start at the basics of generics and look at its capabilities. We will then look at some of the under the hood details on generics implementation. We will then delve into the details of some of the changes to Java libraries to accommodate generics. Finally we will take a look at some restrictions and pitfalls that we need to be familiar with when it comes to practical and prudent use of generics.

Topics: • Need for Generics • Generics in Java • Bounded Parameters • Wildcard • Restrictions • Generics Implementation • Effect of Erasure • Java libraries changes • Pitfalls and pragmatics

Benefits: • Know your generics • See how to create your own generics • Understand issues with converting to genetics • Learn the limitations • Attain the wisdom • Decide if this if for your project

By Venkat Subramaniam

Object-oriented scripting languages, or agile dynamic languages, as some like to call those, are gaining programmers' attention. Groovy bring this excitement to the Java platform with its ability to generate byte code. You can use Groovy instead of Java for some parts of your application. By learning it, you can switch between the languages where you consider fit.

In this session we will learn what Groovy is. We will take an example driven approach to look at interesting features. We will see how a piece of code you would write in Java can be written, elegantly, using Groovy. In addition to the current features, we will also discuss the state of the language and tools.

By Venkat Subramaniam

You are convinced that Test Driven Development is good for you and your project. You realize the benefits it has to offer. What's holding you back? All the code and components that your code so heavily depends on is most likely making you wonder if TDD is really for you. We will start out by looking at dependency and dependency inversion. Then we will discuss how mock objects can help separate our code from its dependencies.

In this presentation, we will take an examples oriented approach to utilizing mock objects. We will first hand toss a mock and see how our code benefits from it. Then we will take a look at using frameworks that can assist with the creation of mocks.

By Venkat Subramaniam

Is your code object-oriented? Developing with objects involves more than using languages like Java, C#, C++ or Smalltalk for that matter. From time to time, the OO paradigm stumps even expert developers. Agile programming becomes a mere act of hack if we code without knowing the OO principles. What are these principles – the ones that influence your design? In this presentation the speaker will present some of the challenges that are fundamental in nature. Then he will present OO Design principles and good practices for prudent development of OO code.

Topics: • Metrics of design • Good design vs. bad design • Perils of design • Principles for OO Design • Examples that illustrate the principles

Benefits: • Learn principles that lead to better design • Learn fundamentals that will change the way you will code • Gain insight into the design tools needed for agile development • Helps improve the quality of your system • Better your design skills

By Venkat Subramaniam

Agile development is picking up steam. You have heard about eXtreme Programming(XP). What other Agile methodologies are you familar with and what do they bring of interest or significant to the table of Agility? More important, why should you learn about these different methodologies instead of simply focusing on one? There is no one shoe that fits all. Any methodology that requires you to follow it in totality and not let you adapt is rather dogmatic, not pragmatic. To be effective we have to take the best of different approaches and apply to our projects base on our specific needs.

In this session, we will look at different methodologies (XP, Scrum, FDD, Crystal, ...) that promote agility. We then will compare and contrast the features of each. You can take away from the presentation what makes the most sense for your project and team.

By Mike Cohn

Transitioning to an agile process from a traditional process is fraught with potential dangers. Attend this class and learn the dozen things you absolutely must do in order to succeed.

Learn how to overcome resistance, communicate progress, deal with nay-sayers, get the project off on the right foot, and select an appropriate first project. This class will be equally suited for programmers, testers, managers and even customers and analysts who are interested in adopting an agile process.

By Mike Cohn

The technique of expressing requirements as user stories is one of the most broadly applicable techniques introduced by Extreme Programming. User stories are an effective approach on all time constrained projects, not just those using XP.

In this class we will look at how to identify and write good user stories. The class will describe the six attributes all good stories must exhibit and present thirteen guidelines for writing better stories. We will explore how user role modeling can help when gathering a project’s initial stories. This class will be equally suited for programmers, testers, managers and even customers and analysts who are interested in applying these agile techniques to their projects.

By Mike Cohn

Estimating and planning are key skills. A good plan helps both the organization and the developers working on the project. In this session you’ll learn how an easy and effective approach to estimating and planning that can help you create more realistic plans.

Planning is important for all projects, even for projects using agile processes such as XP, Scrum, or Feature-Driven Development. Unfortunately, we’ve all seen so many worthless plans that we’d like to throw them away altogether. The good news is that it is possible to create a project plan that looks forward six to nine months that can be accurate and useful. In this class we will look at why traditional plans fail but why planning is still necessary even on agile projects. We will look at various approaches to estimating including unit-less points and ideal time. The class will describe four techniques for deriving estimates as well as when and how to re-estimate. We will look at techniques to create a plan that dramatically improves the project’s chances of on-time completion. Also discussed will be using velocity to track progress against the plan. This class will be equally suited for managers, programmers, testers, or anyone involved in estimating or planning a project.

By Mike Cohn

There is a myth that agile projects do not need project management and that they cannot be estimated and planned. In this session we will dispel those rumors and learn why the job of the agile project manager is to do more than just buy pizza and get out of the way.

In this session you will learn why a self-organizing team will always outperform a team managed through command-and-control, how to tell when a project is on track, and how and when to make an adaptive action to get it back on track. This session will describe the four types of agile teams and the appropriate project management style for each type. You will learn how to move a team quickly from the Telling phase, through the Selling phase, and into true agility. You will also learn how to achieve unified commitment on your team through powerful focusing tools such as the product vision box, the one-page product data sheet, and elevator statement.

By Mike Cohn

Almost all of us have worked on too many projects that have failed because of economic reasons rather than technical reasons. Just as the technical team is required to estimate the effort that will go into a project, a marketing or product management team should estimate the benefits of doing the project. Benefits can come in the form of additional sales, increased customer retention, increased operating efficiencies, and so on.

In this session we will look at return on investment (ROI) as well as traditional discounted cash flow methods such as net present value (NPV), and discounted payback period. We will also look at newer approaches such as economic value added (EVA).

The math is easy, the concepts are powerful. You will return home with practical knowledge about how to apply these straight-forward techniques to prioritizing and selecting projects.

By Mike Cohn

Projects struggle for many reasons—overly aggressive deadlines, unproven technologies, scope creep, team dynamics, communication problems, and inter-team coordination are just some of the reasons. If not given attention, these problems can ultimately cause a project to fail entirely. However, if you act early and in the right way, most struggling projects can be turned around.

In this class we will look at how to determine what is causing a project to fail and then at what to do about it. You will learn how which remedies to consider in which situations and how to determine the appropriateness of each. Also covered will be advice on communicating the project correction plan to executives or project sponsors who may still think the project is on track. The class offers practical advice from the presenter’s years of experience in assessing both successful and unsuccessful projects.

By Scott Davis

The full title of this talk is, "The Sound of One Hand Clapping, or How to Pair Program with a Single Programmer -- Scaling XP to Small Projects." Everyone talks about using J2EE for massive projects, but what about the lone wolf developer? Can they still apply the lessons learned from agile development methodologies to their everyday work?

XP is an ideal methodology for dealing with small business owners and entrepreneurs. Often times small projects suffer from the complete lack of good programming practices because heavy-weight methodologies don't scale down well. Heavy-weight methodologies can also be intimidating to the non-computer professional. XP scales well to small projects and allows the domain experts to participate in good programming practices (sometimes for the very first time).

By Scott Davis

Frameworks? We don't need no stinkin' web frameworks. OK, so maybe that's overstating the case. Web frameworks do plenty of good things, but sometimes they can also be golden handcuffs. Too many web developers fall into the trap of thinking, "If it can't be done by my web framework, then it simply can't be done."

This presentation focuses on the cool things that you can accomplish by stepping out of your web framework and getting closer to the underlying technology. We'll take a detailed look at what really goes on during the request/response cycle, and how new techniques like AJAX allow you to break the mold. We'll look at the clever things you can do with MIME types, User-Agents, and HTTP Headers in general.

Old technologies like CSS, DOM, and JavaScript are experiencing a renaissance under the guise of new names like DHTML and AJAX. Google Maps and GMail are literally redefining our expectations of how rich a web application can be by using these technologies to their fullest potential. Come see what makes these sites tick, and how you can utilize the same techniques in your own site.

By Scott Davis

Hopefully your test plan involves more than, "Well, it compiled..." JUnit is fast becoming a required part of the modern Java developer's toolkit. Unit testing your Java classes is a great start, but your test plan shouldn't stop there.

This talk will introduce several additional testing tools for the web developer -- HttpUnit, Canoo WebTest, and JMeter. These tools allow you to test a live website with no changes to the production code. Even better, you can test sites that have been implemented in technologies other than Java.

You will see code examples and live demos of these tools in action. We'll talk about the differences between unit testing, functional testing, and performance/load testing. Come get "test infected" -- you'll never look at the development process the same way.

By Scott Davis

JUnit is more than a Java testing tool -- it is a testing framework that can be extended to test non-Java resources as well. In the first presentation in this series, we examined three JUnit extensions that allow you to functionally test your website. In this talk, we'll look at three more tools that web developers should have in their toolkit: JsUnit, DbUnit, and the W3C Markup Validation Service.

JsUnit allows you to test your JavaScript. Anyone who has done JavaScript development knows that cross-browser support of JavaScript is a tricky proposition. Rather than emulating a specific browser, JsUnit can literally launch different browsers and execute the test suite to ensure that the JavaScript code you wrote actually works.

DbUnit allows you to stage your database tables for unit testing purposes. You can insert and delete information as a part of your test suite. While the database isn't technically a part of the web tier, we'll show how the proper use of this tool allows you to test the other parts of the web tier with ease.

HTML compliance is difficult if not impossible to see just by looking at raw HTML. Browsers are reasonably permissive in terms of the HTML they'll render, but writing valid HTML ensures the widest possible audience for your site. We'll show you how to incorporate this free online service with JUnit.

By Scott Davis

In this presentation, we'll explore the top four mapping sites and show you how to take advantage of their free services. MapQuest, Yahoo Maps, Google Maps, and MSN Virtual Earth all bring slightly different capabilities to the table. These sites allow you to create your own interactive maps with minimum effort and no previous mapping experience. They take care of hosting the mapping data and making it easy to manipulate -- all you have to do is bring a little bit of know-how to the party.

Thanks largely to Google, web mapping is experiencing a renaissance. Google's mission statement is, "... to organize the world's information and make it universally accessible and useful". They aren't specifically talking about web mapping, but the sentiment certainly applies. If you have data that naturally has a geographic element (a customer list with addresses, sales reports by regions, even a collection of favorite restaurants), today's websites make it easier than ever to display them on a map.

Even if you aren't specifically interested in creating your own maps, this presentation gives real-world examples of many industry hot-button topics -- SOAP vs. RESTful web services, JavaScript and AJAX, and a clear distinction between first generation web technology (Web 1.0) and what the pundits are calling "Web 2.0".

By Keith Donald

In this interactive session Keith walks you through the experience of building a simple Spring-powered application from the ground up.

You will learn how to use Spring to assemble an application system from a set of focused, loosely-coupled components. You'll see how Spring enables agile development by allowing you to start simple, validate architectural choices early, and scale up infrastructure as requirements demand.

Expect live coding with a supporting business case. This "big picture" session focuses on teaching how to get the most mileage out of the Spring Framework as you can.

By Keith Donald

Spring 1.2 is out--Spring 1.3 is right on the horizon. As a broad, user-driven project with a large community, the newest releases offer a wealth of new features to be taken advantage of. This session focuses on demonstrating the most important, and how you can start leveraging them in your projects immediately.

You'll learn how to use Spring's JMX support to add manageability to your apps. You'll see how to use Spring Web Flow to create robust web applications atop business process workflows. You'll learn about Spring Security (Acegi), Hibernate 3 integration, JDK 1.5 transactional annotations, and the latest core container and utility enhancements.

By Ben Galbraith

For many of us, XML has become a ubiquitous presence in application development, whether parsing, validating, or manipulating it. For many of us, all that XML is coupled with pain, in the form of tedious APIs (like, say, the W3C DOM API) and confusing technologies (oh, I don't know, W3C XML Schema?).

In this session, I share the following tips for making the XML in our lives a little easier to deal with: - Use StAX instead of SAX - Use StAX to create XML - Use JDOM instead of W3C DOM - Use XPath to select XML - Use Jaxen to enable XPath over custom trees - Use RELAX NG instead of DTD or WXS - Use Trang when DTD/WXS output is required - Use Sun's RELAX NG Converter when WXS input is required - Consider RELAX NG's compact syntax - Use Schematron to extend schema languages - Consider XML namespaces for versioning - Ignore unknown namespaces

By Ben Galbraith

Too often, Swing applications are slow, ugly, and hard-to-maintain. It turns out that it doesn't have to be this way. Swing can be used to create highly-responsive, beautiful applications that are very maintainable. If this isn't consistent with your own experience, don't feel bad; its not very obvious how to make Swing sing.

In this session, I explore three topics that lead to much better Swing applications:

• Proper Swing threading
• High-quality third-party Swing look-and-feels
• Good practices for coding Swing applications

In the threading portion of the session, I explain Swing's event handling architecture and its implications for Swing applications. Understanding this topic is crucial to creating highly-responsive Swing apps. I demonstrate how to use this knowledge in the form of many live-coded examples, and I show how frameworks like SwingWorker and FoxTrot can make this easier. Java's default look-and-feel, Metal, is awful (and in my opinion, the "Ocean" theme in JDK 5.0 doesn't do enough to improve it); you should stop using it immediately. But creating good-looking applications is sadly more than slapping in a look-and-feel; you must also take care to understand the principles behind attractive layouts. I spend the second part of this session exploring how to make your Swing applications look great through a combination of third-party look-and-feels and layout techniques.

By Ben Galbraith

Are you spending more time plumbing your Swing applications than solving business problems? Has your Swing application grown out of control? This session is for you.

In the first part of the presentation, I analyze the architectural problems that plague many Swing applications and present architectures that overcome these problems. These architectures are presented in terms of principles along with a reference implementation. You can therefore either adapt the principles to meet the needs of your existing applications, or incorporate the specific ideas of the reference implementation into your new projects. Fortunately, there are some existing frameworks that have done some of the architectural work already. I present some of these frameworks in the rest of the presentation.

By Ben Galbraith

Ajax -- called DHTML just a few months ago -- has revolutionized (or "radically iterated", if you like) web application development in the short few months since the term was coined.

What is it all about? Why are we excited about a set of capabilites that have been sitting in our browser for years? What can you do with it? And, how can you do it?

Ajax, short for Asynchronous JavaScript and XML, is a technique for communicating with servers from within a web page without causing a page refresh.

This session provides an introduction to Ajax and an orientation to the state of the ajaxian universe. The basic ajaxian techniques will be demonstrated through live coding, and more advanced examples of Ajax will be demonstrated and deconstructed.

Attendees will understand how the Google Maps UI is built (and why it isn't as hard as it looks), how Ajax can improve portals, community sites, and pretty much any other type of web application.

Furthermore, the issues surrounding how to create an Ajax application that doesn't turn into an unmaintainable pile of hacked up crap JavaScript will be discussed.

At the end of the session, an off-line capable, web services consuming Ajax RSS aggregator will also be demonstrated.

This talk will be presented by one or more of the founders of Ajaxian.com.

The session "Ajaxian JavaScript Frameworks" complements this session, and dives deeper into specifics on how to use many of the frameworks introduced in this session.

By Ben Galbraith

In the "Introduction to Ajax" session, we discuss what Ajax is, how it works, and how others are using it.

This session goes deeper into Ajax by reviewing the existing JavaScript frameworks that aim to make it easier.

The scope of the frameworks is all over the made, from unit testing JavaScript to deconstructing other websites to making it easier to create your own ajaxian effects.

If you want to easily add some Ajax to your site, come to this talk, presented by one or more of the founders of Ajaxian.com.

By Ben Galbraith

You can do some pretty cool things with XML these days (despite what some curmudgeons in the technology world may claim). In the past few years, XML has solidified its place as the lingua franca of data sharing and data manipulation. But XML as a data transfer language is only marginally interesting. Things get really exciting when XML is dynamically transformed into other formats. In this session, I focus on two XML formats which can be readily transformed into high-quality presentation-centric output formats. XSL-FO is a typesetting format for XML that can be readily converted into PDF (or Postscript and some other formats). SVG is a vector graphics language in XML -- a sort of open-source version of the popular Macromedia Flash format. SVG files can be converted into beautiful, completely scalable -- and interactive - - images.

You can do some pretty cool things with XML these days (despite what some curmudgeons in the technology world may claim). In the past few years, XML has solidified its place as the lingua franca of data sharing and data manipulation. But XML as a data transfer language is only marginally interesting. Things get really exciting when XML is dynamically transformed into other formats. In this session, I focus on two XML formats which can be readily transformed into high-quality presentation-centric output formats. XSL-FO is a typesetting format for XML that can be readily converted into PDF (or Postscript and some other formats). SVG is a vector graphics language in XML -- a sort of open-source version of the popular Macromedia Flash format. SVG files can be converted into beautiful, completely scalable -- and interactive - - images.

By Ben Galbraith

It sounded like such a good idea back in the mid-nineties: based the Java platform on a standards-based, open community, and let anyone participate. There is no question that Sun's strategy for Java's stewardship via the JCP and sponsored open-source has yielded some enormous benefits. However, these have not been enjoyed without tremendous cost.

Perhaps the recent pop-culture book The Paradox of Choice put it best: "When people have no choice, life is almost unbearable. As the number of available choices increases, [as it has in the Java community], the autonomy, control, and liberation this variety brings are powerful and positive. But as the number of choices keeps growing, negative aspects of having a multitude of options begin to appear. as the number of choices grows further, the negatives escalate until we become overloaded. At this point, choice no longer liberates, but debilitates. It might even be said to tyrannize."

Does this ring true in your environment? Are you tired of spending countless hours evaluating IDEs, build systems, app server vendors, competing web frameworks, competing persistence standards, competing vendor implementations of those standards, and so forth? You're not alone.

The mess of competing standards, implementations, and other overlapping non-standard frameworks in Java, and lack of a single authoritative vendor-guide (i.e., Sun's "guidance" has proved irrelevant and unproductive) kills Java's productivity for all but a handful of experts with the experience to navigate the landscape.

This session details the ideas and experiences of one enterprise that has set out to solve this problem. The topics reviewed will consists of:

• Defining a standard "stack" of Java frameworks and technologies, but also "standardizing on demand"

• Creating a template application that acts as the starting point for any new project

• Approaching reuse retrospectively, not prospectively

• Unifying training and support, and providing organization mentoring

• Simple project health monitoring

Of course, the idea of standardizing application development in an organization is nothing new. You may have tried it. Did it work? Being successful at this endeavor is tricky, and most efforts fail.

While the specific example detailed in this session is still underway and its too early to declare unqualified success, come learn about this effort and how its principles can be applied in your organization.

By Andrew Glover

Understanding what code coverage represents, how to effectively apply it, and how to avoid its pitfalls will give you an unprecedented understanding of how unit tests may or may not be covering you from sneaky defects.

You’ve drunk the XP cool-aide and made a concerted effort to actively unit test your code. After awhile, however, you may find yourself wondering how good are those tests? Are they actually covering the code adequately? Understanding what code coverage represents, how to effectively apply it, and how to avoid its pitfalls will give you an unprecedented understanding of how those unit tests may or may not be covering you from sneaky defects. We’ll talk code based coverage and specification-based coverage and we’ll look at the tools available to gather these metrics in both the open-source and commercial worlds. Additionally, we’ll examine the notion of mutation testing and its affect on code coverage.

By Andrew Glover

The knowledge of how to effectively spot smelly code and replace it with proven patterns will ultimately lead to a more stable, maintainable and elegant code base.

Often times, candidate code for refactoring is based upon a source file's smell, which its spotting can take time to acquire and is largely based upon subjective determinations. The proper use of code metrics, such as Cyclomatic Complexity, Fan-In, Fan-Out, and Depth of Inheritance can also facilitate the discovery of candidate code which is in need of refactoring.

For example, Cyclomatic Complexity is adept at spotting methods containing a high degree of conditional logic, which, consequently, can be replaced with polymorphism as elaborated in Martin Fowler's seminal work, Refactoring with the Replace Conditional with Polymorphism pattern. Additionally, excessively deep hierarchy trees create problematic testing targets, which can be broken out into separate objects with Fowler's Replace Inheritance with Delegation and Collapse Hierarchy patterns. Fan-In and Fan-Out are quite effective at pinpointing brittle code, which can be refactored into a more stable state with a plethora of patterns including Extract Hierarchy and Extract Class.

By Andrew Glover

No one will argue that JUnit has positively affected the quality of thousands of Java applications around the world. JUnit’s simplicity and ease of use ushered in a whole new era of code quality; however, as many developers have found, its simplicity has also limited its use. TestNG was designed from the ground up to overcome some of JUnit’s limitations; moreover, TestNG’s features make it a great tool to complement your JUnit tests.

In this session we’ll learn about TestNG’s flexible fixture model, its test categorization capability, dependent methods, and TestNG’s powerful parametric testing facility. We’ll also see how both TestNG and JUnit can play together in a build process.

By Stuart Halloway

Java has always provided a model for concurrency and threads. With Java 1.5, this model received a major facelift. Learn how to use the new concurrency utilities to build responsive, scalable, and correct concurrent applications.

Java's support for threads is broad and deep. From the early days of the platform, programmers have used threads, synchronized blocks, and monitors to build safe multi-threaded applications. Java 1.5's new concurrency utilities greatly reduce the need to use these primitives directly. Now, Java provides a set of lock classes and task scheduling tools that provide much more leverage in writing real applications. We'll explore java.util.concurrent, and also see how the Java Memory Model has been corrected in 1.5.

Most of the advantages of java.util.concurrent can also be had in previous version of Java. We'll discuss Doug Lea's concurrency utilities and the backport of java.util.concurrent to 1.4. Both of these are appropriate for production use.

Finally, we'll look at common mistakes in multi-threaded programming. The most common mistake is using threads when you don't need them. We'll look at alternatives to threads, and how to choose between them.

By Stuart Halloway

For centuries people have used crypto to build (and break) secure systems. Computers have only raised the pitch of conflict, providing enormous cryptographic power at commodity prices. Most programmers do not write their own crypto libraries, instead relying on the services of an operating system or virtual machine. But even with all this support, building secure systems is a daunting task.

This talk will cover three things all programmers need to know: 1. the basic tools of computer crypto 2. the programmatic APIs to these tools 3. common programming mistakes that can undermine otherwise secure systems You will learn the basics of hashing, message digests, public key encryption, symmetric key encryption, certificates, and key management. With each, you will see programmatic examples, with advice for correct usage.

By Stuart Halloway

The Java platform is built from the ground up with security in mind. This talk will introduce the security features of the J2SE, building quickly from the basic classes to realistic examples.

You will learn the core APIs:

SecurityManager, AccessController, Permissions and Policy

JAAS Subjects, Principals, and LoginModules

You will then see how to invoke these APIs in real application scenarios. You will learn how to:

Partition your applications to safely invoke downloaded code

Read and write Java policy files

Extend the architecture with custom permissions

Provide secure services through PrivilegedActions

Use JAAS to authenticate and authorize users

By Stuart Halloway

JUnit is great. Jython and JRuby are even better. Unit testing libraries look the same everywhere, so why not use the one that lets you get your job done faster?

Unit testing has taken the world by storm. Almost every major language has a JUnit-like library. And here's the good news: These libraries are so similar that once you learn one, you can use any of them.

Given that many languages interoperate directly with Java, you aren't limited to JUnit. You can pick the library that provides the best language level support for writing concise, easily maintainable unit tests. Circa late 2005, there are good arguments for the unittest module in Jython, and Test::Unit in JRuby.

The talk is divided into three parts:

1. A crash introduction to unit testing Java code. We'll cover test-driven development, test cases, assertions, fixtures, and test suites. We'll be using Jython and JRuby but the concepts are exactly the same in any language
2. A look at the Python and Ruby features that make Jython and JRuby compelling choices. We'll see how tests are faster to develop and easier to maintain than JUnit tests. And perhaps surprisingly, we'll also see how tests scale better when applications get large.
3. A candid comparison of Jython, JRuby, and JUnit, including advantages and disadvantages of each. One size does not fit all.

By Ramnivas Laddad

J2EE has become the main new platform for enterprise application deployment. Good performance is an important business requirement. Supporting this requirement needs application profiling during the development phases and performance monitoring after application deployment. Come to this session to understand challenges and choices in monitoring J2EE applications.

Performance monitoring solutions must work under constraints imposed by the environment. Further, they must balance conflicting requirements such as overhead vs. richness of information. All of these need careful understanding of both requirements and solutions as well as the costs of any tradeoff decisions.

This session presents various tools and techniques available for monitoring J2EE applications. We will consider requirements of performance monitoring solutions in different scenarios. We will also discuss underlying enabling technologies such as Java Virtual Machine Profiling Interface (JVMPI), Java Virtual Machine Tool Interface (JVMTI), JFluid, JMX, design patterns, and aspect-oriented programming (AOP). During the session, we will demonstrate many of the tools and technologies discussed.

By Ramnivas Laddad

Aspect Oriented Programming (AOP) enables modularizing implementation of crosscutting concerns that abound in practice: logging, tracing, dynamic profiling, error handling, service-level agreement, policy enforcement, pooling, caching, concurrency control, security, transaction management, business rules, and so forth. Traditional implementation of these concerns requires you to fuse their implementation with the core concern of a module. With AOP, you can implement each of the concerns in a separate module called aspect. The result of such modular implementation is simplified design, improved understandability, improved quality, reduced time to market, and expedited response to system requirement changes. Come to this session and learn all about how AOP can help you simplify developing complex systems.

AspectJ (http://eclipse.org/aspectj) is the leading implementation of AOP for the Java programming language. AspectJ is a new language as well as its implementation. The output produced by the AspectJ compiler is compatible with the Java byte code specification. Further, AspectJ is well integrated with the most commonly used IDEs, which makes the Java developer more productive.

This session is targeted at the developer with no or little familiarity with AOP and AspectJ. It will introduce AOP’s concepts and the AspectJ programming language, along with many examples and live coding to solidify the concepts learned. After attending the session, you will have a clear idea about AOP's value and its practical applications.

By Ramnivas Laddad

Aspect Oriented Programming (AOP) enables modularizing implementation of crosscutting concerns that abound in practice: logging, tracing, dynamic profiling, error handling, service-level agreement, policy enforcement, pooling, caching, concurrency control, security, transaction management, business rules, and so forth. Traditional implementation of these concerns requires you to fuse their implementation with the core concern of a module. With AOP, you can implement each of the concerns in a separate module called aspect. The result of such modular implementation is simplified design, improved understandability, improved quality, reduced time to market, and expedited response to system requirement changes. Come to this session and learn all about how AOP can help you simplify developing complex systems.

AspectJ (http://eclipse.org/aspectj) is the leading implementation of AOP for the Java programming language. AspectJ is a new language as well as its implementation. The output produced by the AspectJ compiler is compatible with the Java byte code specification. Further, AspectJ is well integrated with the most commonly used IDEs, which makes the Java developer more productive.

This session is targeted at the developer with no or little familiarity with AOP and AspectJ. It will introduce AOP’s concepts and the AspectJ programming language, along with many examples and live coding to solidify the concepts learned. After attending the session, you will have a clear idea about AOP's value and its practical applications.

By Ramnivas Laddad

Aspect-oriented programming (AOP) promises to modularize crosscutting concerns. Like all new technologies, AOP has its share of over zealousness and unjustified criticism, neither of which is useful to developers deciding if they should use AOP in their applications. Attend this talk to understand the real deal behind AOP and change your perspective of AOP forever.

This talk goes beyond myths surrounding AOP and shows the real deal. It examines many practical applications implemented with and without aspects, providing a context for scrutinizing AOP. It also discusses ways to adopt AOP in pragmatic, risk-managed ways allowing developers to try AOP in their own system and gain understanding at the experiential level without exposing them to undue risk.

This session is aimed at developers who have some understanding of AOP, perhaps even considering using it in their system, but have some lingering concerns about its practicality. After attending the session, you will have a clear picture of AOP and be ready to make a studied decision about it.

By Ramnivas Laddad

A lot is happening in the field of Aspect-oriented programming (AOP). AspectJ and AspectWerkz, the two leading AOP implementations, have merged, bringing in their respective strengths. The merged version, AspectJ 5, adds many new features aimed at simplifying writing and deploying aspects. The new features include an annotation-based and XML-based syntax to define aspects, support for new Java 5 concepts, and load-time weaving. The tools support for AOP continues to improve, as well. Further, the most popular IOC framework, Spring, enables integrating aspects written in AspectJ. There is also serious discussion and preliminary work going on to support AOP right into the VM itself. All in all, there is a lot to learn about the changes in the exciting field of AOP. This session is designed to help you get up to date with all these changes.

This session provides a guided tour of the new things in the AOP world. It explains new features in AspectJ along with the practical considerations in utilizing each of them. The presentation explores the fundamental synergy between AOP and metadata to understand right (and wrong) utilization of metadata-based crosscutting. Load-time weaving (LTW) enables adding aspects to your existing applications deployed in any application server with a minimal effort. The presentation shows how to utilize LTW to improve your productivity considerably, even if you don't yet subscribe to the AOP philosophy and don't want to use AOP in production. The presentation also demos the latest AspectJ Development Tool (AJDT) in Eclipse (that has improved a lot) to make Java developers feel home when developing with aspects. The presentation includes many demos to reinforce the concepts learned, as well as give a feel for what it would be like to apply aspects written using new features.

This session is particularly targeted at developers with good familiarity with AOP concepts and the AspectJ language. It is recommended to attend the “Introduction to Aspect-oriented programming with AspectJ” session or read articles and/or books that introduce AOP and AspectJ to obtain the prerequisite.

By Kito Mann

JavaServer Faces (JSF) is a standard web user interface framework, developed under the Java Community Process (JSR 127), and released in March, 2004. JSF specifies a web user interface component model, complete with server-side event handling, validation, internationalization, page navigation, and declarative mapping between user interface components and Java objects.

This talk explains what JavaServer Faces is, and how it relates to Struts and other web frameworks currently on the market. It covers JSF's architecture and key concepts, and also show a sample application inside of an IDE such as Sun Java Studio Creator.

By Kito Mann

As JavaServer Faces (JSF), the new standard Java web application framework, grows in popularity, development teams are beginning to evaluate different strategies for migrating from Struts to JSF.

This session begins with a brief overview of JSF. Next, it examines different strategies for using Struts and JSF together as well as migrating from Struts to JSF, discussing the pros and cons of each approach. The session ends with an overview of future directions for JSF as well as Struts, and the Struts Shale project.

By Kito Mann

With the growing popularity of new Java web frameworks, such as JavaServer Faces, Tapestry, and WebWork, Struts 1.x has lost its competitive edge in the web framework landscape. Recently, Craig McClanahan, the founder of Struts, initiated Struts Shale, a proposed next-generation framework built on top of JavaServer Faces.

This session examines Shale in detail, looking at its current feature set, architecture, and future road map.

By Kito Mann

Over the past few years, a lot of time has been spent explaining what JSF is, and how different pieces of it work. However, little attention has been given to the process of architecting applications. This makes JSF architecture seem like a black art, since there are so many possible approaches to the application's architecture.

This session looks at different techniques for structuring JavaServer Faces (JSF) applications, and examines the consequences of each technique. In addition, we will examine extension points within JSF, and how they can be leveraged to provide features such as security, alternate templating technology, and access to external resources. The session ends with some additional tips and best practices.

Prerequisite: Experience with JavaServer Faces.

By Kito Mann

In late 2003, the Java Community Process released the Portlet API, designed to ease the progress of writing portlets for different portal environments. Using the Portlet API, developers can build reusable application components that work with portal servers from IBM, BEA, Oracle, Vignette, Apache, and other companies and open source organizations.

This session begins with an overview of the benefits of portal servers and portlets. It then explains how portlets relate to servlets, and provides examples of how to use the API. The session ends with a discussion of using well-known frameworks such as Struts and JSF within a portlet environment, and looks at future directions of the API.

By Jared Richardson

Are your product designs hit or miss? Do you have trouble building a loosely coupled system? Is your code incestuous? Refactoring not an option with your code base? Tracer Bullets help keep your project out of the fire.

Tracer Bullet Development:

* helps you create great software
* lends itself to an iterative cycle
* can be used for demos early and often
* is easily refactored
* allows your teams to work in parallel
* makes a very testable system

Tracer Bullets can coexist with nearly any other development methodology. Come see how easy it is!

By Jared Richardson

a.. Do you spend more time fighting your tools than writing code? b.. Do you avoid merging your code with your teammates because of “Integration Hell”? c.. Do the same bugs keep sneaking back into your product? d.. Do your builds depend on the roll of the dice?

A good set of infrastructure tools can go a long way toward smoothing out these and other problems. Come see how to make your toolset work seamlessly in the background so you can Just Work. We'll cover source code management (SCM), build scripts, automated test harnesses, automatic builds, feature tracking and issue tracking.

As part of the session, we'll set up Subversion, create a project, and then add code for the SCM section ... just to obliterate the "it takes too much time to set up and use" argument. For build scripts, we'll add an Ant script. Let's throw in a few JUnits to demonstrate test automation, and then I'll put it all together in CruiseControl. The live demo will include breaking the build, then breaking the JUnit test, and then finally fixing it and seeing it all work.

For this first session, we'll look at Subversion, Ant, and start the Cruise Control discussion.

By Jared Richardson

Throughout our software careers we learn habits from our coworkers, from books we've read, and occasionally, from conferences we attend. Much of our competence comes from the tips and tricks we pick up as we go.

In this session, learn five of the techniques I've borrowed along the way. We'll discuss The List, code reviews, code change notifications, daily meetings, and tech leads. These techniques are often abused, but when used properly they can make a huge difference in how you develop software. Take this opportunity to add these practices to your toolkit.

By Eitan Suez

JiBX is an open source XML data binding API for Java. JiBX is younger than most other APIs in this space (Castor XML, BEA XMLBeans, JAXB). JiBX's philosophy on data binding is that: [a] databinding should be fast, and [b] databinding frameworks should allow for the divergence and evolution of your codebase from its xml representation. JiBX excels on both counts and consequently is a practical tool for the purpose of data binding. In this session, Eitan will be covering all aspects of Dennis Sosnoski's JiBX framework.

Session Goals: To learn the JiBX API in detail. JiBX can considerably simplify the task of parsing XML content into business objects and generating XML representations of these business objects.

Prerequisites: Basic understanding of XML, but not of any of the variety of standards that build upon that foundation. Basic understanding of the Java programming language.

Session Rating: Intermediate

Category: XML/Web Services

By Eitan Suez

Today, the Cascading Style Sheets (CSS) specification is well supported by the major browsers (Mozilla, Safari, IE). CSS has become a practical tool for web content publishers that has helped turn heavy, buggy, and hard-to-maintain web sites into lean, clean, and stylish ones. CSS is sometimes stereotyped as a technology geared for graphic designers and artists. I beg to differ: I see CSS as a refactoring tool for content publishers and one that encourages content to become more strongly semantic. Come see a developer's perspective on CSS and how it can be applied to refactor your web content.

Session Goals: To "grok" CSS. To dispell the myth that CSS is not a tool for software developers. To learn to wield CSS to produce superior web user interfaces.

Prerequisites: Prior experience with web technologies (specifically HTML) is assumed. Audience is assumed to have a programming background.

Session Rating: Intermediate

Category: Languages

By Eitan Suez

Join Eitan in this hands-on session on Naked Objects. This session uses the "learning by doing" approach to learning an API or framework. Naked Objects is a powerful tool that can give you a significant advantage in the development of business systems. It gives you the ability to prototype a software application so quickly that it can be performed during information gathering phases of a project. It gives you the power to codevelop the core business model of your application with a non-developer business expert at your side. No prerequisite knowledge of Naked Objects is required.

Session Goals: To learn to write software applications (possibly system prototypes) using the NakedObjects framework. Developing applications that use NakedObjects requires knowledge of the conventions and contract of this framework. NakedObjects is a fairly radical development in the domain of business software application development. Awareness of the concepts and implications of expressive systems is an important secondary goal.

Prerequisites: Basic understanding of the Java programming language and of object-oriented programming and design. Familiarity in the domain of business application software development.

Session Rating: Intermediate

Category: Architecture

By Eitan Suez

Classes will often bear various states. Examples include a user who may be "logged in" or "logged out," a bill that is "open" or "paid," or potentially a more complex situation where an object obeys a set of complex rules that determines which of a number of possible states that object is in. The Gang of Four gave us the State Pattern, a fairly straight-forward mechanism for developers to model and implement the behaviour of stateful objects. The State Pattern is only the beginning of the story. Robert Martin developed the State Machine Compiler and has taken the job of developing and maintaining stateful systems to a new level. Today, SMC is a well-maintained open source project hosted on sourceforge.net. Come learn about SMC, a fundamental tool for implementing stateful classes and systems that every software developer should have in his toolchest.

Session Goals: Developers today are faced with increasing pressure to deliver robust software with increasing levels of sophistication and features. The goal of this session is to introduce a software consruction tool that cleanly separates the concern of managing object state transitions from the rest of a software system. The end result is an application that takes less time to code, is easier to maintain, and that can dramatically reduce the complexity (and consequently the increases the quality) of the implementation.

Prerequisites: Basic understanding of the Java programming language and of object-oriented programming and design. Familiarity with "Gang Of Four" Design Patterns.

Session Rating: Intermediate

Category: Architecture/Languages

By Bruce Tate

This session, for the Spring beginner, helps you: • Understand dependency injection and inversion of control • Know the meaning of lightweight containers and Spring • Understand the basic pieces of Spring • See core Spring modules in action, including Persistence, AOP, transactions.

Attendees need not know anything about Spring. This session does talk about integration with core J2EE frameworks like JDBC and transactions.

The Spring framework is one of the fastest growing open source frameworks. New job postings are gaining rapidly, and many customers are adopting Spring instead of heavier alternatives. In this session, we’ll introduce Spring. You’ll see how Spring can give you much of the power of EJB, without the complexity or pain.

Spring uses concepts like dependency injection and aspect oriented programming to ease standard enterprise development. Spring developers write plain, ordinary Java objects (POJOs), instead of sophisticated components. In this session, you’ll see a basic Spring application. You’ll also see some details about some of the enterprise integration strategies, including:

• Spring AOP • Transactions • Persistence • Model/view/controller

When the session is over, you won’t be an expert, but you should have a much clearer understanding of what Spring does, what it doesn’t do, and why it’s growing so rapidly.

By Bruce Tate

Agile programming is a collection of core principles and techniques that allow software developers to create lighter, more responsive applications, and to have fun doing it. Many established organizations are either openly or sub-conciously hostile to many of the principles of Agile development.

We'll explore the intersection of these new practices and old-world sensibilities, relying on real-world case studies to illustrate some of the compromises that are necessary to bridge the gap. In addition to technical and process aspects, we'll also spend some time talking about the business aspects, such as how Agile development affects contracts.

By Bruce Tate

O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer.

This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.

By Bruce Tate

All programming languages have a limited life span, and Java is no different. This is a philosophical session rather than a programming session. Sooner or later, Java will lose its leadership position. This session will explore Java's strengths and weaknesses. We'll try to understand whether conditions are ripe for alternatives to emerge, and what those alternatives may be.

The Java programming language has been tremendously successful. Many of the roots of its success may be surprising to the audience. But every major programming language has a limited life cycle. While it’s true that Java and .NET seem to be the only games in town, some alternatives are beginning to emerge.

In this session, we’ll discuss some of the limitations of the Java language, and the impact that they might have on the productivity of Java developers. We’ll then look at some of the innovations around other frameworks and languages, and some of the features of those languages that boost the productivity of other non-Java developers:

• Typing, and why it matters • Code blocks and closures • Regular expressions • Innovative frameworks

Finally, we’ll take a look at where developers may look at using other languages. Clearly, most of the work that we do will be in Java for the foreseeable future, but certain project classifications may make it much easier to embrace alternatives, for good competitive effect.

By Dave Thomas

Are you frustrated by experts who can't tell you what to do, or by junior team members who refuse to see the big picture? How can you best develop careers: both yours and those of your teammates and managers? How can we learn to apply experience more effectively, and why do the many approaches designed to tame complexity actually end up increasing it?

Dave Thomas, of The Pragmatic Programmers, describes the solutions to these and other problems as he turns the Pragmatic Spotlight (and a good dose of twisted humor) on formal learning models, the Nursing profession, and streamlining sheep.

By Dave Thomas

Ruby recently enjoyed its tenth birthday. Instead of cake and candles, the community celebrated by releasing a wave of new libraries and frameworks that make Ruby programming even easier. This talk features some of the best of these, as we explore Ruby.

We'll spend about half the session getting to know Ruby: the syntax, type system, blocks, iterators, and so on. Then we'll dive in and develop some real-world code using web services, RSS, and databases. If you want to come to the Rails talk, and you're not that familiar with Ruby, this talk is a good starting point.

By Dave Thomas

The Ruby on Rails framework has exploded onto the scene over the last few months. Propelled by some genuine benefits, and fueled by a whole lot of controversy, Rails seems here to stay. So, is it a Java killer? (No.) Is it a great way to develop certain classes of web application? (Yes.) Does it really deliver the 10-fold increase in developer productivity that some have claimed? (It depends...)

If you can't help thinking that there must be an easier way of developing web projects, come and join us as we construct an MVC-based Ruby on Rails application using the very latest libraries and tools. You'll get a taste of Ruby, and also a feel for some of the power and productivity gains offered by this remarkable framework. You'll need a grounding in Ruby to get the most from this talk; if you're not already a Ruby developer you might want to attend the Facets of Ruby talk before coming to this one.