Developing enterprise applications ain't easy. You not only have to worry about constantly evolving business logic, but also need to address infrastructure concerns ranging from transaction management and security to manageability and integration with diverse external applications. Spring, the most popular lightweight enterprise application framework, comes to the rescue by simplifying the common needs of enterprise applications. This session (part 1 of 2) presents the core concepts of the Spring Framework.

In this session we discuss the motivations behind the Spring way of creating enterprise applications. We cover the core ideas such as POJOs, dependency injection, container configuration, aspect-oriented programming, and portable abstraction layers. We also show how all of these concepts work together using a simple application. By the end of this session, you will have a clear idea of what Spring is and what it can do for you.

This session (part 2 of 2) will cover advanced concepts in the Spring framework. While the core concepts in the first session will get you started with Spring, the advanced concepts in this session will help you be more effective at developing Spring-based applications.

In this session, we will cover several advanced concepts including how to extend Spring to meet your special requirements. We will also cover effective ways to test your Spring applications. You will learn how to use Spring effectively across a wide range of technical areas such as web applications, persistence, messaging, manageability, batch processing, and security. By the end of this session, you will be ready to start using Spring - or if you have already started using Spring, you should be able to do so more effectively.

Spring Security (formerly known as 'Acegi') enables self-contained, consistent, and extensible solutions for securing your applications. Version 2.0 provides major enhancements including a domain-specific XML namespace, convention-based defaulting, and annotation support. This provides a significantly simpler experience for developers while still supporting the same degree of flexibility.

Spring Security's interceptor-based approach is non-invasive even when extended to accommodate domain-specific requirements. The two main security processes (authentication and authorization) are decoupled in order to provide flexibility across a wide variety of providers and strategies. This presentation will include an overview of Spring Security's pluggable authentication process and how it accommodates a wide range of possibilities including Database, LDAP, Single Sign On, and even an in-memory option for development and testing. We will then proceed to cover authorization where you will see its consistent approach for securing web requests and method invocations. Throughout the session, we will walk through a sample application that demonstrates Spring Security's core features.

Aspect-oriented programming (AOP) is a proven paradigm for enforcing broad organizational policies. In this session, we will explore the definition and enforcement of software architecture policies to help keep a code base clean. We will examine several reusable examples you can apply within your own organization to catch architectural violations.

Architectural policies originate from a variety of sources: consensus among developer community about generally accepted programming idioms and best practices, your own ideas on what a good architecture looks like, requirements of the underlying framework, core architecture of the specific project, and specific design choices made by the team on a project. In short, policies represent accumulated knowledge to create better quality software. If there is no enforcement, the errors may go undetected during development and show up only in the deployed system. Often if one error is allowed to go undetected, the associate code often ends up mistaken as design pattern.

In this session, we look at ways to implement architectural enforcement policies along with many reusable examples. Attendees will learn to define policies, and ensure architectural violations are detected immediately upon their introduction into a code base leading to a solid implementation that is faithful to its design.

Specifying metadata using annotations has gained huge popularity since its introduction in Java 5. However, the story on consuming annotations isn't as clear. Reading and processing annotation is still a complex process often requiring you to understand byte-code manipulation tools and their low-level API. As a result, most developers shy away from using custom annotations, limiting their usages of annotations only those prescribed by frameworks. The result is missed opportunities for programming simplification. In this session, we explore how AOP can make it a simple task to consume annotation in a powerful manner.

This session explores many opportunities to consume annotations using Spring AOP and AspectJ. The examples discussed in this session cover a wide range from auditing, monitoring to security, transaction management, and policy enforcement. It also examines best practices in using annotations to avoid pre-processor like use of them.