By Andrew Glover
It has been said that Grails is the addiction and Groovy is the drug. If you want to start building slick web applications rapidly with Grails it helps to start with a solid understanding of the Groovy language itself.

It has been said that Grails is the addiction and Groovy is the drug. If you want to start building slick web applications rapidly with Grails it helps to start with a solid understanding of the Groovy language itself. In this session, we'll go over the basics of the language by focusing on the core of Groovy. We'll look at Groovy collections, Groovy's interaction with Java, creating Classes in Groovy, Groovy's MOP and much much more. By the end, you'll be a Groovy expert ready to embrace all the language has to offer.

By Andrew Glover
No one will argue that JUnit has positively affected the quality of thousands of Java applications around the world. JUnit’s simplicity and ease of use ushered in a whole new era of code quality; however, as many developers have found, its simplicity has also limited its use. TestNG was designed from the ground up to overcome some of JUnit’s limitations; moreover, TestNG’s features make it a great tool to complement your JUnit tests.

In this session we’ll learn about TestNG’s flexible fixture model, its test categorization capability, dependent methods, and TestNG’s powerful parametric testing facility. We’ll also see how both TestNG and JUnit can play together in a build process.

By Andrew Glover
What makes Groovy particularly appealing with respect to other
scripting platforms is its seamless integration with the Java platform. Because it's based on the Java language (unlike other alternate languages for the JRE, which tend to be based on earlier predecessors), Groovy presents an incredibly short learning curve for the Java developer. And once that learning curve has straightened out, Groovy can offer an unparalleled rapid development platform.

What makes Groovy particularly appealing with respect to other
scripting platforms is its seamless integration with the Java platform. Because it's based on the Java language (unlike other alternate languages for the JRE, which tend to be based on earlier predecessors), Groovy presents an incredibly short learning curve for the Java developer. And once that learning curve has straightened out, Groovy can offer an unparalleled rapid development platform.

The secret to Groovy's success, in this regard, is its syntax, which is Java syntax, but with far fewer rules. For example, Groovy doesn't require semicolons, and it makes variable types and access modifiers optional. Moreover, Groovy makes use of the standard Java libraries you're already familiar with, including Collections and File/IO.
And, finally, you can utilize any Java library from within Groovy, including JUnit.

The fact is, Groovy's relaxed Java-like syntax, its reuse of standard Java libraries, and its rapid build-and-run cycle make it an ideal candidate for rapidly developing unit tests. But don't just take my word for it; let's see it in code!

By Brian Goetz
Performance myths about the Java platform abound, from the general "Java is slow", to the more specific "reflection is slow", "allocation is slow", "synchronization is slow", "garbage collection is slow", etc. Many of these myths have their root in fact (in JDK 1.0, everything was slow); today, not only are many of these statements not true, but Java performance has surpassed that of C in many areas, such as memory management.

In this class, we'll look at some common Java performance myths, identify where they came from, and explore the platform changes that have rendered them no longer true. Many common performance hacks don't actually help, and some can seriously hurt performance. The result is that clean code that follows common usage patterns generally shows far better behavior on modern JVMs than code laden with tweaks designed to "help" the JIT or garbage collector. More often than not, this well-intentioned assistance has the unfortunate effect of undermining many common JIT optimizations, resulting in slower -- not faster -- code.

By Brian Goetz
The Java language included support for threads and concurrency from day 1, but writing correct multithreaded programs is not easy. This session will cover the how and why of using threads in Java.

Programming is hard, but concurrent programming is harder. Concurrent programs are at risk for all the safety, liveness, and performance hazards that sequential programs are. But there are also many hazards that apply exclusively to multithreaded programs, such as race conditions, stale data, and deadlock.

If an object is going to be accessed from multiple threads, it should be thread-safe. The requirement for thread-safety is often introduced into Java programs not by explicit use of threads within the program, but by the use of frameworks, such as Servlets and Swing, which create threads and call application components from those threads.

This class will cover what is thread safety, how to create thread-safe classes, and what costs and benefits you can expect to encounter by using threads in your programs.

By Brian Goetz
JDK 5.0 is a huge step forward in developing concurrent Java classes and applications, providing a rich set of high-level concurrency building blocks.

Prior to the release of JDK 5.0, the Java platform provided basic primitives for writing concurrent programs, but they were just that -- primitive -- and difficult to use properly. Building multithreaded applications on the Java platform's low-level concurrency primitives posed many traps for the unwary, and many developers were forced to reinvent the wheel by writing their own classes for thread pools, semaphores, and task schedulers.

To help users create robust, scalable, and (most importantly) correct multithreaded applications, JDK 5.0 includes a rich set of high-level concurrency constructs, such as thread pools, semaphores, mutexes, barriers, and high-performance concurrent collection classes. Using these concurrency utilities will, in most cases, make your programs clearer, shorter, faster, easier to write, and more reliable. This session provides you with an overview of the new high-level concurrency utilities in the new java.util.concurrent package in JDK 5.0.

By Brian Goetz
Does your program have bugs, despite unit tests, integration tests, and code reviews? You bet. Are you using static analysis as part of your QA process? If not, you're probably missing out on some bugs that can be caught before they bite your customers.

The cost of finding a bug increases dramatically the longer it lurks without being discovered. Fortunately, today?s development tools (IDEs and compilers) can identify many potential bugs within a few seconds of their creation, resulting in higher quality code and more productive programmers. However, even the best programmers can create bugs that are very hard to spot if they make it through their first few minutes of their existence.

Until recently, automated code analyzers have not been very useful for mainstream developers. Most code analysis packages focused either on stylistic issues (such as indenting and variable naming), or on formal correctness proofs (which require an investment in specification that few developers can afford to make.)

FindBugs, an open-source tool developed by Bill Pugh and David Hovermeyer of the University of Maryland, has raised the bar for ease-of-use and effectiveness of automated code analysis for finding bugs. FindBugs has been able to find many serious bugs in production software, including Eclipse, JBoss, Apache Tomcat and Sun's JDK implementation, with an impressively low false-positive rate compared to other approaches.

This session will explore how static code auditing tools work, how it is easy to write bug-detector plugins to find new bug patterns, presents some common bug patterns and fun "find the bug" puzzles, and shows how code auditing tools can easily identify them.

Every developer will want to have these tools in their toolbox.

By Brian Goetz
What's the worst thing that can happen when you fail to synchronize in a concurrent Java program? Its probably worse than you think -- modern shared-memory processors can do some pretty weird things when left to their own devices.

Java was the first mainstream programming language to incorporate a formal, cross-platform memory model, which is what enabled the development of write-once, run-anywhere concurrent classes. It is the Java Memory model that defines the semantics of synchronized, volatile, and final.

However, because the most commonly used processors (Intel and Sparc) offer stronger memory models than is required by the JMM, many developers frequently use synchronization and volatile incorrectly, but have been insulated from failure by the stronger memory guarantees offered by the processor architecture they happen to be deploying on. (The infamous "double checked locking" idiom is an example of this sort of error.)

Understanding the Java Memory model is key to using the core concurrency primitives (synchronized and volatile) to develop thread-safe, efficient concurrent classes. We?ll cover what a memory model is (and why we should care), what synchronization really means, and what can really go wrong when we fail to synchronized correctly.

By Brian Pontarelli
Learn how to use ACEGI in an AJAX friendly way so that when you user's sessions expire, they can quickly log back into the application and continue where they left off. This will cover in detail the changes that were made to the ACEGI framework to support AJAX authentication, why ACEGI needed to be changed and how to implement this solution in a new or existing application that uses the ACEGI framework for authentication.

Attendees should take away all the information required to implement an AJAX authentication using ACEGI in a Java web application.

By Brian Pontarelli
This presentation covers all the basics of the Jini platform, which has recently been transitioned from Sun to Apache. This presentation will show how to construct a service based application using Jini as well as how the Jini network is structured and deployed. In addition, a demonstration of the cool Jini features such as dynamic discovery, recovery and provisioning will be given.

Attendees are encouraged to bring laptops which will be able to participate in the demonstration Jini network. JDK 1.5 is required to run the demonstration application.

By David Geary
In April 2005, annual growth rates for jobs in JavaServer Faces, Struts, and Ruby on Rails were all at about 0%. Today, Struts' growth rate still hovers around 0%, but JSF and Rails have taken off. At the end of 2007, both JSF and Rails were growing at a rate of between 400-500% annually (according to indeed.com).

JSF has passed the adoption tipping point, and is now the Java-based framework of choice, as is evidenced by its ecosystem. From vendors such as MyEclipse and RedHat to open source projects such as Seam, Facelets, and Ajax4JSF, JSF is where the action is.

Come see why JSF is so popular. In this code- and demo-intensive session, I'll show you the fundamentals of JSF.

This session is taught by a member of the JSF Expert Group for JSF 1.0 and 2.0., and co-author of the best-selling book on JSF: Core JavaServer Faces. David will take you through a whirlwind introduction to JSF including what JSF is, how it was developed, and how you can best take advantage of the technology. Here is a list of topics:

Components, managed beans, value expressions, and static navigation
i18n, CSS, and actions
The Faces Context and Faces messages
The JSF Event Model
Using JavaScript with JSF

This introduction to JSF also contains 5 live-code demos, where David will develop a simple, but robust application during the course of the session.

Prerequisite: Some knowledge of Java-based web applications, such as Struts, is a plus, but is not required. If you have a significant experience with JSF, you probably already know most of what's covered in this session.

By David Geary
In 2005, JSF hit its stride, as evidenced from overwhelming support from both vendors and the open-source community. JSF 1.0 had plenty of holes, but open-source projects have arisen to address those needs. This session takes a look at three of those projects: Tomahawk (MyFaces component library) FaceletsSeam

MyFaces is an open-source implementation of the JSF spec. In addition, MyFaces developers got a little carried away and also developed a useful set of custom components that you can use in your own applications, regardless of whether you use MyFaces as your JSF implementation. Those components are now packaged separately from MyFaces under the name Tomahawk.

Facelets is an open-source project from java.net that lets you implement views with Tapestry-like HTML pages. That technique is a powerful feature that lets graphic designers and software developers work separately in parallel.

Seam is a framework from JBoss that provides a component model that unifies the EJB and JSF component models. Seam makes great use of annotations to meld EJBs and JSF components in a seamless fashion (thus the name).

Lots is happening in the JSF space. Come to this talk and learn about these three exciting open-source projects.

By David Geary
JavaServer Faces is a well designed user interface framework, but it lacks a number of features you might otherwise expect out of the box; for example, JSF does not explicitly provide support for client-side validation.

So, from the folks that brought you Struts, comes Shale, a collection of useful enhancements to JSF. A top-level Apache Software Foundation project, Shale adds some really cool features to vanilla JSF, including:

Web flow: script dialog flow
Remote Method Calls: easily call JavaBean methods from JavaScript
Tapestry-like views: code views in pure HTML
Use Apache Commons Validator validators on the client or server, or both
JSF testing framework: mocks for easy JSF testing

There's a lot of cool stuff in Shale that makes JSF a much more compelling proposition. Come see what it's all about.

This is a code-intensive, fast-paced look at Apache Shale. Forty-plus slides and five demos makes for an action packed session that illustrates the cool features that Shale provides.

By David Geary

Come to this exciting preview of one of the leading web application framework contenders with the potential to be the Next Big Thing: Ruby on Rails. An innovative framework with an eye-popping array of ultra-cool features such as active record and native support for Ajax, Rails greatly simplifies web application development and puts the joy back in software development. Rails is easy, fun, and very productive; in fact, in the throes of Rails-mania, some converts have claimed that developing with Rails is at least 10 times as fast as your favorite Java framework. Could that be? Come see for yourself.

At about the same time Java was brewing, another language from the far east entered the landscape with hardly any notice. Carefully crafted by Japanese devotees, Ruby, a potent mix of SmallTalk, Python, and Perl, toiled in relative obscurity as the marketplace moved in droves to Java.

Today we have J2EE, the 800-pound gorilla of enterprise development. That 800 pounds cuts both ways: J2EE is powerful, but it's a complicated beast with a long and steep learning curve that sports a dissying array of peripheral open-source software. And J2EE has many design compromises and idiosyncrasies that reflect it's growth and evolution. Some J2EE developers have begun to wonder if there's a better way...

By David Geary
JavaServer Faces is a perfect platform for implementing Web 2.0 interfaces with Ajax. This session explores how you can use these two potent technologies--JSF and Ajax--together to create applications that look and behave like desktop applications but run in the browser.

JavaServer Faces, with a mature component model and flexible lifecyle, is a perfect platform for implementing Web 2.0 user interfaces with Ajax. This session explores using JSF and Ajax to create applications that act like desktop applications but run in a browser.

We'll start with a quick look at implementing basic Ajax in a JSF application. Then, once your bloodthirst has been slaked, we'll dive deeper into Ajaxian Faces dynamics with a form completion demo that requires its implementor to understand two simple, but vital facts about JSF.

If you're savvy, you probably use client-side validation to augment your server side validation logic, which parenthetically, is no no-brainer in either of the leading web application frameworks, JSF or Rails. But anyway, client-side validation is old school. All the cool developers nowadays use Ajax to implement realtime validation, where you sneak a trip to the server as an unwary user types into your input fields. But to accomplish that, we'll have to dive even deeper into JSF, with concerns such as accessing view state and accounting for client-side state saving.

All of this Ajax development is great fun, but most of it is best relegated to components and frameworks, which are the topics that will wrap up our session. We'll see how to keep your JavaScript separate from your JSF components and how to pass JSP tag attributes all the way through to JavaScript. Finally, we'll take a look at Ajax4jsf, a JSF component library with a tag library that blends Ajax into JSF in a natural, intuitive way without having to write JavaScript.

As web developers, we've been handcuffed long enough by the shackles of Web 1.0 development. Come to this session and see the brave new world of Web 2.0 development with one of the hottest web application frameworks.

By David Geary
Developing highly interactive web applications, for the most part requires knowledge of a wide array of technologies: HTML, CSS, JavaScript, XMLHttpRequest, JSP, JSF, etc.

With the Google Web Toolkit (GWT), Google turns that notion of development on its head. Instead, you implement Ajax applications by writing almost entirely in Java. You use an AWT-like API, which the Google compiler compiles to JavaScript that runs on the client.

In the early days of Java, application development with the AWT was relatively simple. You had to have a decent understanding of Java and AWT fundamentals, but once equipped with such knowledge, you could dive in and develop some impressive applications.

Ten years later, we have, in so many respects, gone significantly backwards. We've shoehorned technologies such as HTML into shoes for which they were never intended, and for our efforts, we have a mismatch of disparate technologies that one needs to knit together for a truly interactive web application.

This is the first session of a two-part presentation on the GWT, where I'll concentrate on GWT basics: implementing Ajax-enabled applications in Java, internationalization, testing, and remote procedure calls.

By David Hussman
The participants of this session will become agile customers and product owners, using personas to create stories for a sample product development.

The questions around user stories are many, and the list grows larger as their popularity of increases. Many organizations are on their path to adopting stories as requirements vehicles, possibly struggling with story writing as well as finding a way to fit them into their organization. Along with writing stories, this session will cover connecting with product owners and a short review of several tools for tracking and managing user stories.

By David Hussman
The presentation will briefly discuss stories, the origin and authoring of story tests, and a demonstration of how FIT and FitNesse (FIT living within a Wiki) can be used to automate acceptance tests.

Agile communities consider stories “done” when the acceptance tests (also called story tests) are shown to the customer. Originally, this was a manual process, but in recent years, several frameworks have been created to automate this process, providing acceptance testing all the benefits of automated unit testing. One of the most popular of these if called FIT, created by Ward Cunningham.

By David Hussman
As with many methodologies, moving agile into an organizations poses larger challenges. Before jumping in, it helps to ask a few questions before "racing toward agility". This session will provide 3 tactical steps that can help your adoption of agile.

There are many factors outside the developer world that can crash all the benefits of agile without regard to its success. This session will provide ways to select agile practices, create a transition plan for adopting agile, and bring people together before trying to adopt new techiniques that are part of agile development. Various tools and techniques will be discussed, and at least part of the session will include Q/A for the presenter to field specific questions about your organization.

By David Hussman
Adopting agile is different for each company, but most companies will go through some amount of change during the adoption of agile.

This session will discuss some of the most common difficulties for adopting agile and provide various plans of attack. The session will start with a listing of issues for the session participants, and some portion of the session will be dedicated to an open forum where the presenter will address the issues collected.

By Glenn Vanderburg
With the sudden importance of Ajax, it's time to take JavaScript seriously. That means learning it the right way: looking at the fundamentals of the language and surveying its strengths and weaknesses, instead of just copying other people's poorly written examples.

JavaScript got a bum rap. It's almost universally derided among serious programmers for being a toy language, or for its strange characteristics, or bugs, or slowness, or because it's only good for adding useless window dressing to web pages.

But JavaScript is actually a very nice little language which is popping up everywhere these days (not just in Ajax apps). Sure, JavaScript is quirky, but its problems are mostly due to history, association, and misunderstanding. Especially misunderstanding. Let's face it: most developers learned JavaScript by looking at examples in web pages they found online, and few of those examples are paragons of JavaScript style. Other developers learned JavaScript from books, but the typical JavaScript book ignores the fundamentals of the language, instead focusing on examples and the fastest ways to do fancy web page tricks.

In this talk, we'll go back to the basics that most JavaScript resources omit. We'll talk about JavaScript as a language, learning its fundamental concepts and the simple rules that underlie the sometimes bewildering behavior.

By Glenn Vanderburg
Building on part 1, this talk dives deep into JavaScript's object model. We'll see how it differs from more mainstream object-oriented languages, and why. We'll explore how to hide some of those differences, as well as the reasons you might not want to. Additionally, we'll cover useful tools for JavaScript testing, debugging, and profiling.

Ajax is not the focus of this talk, but a strong foundation in JavaScript is essential for working with Ajax.

By Glenn Vanderburg
The support infrastructure for your software project is a crucial factor for success. A new generation of tools offers significant benefits over their predecessors. This talk discusses how to choose the right mix of tools for a top-shelf project infrastructure.

The support infrastructure for your software project is a crucial factor for success. Many projects waste enormous amounts of time fighting through projects without the help of good tools. Other projects are on the right track, but could be even more successful by filling some crucial infrastructure gaps or by moving to improved tools, or by implementing policies that maximize the tools' power.

This talk looks at the latest generation of infrastructure tools, what makes them better, and how to use them well. Additionally, we'll examine the role of the infrastructure on projects and identify principles that help us understand what kinds of infrastructure we need. Tools examined will include CruiseControl, Rake, Subversion, Trac, and others.

By Glenn Vanderburg
The Java Collections framework is a cornerstone of Java development. It's been a part of J2SE for six years now. Every Java developer knows it—how to create Lists, Maps, and Sets, how to put things into them and take things out, and how to iterate over the contents. But there's a lot more to the collections framework than that -- and very few programmers really know how to exploit the power that's just under the surface.

The basics of the collections classes are so simple that many developers haven't even thought to look for the additional power that's there. And it's not just built-in capabilities, either. The design of the collections framework makes possible several powerful techniques and patterns that can magnify your productivity, as well as helping you build systems that are efficient and scalable.

It may seem strange to give a talk on a framework that every Java programmer already knows. But in every project I've worked on for the past six years, I've seen a lot of code that uses the collections poorly. More often than not, that code was written by skilled programmers with significant Java experience. In this talk, you'll learn how to use the collections well, exploiting their full power—the little-known capabilities, the extensibility features, and powerful patterns such as wrappers, adapters, and decorators. We'll also cover some new features that slipped into Java 1.5, plus a few especially useful third-party collection implementations.

By Justin Gehtland
O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer. This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.

O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer. This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.

By Justin Gehtland
Hibernate is easy to get started with, but can sometimes be hard to make efficient or secure. In fact, the default settings for Hibernate createapplications that will run slowly, cause unwanted round trips to the database, and may be more restrictive and/or permissive from a security standpointthan you would otherwise want.

This session will show advanced techniques for tuning performance, including:
• advanced collection mapping strategies
• lazy loading
• cascading update management
• lifecycle management
• Hibernate's interceptor layer
In addition, we'll examine the security considerations when using Hibernate. Often, single-credential data access isn't enough for sensitive data. We'll
walk through using per-user credentials for data access, logging security information about and through Hibernate, and accessing data sources through secure application servers.

By Justin Gehtland
Ajax applications have unique architectural challenges and opportunities. This presentation will show you how to take advantage of the Ajax's strengths, and work around its quirks.




Topics covered will include

Selecting an Ajax toolkit

Dealing with browser differences

Handling the "Back" button

Degrading gracefully

Marshalling data

Managing XML

Minimizing roundtrips--or not!

When Ajax isn't enough

Packaging and deployment


Prior exposure to Ajax and JavaScript is very useful, but not required.

By Justin Gehtland
Learn to simplify Ajax development with Prototype through a series of real-world examples. Along the way, learn to code in Prototype's modern JavaScript style, taking advantage of Prototype's extensions to JavaScript's object model

Prototype deserves its fame for Ajax support, and for easy integration with the Rails platform. In this presentation, you will learn to simplify Ajax development with Prototype as we work through a series of examples that demonstrate:


* using Ajax.Request to manage XMLHTTPRequest

* automatically updating pages with Ajax.Updater

* polling with PeriodicalExecuter

* managing forms with Form.serialize

* responding to inputs with Event.observe

* simplifying DOM updates with Insertion



But there's more! Prototype exemplifies modern JavaScript coding style. You will see how to take advantage of "Prototype as JavaScript++" by


* using JSON for parameter passing

* defining classes with Class.create and Object.extend

* using Ruby-inspired extensions to the JavaScript object model, such as Array.each

By Justin Gehtland
Dependency Injection (DI) is the cornerstone of Spring. The core concept is quite simple, but (surprise!) actual practice can become complex. To take full advantage of Spring DI, you need to understand not only the basics on configuration, but also the container lifecycle model and the various hooks provided by the framework.





Topics will include




The difference between DI and Continuous Integration

Setter Injection

Constructor Injection

Factory Injection

Bean lifecycle

Method Injection

Using the ApplicationContext

Custom PropertyEditors

By Justin Gehtland

JRuby is not one, but two great technologies: the Ruby language, and the Java Virtual Machine and libraries. In this talk you will learn the basics of programming JRuby, and how to integrate JRuby code into existing Java projects.



Ruby is a great language, but you cannot afford to throw away you investment in existing Java libraries. And you don't have to. JRuby is a sufficient subset of Ruby to be far more expressive and productive than Java. Plus, JRuby's integration with Java means that you can call your Java libraries.

We'll look at Ruby basics, at calling Ruby from Java, calling Java from Ruby. We'll also explore the current limitations of JRuby, which ones are likely to be lifted in the future, and why.

By Justin Gehtland
Spring offers developers a simpler, more robust method for configuring applications. These benefits extend to security through the ACEGI framework. ACEGI makes the otherwise daunting task of securing your application logical and straightforward. More importantly, through its support for single sign-on provision through Yale's CAS system and its ability to provide instance-level authorization, Spring extends the common security model of most J2EE apps beyond what they are traditionally capable of.




In this session, we'll explore:

• configuring ACEGI to authorize against an in-memory user list, a database, and a JAAS login module

• page level authorization

• method level authorization

• instance level authorization

• forcing HTTPS connections to secured sites

• impersonation using the RunAsManager

By Matt Raible
Struts has outgrown its reputation as a simple web framework and has become more of a brand. Because of this, two next generation frameworks are being developed within the project: Shale and Action 2.0. Action 2.0 is based on WebWork, and though it's backing beans are similar to JSF, its architecture is much simpler, and easier to use.



Migrating to Struts Action 2.0 is more about unlearning Struts than it is about learning the "WebWork Way". Once you understand how simple WebWork is, you'll find that Struts Action 2.0 is a powerful framework that supports action-based navigation, page-based navigation, AOP/Interceptors, components and rich Ajax support.

Come to this session to see code comparisons and learn about migration strategies to use the kick-ass web framework of 2006.

By Matt Raible
AppFuse is an open source project/application that uses best-of-breed Java open source tools to help you develop web applications quickly and efficiently. Not only does it provide documentation on how to develop light-weight POJO-based applications, it includes features that many applications need out-of-the-box: authentication and authorization, remember me, password hint, skinnability, file upload, Ajax libraries, signup and SSL switching. This is one of the main features in AppFuse that separates it from the other "CRUD Generation" frameworks like Ruby on Rails, Trails and Grails. AppFuse is already an application when you start using it, which means code examples are already in your project. Furthermore, because features already exist, the amount of boiler-plate code that most projects need will be eliminated.



In this session, you will learn Seven Simple Reasons to Use AppFuse. If you don't use it to start your own projects, hopefully you will see that it provides much of the boiler-plate code that can be used in Java-based web applications. Since it's Apache Licensed, you're more than welcome to copy/paste any code from it into your own applications.

By Neal Ford
This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques.

Building secure web applications is difficult. Common trivial mistakes in other programming environments break web applications. This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques. The material in this session is derived from the Open Web Application Security Project (OWASP) and other sources. It covers the OWASP top 10 list of vulnerabilities (including examples). It also demonstrates some (legal!) hacker tools that malicious developers use against you. This session includes case studies showing complete attacks, from vulnerability acquisition to compromise. It also covers open-source tools (such as Stinger) that automate some of the security jobs for developers. This session is designed to scare you – but in a good way!



Key Session Points:

* OWASP List of Vulnerabilities

10. Insecure configuration management
9. Denial of service
8. Insecure storage
7. Improper error handling
6. Injection flaws
5. Buffer overflows
4. Cross site scripting flaws
3. Broken authentication and session management
2. Broken access control
1. Unvalidated input

* Security Tools and frameworks
* Case Study: Hacking Oracle through a browser
* Case Study: Cross-site scripting
* Case Study: SQL Injection

By Neal Ford
Regular expressions should be an integral part of every developer?s toolbox, but most don?t realize what an important topic it is. Regular expressions have existed for decades, but many developers don't understand how to take full advantage of this powerful mechanism, either through command line tools and editors or in their development.

This session shows how to fully exploit regular expressions. It begins with the basic premise of how regular expressions work, then shows how to take advantage of the RegEx library built into the Java platform. This session shows how to use wildcards, escape characters, meta-tags, character class operators, look-aheads/look-behinds, and how to use the greedy operators effectively. It covers regular expressions from the beginning through to advanced usage, both in Java and in tools that support regular expressions. This session is packed with real examples of regular expressions (including a game show with no fabulous prizes).

Key Session Points:

Common Regex mistakes

By Neal Ford
This session introduces Ruby, aimed specifically at Java developers.

Why would any self-respecting Java developer care about Ruby? And why does everyone keep talking about it? This session answers these questions and more. Ruby is a very expressive, powerful general purpose language that keeps gathering raves from industry luminaries. This session introduces Ruby, aimed specifically at Java developers. It covers Ruby syntax and philosophy, showing lots of code along the way. See how a 200 line Java application equates to 20 lines of Ruby code. In addition to syntax, this session shows networking, file I/O, web services, threading, and a host of other topics. The goal of this session isn't to get you to switch from Java. It makes you think about expanding your toolbox and adding Ruby for things that don't need a full-blown Java application. Along the way, the Ruby philosophy will make you Java coding better too.

Key Session Points

• The Ruby Philosophy


• Ruby syntax


• Classes and objects in Ruby


• Closures


• Mixins


• Networking


• Threading


• Test-first coding in Ruby


• Ruby as a scripting language


• Ruby as a web language

By Neal Ford
This session discusses techniques and tools for debugging enterprise applications (without using System.out.println()!)

It's an interesting dilemma – we have the best tools for software development ever, yet developers are still debugging enterprise applications using ystem.out.println()! This session discusses techniques and tools for debugging enterprise applications. It shows how to perform remote debugging through all the major IDEs, either on the same machine or across a network. It also shows how to debug using the command-line jdb debugger (the only one guaranteed to always be available).This session shows how to debug web, EJB, and lightweight enterprise applications. It discusses class loaders, interactive enterprise debugging with Groovy, and how to automate repetitive tasks using JWebUnit and Selenium, making the computer do work for you instead of vice versa (how many times do you have to walk multiple pages through a web application to get to the point where you can debug it?). This session shows you how to automate these and other common debugging tasks. The goal is to make hunting and eliminating bugs in complex applications much easier.

Key Session Points:
• Setting up remote debugging in IDE's
   o Eclipse
   o IntelliJ
• Effective remote debugging
• When it's all you've got: jdb and enterprise applications
• Forensic debugging using loggers
• Debugging web applications
   o Inspector
   o Bookmarklets
• Debugging EJB
• Debugging in lightweight frameworks
• Interactive Debugging with Groovy
• Automating debugging tasks
   o JWebUnit
   o Selenium

By Neal Ford
This session describes the use and workings of Selenium, the open source web user interface testing tool.

Selenium is one of the most powerful functional testing frameworks to come from the open source world in a long time. This session covers all aspects of Selenium, starting from its origins as an internal user-acceptance testing tool through testing Ajax applications. This session covers Selenium functionality, syntax of the test scripts (both HTML and the scripting language), keywords, testing techniques, recording tests, creating extensions, and testing Ajax applications. Selenium is the premiere testing tool for Ajax, so I show several examples of the power of Selenium combined with Ajax.

Key Session Points

• Selenium origins and background


• Installation


• Building tests


• API overview


• The Selenium IDE


• Testing Ajax Applications


• Future directions

By Neal Ford
This session shows you how to become a more productive programmer every day by using tools that you didn't know you already had.

<grizzled-programmer>
Why, in my day, we didn't have any fancy Gooey tools -- we did everything from the command line and we liked it. And, we got a lot more done than all you point-and-click monkeys
<grizzled-programmer>
Have you ever noticed that some old-school developers can run rings around you at the keyboard? Have you ever seen a 2 week problem become a 2 hour solution because someone knew a better way to solve it? This session is about all the command line and other tools that are extremely powerful yet widely neglected in today's graphical environments. This session shows you how to take advantage of those tools whether you run Windows, *Nix, or Mac. It focuses on specific recipes to make your job easier. I'll show you how to get around your computer in a hurry (no more clicking around in trees), how to find anything fast, how to manage projects and artifacts from the command line, how to automate the repetative tasks you find yourself doing every single day, how to stop repeating yourself, and how to stop repeating yourself. This session is guaranteed to improve your developer productivity by an order of magnitude.



Key Session Points

• Creating a common environment
  
• The Unix philosophy (without Granola or sandals)
  
• Automating common programming tasks
  
• Getting around in a hurry
  
• Searching techniques
  
• Text techniques
  
• Project management from the command line
  
• Stop repeating yourself
  
• Tying it together

By Pete Behrens
Business leaders and stakeholders require accountability and accuracy in our software release projections and yet, as an industry, we have failed. However, many of these same leaders are not convinced that agile is any more than an excuse to avoid projections at all. While it is true that agility provides the framework to support change, it doesn't mean you can't provide accurate projections. In fact, a well-executed agile process actually provides more accurate results with less time investment than traditional methods. This session will demonstrate these agile project management techniques to manage 6-12 month projects.

This session focuses on the release level, followed by Part II which focuses on the sprint level.

In this session we will demonstrate an engaging agile team estimation technique to drive more accur