Rocky Mountain Software Symposium

November 20 - 22, 2009 - Denver, CO

Event Home What's New Speakers Sessions Schedule Video Preview iPad Program Hotel/Travel Books Partners Magazine
FOR MEMBERS Session Evaluations Symposium Eval Venue Eval Notes Network Send Comments
Denver Marriott South @ Park Meadows

Denver Marriott South @ Park Meadows
10345 Park Meadows Drive
Denver, CO   80124
Map »

NOTE: You are viewing details about a past event. We will be back in DenverNovember 15 - 17, 2013.
View the event details here ».

Ken Sipe

Architect, Web Security Expert

Ken Sipe

Ken has been a practitioner and instructor of RUP since the late 1990s, and an extreme programmer and coach since the middle 2000s. Ken has worked with Fortune 500 companies to small startups in the roles of developer, designer, application architect and enterprise architect. Ken's current focus is on enterprise system automation and continuous delivery systems.

Ken is an international speaker on the subject of software engineering speaking at conferences such as JavaOne, JavaZone, Jax-India, and The Strange Loop. He is a regular speaker with NFJS where he is best known for his architecture and security hacking talks. In 2009, Ken was honored by being awarded the JavaOne Rockstar Award at JavaOne in SF, California and the JavaZone Rockstar Award at JavaZone in Oslo, Norway as the top ranked speaker.



Presentations

Java Memory, Performance and the Garbage Collector

You are using Java, whew!!! No need to worry about memory, the garbage collector will handle that. Those who have had a memory issue in Java are not so naive any more. Often memory utilization and heap sizes are an after thought and are not recognized until the application is in production, often caused by application uptime, production request volume or production sets of data. When the OutOfMemory Error occurs, often the science of development seems to brake down and knobs are turned. First the (-mx) maximum heap space gets adjusted... More is better right. The next OutOfMemory, heads start scratching, code reviews start in earnest, and Google gets several new hits. Did you know that it is possible to get an OutOfMemory error without running out of heap space?

This talk will walk through the underlying details of memory management in the JVM with a focus on VM flags available to help configure the VM. However we can't configure the VM without a detailed understanding of what is going on inside the VM. We'll focus on tools available for analyzing the memory in a running VM. Two actual client case examples will be presented. We'll discuss the differences between the two cases and why the end configurations were quite different.

Debugging your Production JVM

So your server is having issues? memory? Connections? Limited response? Is the first solution to bounce the server? Perhaps change some VM flags or add some logging? In todays Java 6 world, with its superior runtime monitoring and management capabilities the reasons to the bounce the server have been greatly reduced.

Combined with proper JMX instrumentation, the need to bounce the server may be eliminated for all but the rarest of cases.

This session will look at the Java 6 monitoring and management capabilities, which includes the ability to make VM argument changes on the fly. In addition to what is provide in the JDK, a number of freely available management tools will be demonstrated.

Hacking - The Dark Arts

A live Hacking demonstration exposing the tools and techniques used by Hackers.

A look at the growing space referred to as ethical hacking or penetration testing. We'll look at example attacks which include: Client-side exploits Sql-Injections Brute force attacks Man-in-the-middle attacks Key logging

Security Code Review

Security concerns abound... According to Gartner 75% of all attacks are at the web application tier. There has never been a more urgent time to understand the security concerns and how to apply solutions to our web applications.

This session will look through the details of threat modeling, who should do it and how does it fit into the software development life-cycle.

Books

Spring Recipes: A Problem-Solution Approach
by Gary Mak, Daniel Rubio, and Josh Long

Spring Recipes: A Problem-Solution Approach Buy from Amazon
List Price: $49.99
Price: $31.85
You Save: $18.14 (36%)

  • With over 3 million users/developers, Spring Framework is the leading “out of the box” Java framework. Spring addresses and offers simple solutions for most aspects of your Java/Java EE application development, and guides you to use industry best practices to design and implement your applications.

    The release of Spring Framework 3 has ushered in many improvements and new features. Spring Recipes: A Problem-Solution Approach, Second Edition continues upon the bestselling success of the previous edition but focuses on the latest Spring 3 features for building enterprise Java applications. This book provides elementary to advanced code recipes to account for the following, found in the new Spring 3:

    • Spring fundamentals: Spring IoC container, Spring AOP/ AspectJ, and more
    • Spring enterprise: Spring Java EE integration, Spring Integration, Spring Batch, jBPM with Spring, Spring Remoting, messaging, transactions, scaling using Terracotta and GridGrain, and more.
    • Spring web: Spring MVC, Spring Web Flow 2, Spring Roo, other dynamic scripting, integration with popular Grails Framework (and Groovy), REST/web services, and more.

    This book guides you step by step through topics using complete and real-world code examples. Instead of abstract descriptions on complex concepts, you will find live examples in this book. When you start a new project, you can consider copying the code and configuration files from this book, and then modifying them for your needs. This can save you a great deal of work over creating a project from scratch!

    What you’ll learn

    • How to use the IoC container and the Spring application context to best effect.
    • Spring’s AOP support, both classic and new Spring AOP, integrating Spring with AspectJ, and load-time weaving.
    • Simplifying data access with Spring (JDBC, Hibernate, and JPA) and managing transactions both programmatically and declaratively.
    • Spring’s support for remoting technologies (RMI, Hessian, Burlap, and HTTP Invoker), EJB, JMS, JMX, email, batch, scheduling, and scripting languages.
    • Integrating legacy systems with Spring, building highly concurrent, grid-ready applications using Gridgain and Terracotta Web Apps, and even creating cloud systems.
    • Building modular services using OSGi with Spring DM and Spring Dynamic Modules and SpringSource dm Server.
    • Delivering web applications with Spring Web Flow, Spring MVC, Spring Portals, Struts, JSF, DWR, the Grails framework, and more.
    • Developing web services using Spring WS and REST; contract-last with XFire, and contract–first through Spring Web Services.
    • Spring’s unit and integration testing support (on JUnit 3.8, JUnit 4, and TestNG).
    • How to secure applications using Spring Security.

    Who this book is for

    This book is for Java developers who would like to rapidly gain hands-on experience with Java/Java EE development using the Spring framework. If you are already a developer using Spring in your projects, you can also use this book as a reference—you’ll find the code examples very useful.

    Table of Contents

    1. Introduction to Spring
    2. Advanced Spring IoC Container
    3. Spring AOP and AspectJ Support
    4. Scripting in Spring
    5. Spring Security
    6. Integrating Spring with Other Web Frameworks
    7. Spring Web Flow
    8. Spring @MVC
    9. Spring RESTSpring and Flex
    10. Grails
    11. Spring Roo
    12. Spring Testing
    13. Spring Portlet MVC Framework
    14. Data Access
    15. Transaction Management in Spring
    16. EJB, Spring Remoting, and Web Services
    17. Spring in the Enterprise
    18. Messaging
    19. Spring Integration
    20. Spring Batch
    21. Spring on the Grid
    22. jBPM and Spring
    23. OSGi and Spring