By Brian Sam-Bodden
XML is quickly becoming the common ground for disparate systems to exchange information and most Java developers deal with XML almost on a daily basis, whether is in deployment descriptors and configuration files or as the data format at the center of their applications.

XOM is a new XML object model that strives to be easy to learn and easy to use. Based on similar principles to JDOM it takes XML programming in Java to the next level by taking correctness and simplicity as its guiding principles while striking a balance between the speed of SAX-based parsing and the manipulation abilities of DOM-like APIs.

By Brian Sam-Bodden
Drools is an open source pure-Java implementation of a forward chaining rules engine. Drools can be used in a J2SE or J2EE application and allows you to express rules programatically or by building domain specific rule languages. Learn how Business Rules with Drools can make your Java applications more flexible and robust.




Software development is expensive, when business rules are hard-coded in your application's source code, changes and additions to those rules translate to wasted time and money. Good object-oriented, component-based approaches can alleviate the burden of keeping up with changes in the business world but they still require that expert knowledge of the changes be passed from the decision makers to the business analysts and finally to programmers that need to implement these changes. Business Rule Engines and Business Rule Languages are based on the basic premise of separation of concerns by empowering business domain experts to express the rules of business in a way that it is directly usable by applications.
Drools is an open source pure-Java implementation of a forward chaining rules engine. Drools can be used in a J2SE or J2EE application and allows you to express rules programatically or by building domain specific rule languages. Learn how Business Rules with Drools can make your Java applications more flexible and robust.

By Brian Sam-Bodden
Ant has revolutionized the way we build applications in Java and it has become a de facto standard in the Java world. As applications grow in complexity some developers are finding themselves dealing with ever growing and complex builds. Complex builds have to deal with Multiple Operating System, multiple Application Servers, multiple APIs and multiple stages of development.

This talk would highlight some of the growing pains typically encounter in the evolution of an application build system and possible solutions and best practices that can be applied to several of these scenarios. With the arrival of the Ant version 1.6 many of the lessons learned with large projects have been now incorporated. Ant 1.6 can help you deal with complex builds efficiently.

By Brian Sam-Bodden
Hibernate is rapidly becoming the tool of choice when it comes to Object-Relational Mapping in Java. For simple applications with fairly simple object models and database schemas, using Hibernate is fairly straight forward. Unfortunately for most of us real applications have complex object-models that need to be wired to sometimes ancient and convoluted database schemas.

In this session we explore some of the advanced features of Hibernate and how you can use Hibernate to solve the hard problems of Object-Relational Mapping.

By Brian Sletten
Object-oriented code metrics are a little like Artificial Intelligence: those who did it twenty years ago roll their eyes at the thought and prophesy the same ultimate failure at applicability now. Those who grew up with Java are approaching the topic with new eyes and are finding useful ways of incorporating metrics into their projects. Come hear about tools and ways to measure properties of software, how they might be beneficial and where you are likely to go astray with this approach.


Attendees will learn about
Approaches to measuring software
The attempt to predict failure via software metrics (and the failure to do so)
Analyzing OO designs based on the "Martin Metrics"
Tools that allow developers to use metrics for themselves

Rating: Intermediate
Category: Architecture/Languages, Design, Core Java, .NET
Prerequisites: Basic Java or C# skills

By Brian Sletten
Just about every modern software developer has a copy of the Gang of Four "Design Patterns" book sitting on a shelf; many of them have actually read it. The dark secret of the patterns community is that there is often a large gulf between whiteboard simplicity and real-world complexity. Language choice plays a part in the design (and even importance) of patterns. The situation is made even more confusing by the fact that many of the core patterns have now been "voted off the island" for one reason or another. This talk will give a pragmatic overview of the motivations behind design patterns and will focus on applying a handful of the GOF patterns to example scenarios in Java, Ruby and C#. A quick introduction to the role AOP plays in changing the patterns landscape will also be covered.

Attendees will learn about
The benefits and history of patterns in software
How language choice affects pattern implementations
Applying a handful of GOF patterns in code examples
Why there is no DP4J available

Rating: Intermediate
Category: Architecture/Languages, Core Java, .NET
Prerequisites: Basic Java or C# skills

By Brian Sletten
Most people new to Aspect-Oriented Programming (AOP) are fed up with separation of concerns zealots explaining how great their techniques are at dealing with... logging. Ok, you get it. Logging is a cross-cutting concern that can be appropriately modularized. What else does AOP have to offer? A lot, it turns out. This talk will give an introduction to the motivations of AOP as well as a series of concrete examples drawn from enterprise and client side Java. Come learn how AspectJ-flavored AOP can begin to benefit you immediately either in development or production environments. Learn how to enforce architectural policies, find Swing threading issues, reduce the invasiveness of the Observer design pattern or even improve the reusability of your domain models. Now that Spring 2.0 provides support for AspectJ, the time has never been better to learn about these new (but backwards compatible) ways of thinking about building software.

Attendees will learn about
The history and reasons behind AOP
Development-oriented aspects that can be useful, but compiled out of
production code
Production-oriented aspects that can simplify development and ease the
burden of future changes
Basic AspectJ usage and jargon
How to use AspectJ with Spring

Rating: Intermediate
Category: Architecture/Languages, Client Side Java, Server Side Java
Prerequisites: Basic Java. Some level of AOP understanding is helpful, but not required. The pace of the introduction will depend on the average level of exposure the audience has previously had to AOP.

By David Bock
Pluggable application architectures are everywhere. Applications like Photoshop, Eclipse and other IDEs, and even application servers are all examples of applications that allow other developers to 'install' new functionality. There are plenty of reasons for wanting to install new functionality into an application that is already developed and deployed... from dynamic upgrading to the creation of a 'component marketplace', where end users can purchase components with 'extra' capability.

How can we design an application that will dynamically use new functionality that is written months, if not years, after the 'original' application has shipped? In what circumstances might we want to do this? Done right, pluggable application architectures allow you (and potentially others) to deploy new capabilities into your applications. Done wrong, they become a tightly coupled configuration management nightmare. Learn how to implement them properly in this presentation, and look at what is already available to build upon.

By David Bock
Most software engineers hate metrics... Why? Because we know the work we do is hard to quantify – any measurement of 'software engineering' is like trying to tell how tall someone is by how much they weigh... There may be some correlation, but there is so much deviation as to make the answer practically meaningless. As a result, we often see metrics used to justify improper conclusions. There are plenty of good metrics though, and plenty of ways to use them effectively.


In this presentation we will analyze what makes a 'good' metric, why some metrics are 'bad', and how you can use them to make meaningful measurements of your projects. We will look at several methods for gathering metrics too, including some open source tools you can put to use immediately.

By David Geary
Okay, so you know a little about JSF. You understand managed beans, action outcomes and how to attach standard JSF validators to components in a JSP page.

But there is a great deal of functionality that the average web application supports that JSF doesn't provide out of the box. For example, wouldn't you like to have JSF automatically place asteriks in front of labels for required fields? You are going to implement client-side validation, which JSF does not support out of the box, aren't you? Of course, you're going to test your application, right? And don't forget to trap unauthorized use of the back button.

How do you do all of that stuff in a JSF application? If those are the kinds of questions that keep you up at night, then this session is for you. We will explore the outer reaches of JSF development to illustrate how you can bend your next JSF application to your will.

By David Geary
JavaServer Faces is a well designed user interface framework, but it lacks a number of features you might otherwise expect out of the box; for example, JSF does not explicitly provide support for client-side validation.

So, from the folks that brought you Struts, comes Shale, a collection of useful enhancements to JSF. A top-level Apache Software Foundation project, Shale adds some really cool features to vanilla JSF, including:

Web flow: script dialog flow
Remote Method Calls: easily call JavaBean methods from JavaScript
Tapestry-like views: code views in pure HTML
Use Apache Commons Validator validators on the client or server, or both
JSF testing framework: mocks for easy JSF testing

There's a lot of cool stuff in Shale that makes JSF a much more compelling proposition. Come see what it's all about.

This is a code-intensive, fast-paced look at Apache Shale. Forty-plus slides and five demos makes for an action packed session that illustrates the cool features that Shale provides.

By David Geary
User interfaces are usually the most turbulent aspect of an application during development. Constant tinkering with the UI means constant changes to your code, so as a UI developer, you want to minimize the scope and effects of those code changes.

Open-source Java provides two powerful software packages that help you manage UI complexity: Tiles and Sitemesh. Tiles composes webpages from discrete regions of your user interface known as tiles. A tile contains a JSP page for layout and one or more JSP pages for content. Sitemesh decorates webpages with decorators that can be associated with URL patterns. Once you set up your decorators, you can decorate pages that match a decorator's URL pattern.

Come see how to use Tiles and Sitemesh with a guided tour from the inventor of Tiles, who has recently become a Sitemesh believer.

By Justin Gehtland
The Spring framework is one of the fastest growing open source frameworks. New job postings are gaining rapidly, and many customers are adopting Spring instead of heavier alternatives. In this session, we’ll introduce Spring. You’ll see how Spring can give you much of the power of EJB, without the complexity or pain.

Spring uses concepts like dependency injection and aspect oriented programming to ease standard enterprise development. Spring developers write plain, ordinary Java objects (POJOs), instead of sophisticated components. In this session, you’ll see a basic Spring application. You’ll also see some details about some of the enterprise integration strategies, including:

• Spring AOP
• Transactions
• Persistence
• Model/view/controller

When the session is over, you won’t be an expert, but you should have a much clearer understanding of what Spring does, what it doesn’t do, and why it’s growing so rapidly.


This session, for the Spring beginner, helps you:
• Understand dependency injection and inversion of control
• Know the meaning of lightweight containers and Spring
• Understand the basic pieces of Spring
• See core Spring modules in action, including Persistence, AOP, transactions.

Attendees need not know anything about Spring. This session does talk about integration with core J2EE frameworks like JDBC and transactions.

By Justin Gehtland
Web Services are message-oriented. This means that any application intention (the need for security, for transactionality, for reliability, etc.) must be
included in the message and not just assumed as external context. The WS-Security specifications are very advanced and currently being used in the wild to create robust, secure web services.

This session will examine these specifications, including:

• WS-Security
• WS-Policy - for sharing enforcement and encryption strategies
• WS-Privacy - for agreeing on privacy policy for service usage
• WS-Encryption - for encrypting or signing all or part of a message
• WS-Trust - for creating a single-sign-on solution
• WS-Federation - works with WS-Trust

These specifications, plus others like WS-Addressing and WS-Notification, provide a platform for communicating security intent across multiple network
layers and many platforms. Of course, these specifications only define modifications to the messagapplication author. We will demonstate these capabilities using the Axis toolkit and the J2SDK.

By Justin Gehtland
Spring offers developers a simpler, more robust method for configuring applications. These benefits extend to security through the ACEGI framework. ACEGI makes the otherwise daunting task of securing your application logical and straightforward. More importantly, through its support for single sign-on provision through Yale's CAS system and its ability to provide instance-level authorization, Spring extends the common security model of most J2EE apps beyond what they are traditionally capable of.




In this session, we'll explore:

• configuring ACEGI to authorize against an in-memory user list, a database, and a JAAS login module

• page level authorization

• method level authorization

• instance level authorization

• forcing HTTPS connections to secured sites

• impersonation using the RunAsManager

By Justin Gehtland
O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer. This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.

O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer. This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.

By Justin Gehtland
Hibernate is easy to get started with, but can sometimes be hard to make efficient or secure. In fact, the default settings for Hibernate createapplications that will run slowly, cause unwanted round trips to the database, and may be more restrictive and/or permissive from a security standpointthan you would otherwise want.

This session will show advanced techniques for tuning performance, including:
• advanced collection mapping strategies
• lazy loading
• cascading update management
• lifecycle management
• Hibernate's interceptor layer
In addition, we'll examine the security considerations when using Hibernate. Often, single-credential data access isn't enough for sensitive data. We'll
walk through using per-user credentials for data access, logging security information about and through Hibernate, and accessing data sources through secure application servers.

By Scott Delap
Too often, Swing applications are slow, ugly, and hard-to-maintain. It turns out that it doesn't have to be this way. Swing can be used to create highly-responsive, beautiful applications that are very maintainable. If this isn't consistent with your own experience, don't feel bad; its not very obvious how to make Swing sing.



In this session, I explore three topics that lead to much better Swing applications:

- Proper Swing threading
- High-quality third-party Swing look-and-feels
- Good practices for coding Swing applications

In the threading portion of the session, I explain Swing's event handling architecture and its implications for Swing applications. Understanding this topic is crucial to creating highly-responsive Swing apps. I demonstrate how to use this knowledge in the form of many live-coded examples, and I show how frameworks like SwingWorker and FoxTrot can make this easier. Java's default look-and-feel, Metal, is awful (and in my opinion, the "Ocean" theme in JDK 5.0 doesn't do enough to improve it); you should stop using it immediately. But creating good-looking applications is sadly more than slapping in a look-and-feel; you must also take care to understand the principles behind attractive layouts. I spend the second part of this session exploring how to make your Swing applications look great through a combination of third-party look-and-feels and layout techniques.

By Scott Delap
Application developers often spend hours on the simple tasks of laying out a form, wiring components to objects, and validating the data entered. This is time that could be much better spend on the business problems your application is trying to solve. This session will show how to leverage open source libraries to take the work out of the form building process.

First you will be introduced to the JGoodies Binding and Validation libraries. Then you will see how a basic form builder built on top of these technologies can reduce the form building process from hours to minutes.

By Scott Delap
The Eclipse project's SWT GUI toolkit provides one of the only viable alternatives to Swing for creating so-called rich client applications in Java. Whereas Swing paints its own widgets and has distinguished itself with a complex (and often obtuse) API, SWT relies on the host operating system for widget rendering and sports a simple, clean API. If your goal is to create a Java application that "looks" like a normal Windows application (or OS X, or Linux), SWT will revolutionize your world. In this session, I introduce SWT from the ground up.

I start at a high-level, but quickly move into the details of SWT's API. By the presentation's end, attendees will have a solid understanding of SWT.

By Stuart Halloway
Java has always provided a model for concurrency and threads. With Java 1.5, this model received a major facelift. Learn how to use the new concurrency utilities to build responsive, scalable, and correct concurrent applications.


Java's support for threads is broad and deep. From the early days of the platform, programmers have used threads, synchronized blocks, and monitors to build safe multi-threaded applications. Java 1.5's new concurrency utilities greatly reduce the need to use these primitives directly. Now, Java provides a set of lock classes and task scheduling tools that provide much more leverage in writing real applications. We'll explore java.util.concurrent, and also see how the Java Memory Model has been corrected in 1.5.

Most of the advantages of java.util.concurrent can also be had in previous version of Java. We'll discuss Doug Lea's concurrency utilities and the backport of java.util.concurrent to 1.4. Both of these are appropriate for production use.

Finally, we'll look at common mistakes in multi-threaded programming. The most common mistake is using threads when you don't need them. We'll look at alternatives to threads, and how to choose between them.

By Stuart Halloway
JUnit is great. Jython and JRuby are even better. Unit testing libraries look the same everywhere, so why not use the one that lets you get your job done faster?

Unit testing has taken the world by storm. Almost every major language has a JUnit-like library. And here's the good news: These libraries are so similar that once you learn one, you can use any of them.

Given that many languages interoperate directly with Java, you aren't limited to JUnit. You can pick the library that provides the best language level support for writing concise, easily maintainable unit tests. Circa late 2005, there are good arguments for the unittest module in Jython, and Test::Unit in JRuby.

The talk is divided into three parts:

1. A crash introduction to unit testing Java code. We'll cover test-driven development, test cases, assertions, fixtures, and test suites. We'll be using Jython and JRuby but the concepts are exactly the same in any language


2. A look at the Python and Ruby features that make Jython and JRuby compelling choices. We'll see how tests are faster to develop and easier to maintain than JUnit tests. And perhaps surprisingly, we'll also see how tests scale better when applications get large.


3. A candid comparison of Jython, JRuby, and JUnit, including advantages and disadvantages of each. One size does not fit all.

By Stuart Halloway
Reflection is writing code that manipulates itself. Well-written reflective code automates a broad class of repetitive, error-prone programming tasks. Poorly-written reflective code obfuscates programs and destroys the benefits of the type system. We'll focus on the former.



REFLECTIVE TASKS COVERED IN THIS TALK

* Discovering class members
* Dynamically accessing fields, methods, and constructors
* Bypassing the Java language protection modifiers
* Converting between objects, XML, and relational data
* Generating new classes at runtime
* Intercepting method calls and simple aspects
* The reflection security model

By Stuart Halloway
(3 Hour Session)
Attendees should attend the Introduction to Reflection talk, or have some experience using reflection or metaprogamming in a reflective language such as Java, Objective-C, Smalltalk, Python, or Ruby. Familiarity with the GOF book is helpful but not required.

Design patterns are recurring solutions to problems that consistently appear in software development. However, this does not mean that design patterns cannot be "solved", i.e. converted into language or library features. In fact, most of the original design patterns can be solved using dynamic language features such as reflection.

This talk covers specific design patterns, and shows multiple implementations of each, demonstrating how reflection and other dynamic techniques make the patterns invisible, freeing you to concentrate on solving *new* problems.

In part A I cover
• Abstract Factory
• Almost-Real Objects (a variant of mock objects)
• Singleton

In part B I cover
• Iterator
• Flyweight
• Observer
• Dynamic Agile Development

By Stuart Halloway
(3 Hour Session)
Attendees should attend the Introduction to Reflection talk, or have some experience using reflection or metaprogamming in a reflective language such as Java, Objective-C, Smalltalk, Python, or Ruby. Familiarity with the GOF book is helpful but not required.

Design patterns are recurring solutions to problems that consistently appear in software development. However, this does not mean that design patterns cannot be "solved", i.e. converted into language or library features. In fact, most of the original design patterns can be solved using dynamic language features such as reflection.

This talk covers specific design patterns, and shows multiple implementations of each, demonstrating how reflection and other dynamic techniques make the patterns invisible, freeing you to concentrate on solving *new* problems.

In part A I cover
• Abstract Factory
• Almost-Real Objects (a variant of mock objects)
• Singleton

In part B I cover
• Iterator
• Flyweight
• Observer
• Dynamic Agile Development

By Stuart Halloway
The Java platform is built from the ground up with security in mind. This talk will introduce the security features of the J2SE, building quickly from the basic classes to realistic examples.

You will learn the core APIs:

SecurityManager, AccessController, Permissions and Policy

JAAS Subjects, Principals, and LoginModules

You will then see how to invoke these APIs in real application scenarios. You will learn how to:

Partition your applications to safely invoke downloaded code

Read and write Java policy files

Extend the architecture with custom permissions

Provide secure services through PrivilegedActions

Use JAAS to authenticate and authorize users

By Ted Neward
There's a set of fallacies that every enterprise developer has fallen for at some point in their enterprise development lives, and unless they've come to realize it early enough, all cause big trouble and painful learning experiences in the long run.

In this talk, we'll go over the Enterprise Fallacies, discuss why they're so insidious and easy to fall into, and how developers can go about making sure they avoid them in the future. Discussions will be relative to both .NET and Java, as well as the emerging Web services stack, as the Fallacies know no technical boundaries.

By Ted Neward
Security's become a hot topic among enterprise developers in recent years, but to many developers, security is still the white elephant in the middle of the room. Discussions about security usually begin with, "Uh, we'll worry about that later", or, "Start with two really large prime numbers.....". Security isn't as hard as developers make it out to be, but it is something that developers need to face and recognize.

In this talk, we'll extract the 10 Items on Security from Effective Enterprise Java and talk about them, giving developers the basic heads-up they need to have when building enterprise systems in Java.

By Ted Neward
Bring all of your enterprise Java questions to this open forum discussion hosted by the author of “Effective Enterprise Java”, Ted Neward.


This session will be a great opportunity to listen & participate in a discussion on all things relating to enterprise Java.