By Andrew Glover
Understanding what code coverage represents, how to effectively apply it, and how to avoid its pitfalls will give you an unprecedented understanding of how unit tests may or may not be covering you from sneaky defects.

You’ve drunk the XP cool-aide and made a concerted effort to actively unit test your code. After awhile, however, you may find yourself wondering how good are those tests? Are they actually covering the code adequately? Understanding what code coverage represents, how to effectively apply it, and how to avoid its pitfalls will give you an unprecedented understanding of how those unit tests may or may not be covering you from sneaky defects. We’ll talk code based coverage and specification-based coverage and we’ll look at the tools available to gather these metrics in both the open-source and commercial worlds. Additionally, we’ll examine the notion of mutation testing and its affect on code coverage.

By Andrew Glover
It has been said that Grails is the addiction and Groovy is the drug. If you want to start building slick web applications rapidly with Grails it helps to start with a solid understanding of the Groovy language itself.

It has been said that Grails is the addiction and Groovy is the drug. If you want to start building slick web applications rapidly with Grails it helps to start with a solid understanding of the Groovy language itself. In this session, we'll go over the basics of the language by focusing on the core of Groovy. We'll look at Groovy collections, Groovy's interaction with Java, creating Classes in Groovy, Groovy's MOP and much much more. By the end, you'll be a Groovy expert ready to embrace all the language has to offer.

By Andrew Glover
What makes Groovy particularly appealing with respect to other
scripting platforms is its seamless integration with the Java platform. Because it's based on the Java language (unlike other alternate languages for the JRE, which tend to be based on earlier predecessors), Groovy presents an incredibly short learning curve for the Java developer. And once that learning curve has straightened out, Groovy can offer an unparalleled rapid development platform.

What makes Groovy particularly appealing with respect to other
scripting platforms is its seamless integration with the Java platform. Because it's based on the Java language (unlike other alternate languages for the JRE, which tend to be based on earlier predecessors), Groovy presents an incredibly short learning curve for the Java developer. And once that learning curve has straightened out, Groovy can offer an unparalleled rapid development platform.

The secret to Groovy's success, in this regard, is its syntax, which is Java syntax, but with far fewer rules. For example, Groovy doesn't require semicolons, and it makes variable types and access modifiers optional. Moreover, Groovy makes use of the standard Java libraries you're already familiar with, including Collections and File/IO.
And, finally, you can utilize any Java library from within Groovy, including JUnit.

The fact is, Groovy's relaxed Java-like syntax, its reuse of standard Java libraries, and its rapid build-and-run cycle make it an ideal candidate for rapidly developing unit tests. But don't just take my word for it; let's see it in code!

By Andrew Glover
In the years since JUnit’s introduction, a number of frameworks have been built to enhance its utility for testing and validating XML, controlling the state of a database, testing legacy code, performance testing, and functional web testing.

Developer testing has arguably become an industry expectation due to the immediate positive affects testing code early has on software quality. It’s no surprise that Java’s JUnit framework has become the de facto standard for developer testing. In the years since JUnit’s introduction, a number of frameworks have been built to enhance its utility for testing and validating XML, controlling the state of a database, testing legacy code, performance testing, and functional web testing. In this session we’ll take a look at XMLUnit for testing XML related code, DbUnit for testing code which depends on a database, JUnit-addons for testing private methods, JUnitPerf for load and performance testing, and JWebUnit for functional web and user acceptance testing. We’ll also examine the extensibility of these frameworks in an effort to combine them into handy aggregate frameworks for performance testing of database code, scenario testing of web sites, and any other combinations we can cook up.

By Brian Sletten
Imagine the simplicity of REST married to the power of Unix pipes with the benefits of a loosely-coupled, logically-layered architecture. If that is hard to imagine, it may because the architectures available to you today are convoluted accretions of mismatched technologies, languages, abstractions and data models.

NetKernel is a disruptive technology that changes the game. It has been quietly gaining mind share in the past several years; people who are exposed to it don't want to go back to the tired and blue conventions of J2EE and .NET. Not only does it make building the kinds of systems you are building today easier, it does it more efficiently, with less code and a far more scalable runway to allow you to take advantage of the emerging multi-core, multi-CPU hardware that is coming our way.

Come see how this open source / commercial product can change the way you think about building software.

NetKernel makes the things you are doing now easier, but also makes new types of systems possible.

A wise man once said, "XML is like lye. It is very useful, but humans shouldn't touch it." If you've had to incorporate XML into your project by hand, you have probably been burned by getting too close. NetKernel turns this wisdom on its head and encourages you to use XML like the liquid data stream you want it to be.

But, XML is only part of the story. Resource-oriented computing is a generalized and revolutionary approach to modern, flexible systems. There is less code to write, but it is more fun to do. Orchestration of existing services and data sources is faster, easier and more encompassing than with more conventional technologies.

This talk will help explain what NetKernel is (app server? pipeline tool? embedded SOA?) and, through a comprehensive set of examples, give you a glimpse at a deeper software reality than you might have thought possible.

Disclaimer: There will be no blue pills given to you to make you forget what you have seen. Come with an open mind.

By Brian Sletten
Just as the world is feeling comfortable with the Web, Tim Berners-Lee et al inform us that what we have seen so far is just the beginning. His original plans at CERN were larger and grander. The Semantic Web is the new vision of machine-processable documents and metadata to improve search, knowledge discovery and data integration and management. While there are many naysayers chiding such grand visions, there are also pragmatic and useful technologies emerging that can be applied today.

Attendees will learn:

The history and motivations behind the Semantic Web
The technology stack that will make it happen (including RDF and OWL)
An overview of tools and technologies that are beginning to satisfy the vision

This talk stands on its own, but feeds into the "Experiencing the Semantic Web" talk which is more hands on.

Rating: Intermediate
Prerequisites: This is all so new, most engineers will find something to excite them.

By Brian Sletten
If you attended the "Introducing the Semantic Web" talk or have been paying attention, you understand where much of the current Web falls down. By building on languages like RDF and OWL our software will be able to do more for us to improve search and knowledge discovery. This talk is a more hands on introduction to using the core technologies of the Semantic Web for managing, storing querying and inferencing over metadata.

The audience will learn about

- The technology stack used by the Semantic Web including RDF, RDFS, and OWL
- Tools and technologies for creating, storing, manipulating and querying this data using the new SPARQL
- Managing and debugging ontologies
- Converting non-RDF data sources into RDF
- Using reasoners and inference engines to derive facts that are not explicitly stated

By Dave Thomas
Are you frustrated by experts who can't tell you what to do, or by junior team members who refuse to see the big picture? How can you best develop careers: both yours and those of your teammates and managers? How can we learn to apply experience more effectively, and why do the many approaches designed to tame complexity actually end up increasing it?

Dave Thomas, of The Pragmatic Programmers, describes the solutions to these and other problems as he turns the Pragmatic Spotlight (and a good dose of twisted humor) on formal learning models, the Nursing profession, and streamlining sheep.

By Dave Thomas
The Ruby on Rails framework has exploded onto the scene over the last few months. Propelled by some genuine benefits, and fueled by a whole lot of controversy, Rails seems here to stay. So, is it a Java killer? (No.) Is it a great way to develop certain classes of web application? (Yes.) Does it really deliver the 10-fold increase in developer productivity that some have claimed? (It depends...)



If you can't help thinking that there must be an easier way of developing web projects, come and join us as we construct an MVC-based Ruby on Rails application using the very latest libraries and tools. You'll get a taste of Ruby, and also a feel for some of the power and productivity gains offered by this remarkable framework. You'll need a grounding in Ruby to get the most from this talk; if you're not already a Ruby developer you might want to attend the Facets of Ruby talk before coming to this one.

By Dave Thomas
The Ruby on Rails framework has unit and functional testing baked right in. In this talk we'll see how easy it is to get started with testing in Rails, and we'll explore jut how deep the testing support goes.

We'll look at the basics: unit testing models and functional testing views and controllers. But we'll dig deeper, looking at the supplied mock objects and seeing how easy it is to add our own. We'll also investigate test fixtures, using them to generate both static and dnamic test data. Finally, we'll have a quick look at performance testing.

By Dave Thomas
Ajax is becoming a requirement for new applications: it creates richer
user experiences and more dynamic applications. However, doing Ajax by
hand is difficult and error prone. The good news is that if you use
Rails, you don't have to do Ajax the hard way.

Rails has built in helpers that support Ajax development,
and comes packaged with the powerful prototype.js and script.aculo.us
libraries.

Come see how Ajax can be made to work with your Rails applications as
we built a very dynamic ToDo list, and see how Ajax can be made robust
with a simple calculator.

By David Hussman
The participants of this session will become agile customers and product owners, using personas to create stories for a sample product development.

The questions around user stories are many, and the list grows larger as their popularity of increases. Many organizations are on their path to adopting stories as requirements vehicles, possibly struggling with story writing as well as finding a way to fit them into their organization. Along with writing stories, this session will cover connecting with product owners and a short review of several tools for tracking and managing user stories.

By David Hussman
This session will focus on tools and techniques for tracking an agile project plan from creation to project completion.

As agile grows, so too do the questions for how to track and communicate progress within the project community as well as to upper management and others interested in progress. We will create a simple plan in a planning tool, and run a mock project, showing how to estimate and use agile planning to communicating progress, addressing missed estimates, scope modifications, and more.

By David Hussman
The presentation will briefly discuss stories, the origin and authoring of story tests, and a demonstration of how FIT and FitNesse (FIT living within a Wiki) can be used to automate acceptance tests.

Agile communities consider stories “done” when the acceptance tests (also called story tests) are shown to the customer. Originally, this was a manual process, but in recent years, several frameworks have been created to automate this process, providing acceptance testing all the benefits of automated unit testing. One of the most popular of these if called FIT, created by Ward Cunningham.

By David Hussman
Adopting agile is different for each company, but most companies will go through some amount of change during the adoption of agile.

This session will discuss some of the most common difficulties for adopting agile and provide various plans of attack. The session will start with a listing of issues for the session participants, and some portion of the session will be dedicated to an open forum where the presenter will address the issues collected.

By David Hussman
As with many methodologies, moving agile into an organizations poses larger challenges. Before jumping in, it helps to ask a few questions before "racing toward agility". This session will provide 3 tactical steps that can help your adoption of agile.

There are many factors outside the developer world that can crash all the benefits of agile without regard to its success. This session will provide ways to select agile practices, create a transition plan for adopting agile, and bring people together before trying to adopt new techiniques that are part of agile development. Various tools and techniques will be discussed, and at least part of the session will include Q/A for the presenter to field specific questions about your organization.

By Eitan Suez
JiBX is an open source XML data binding API for Java. JiBX is younger than most other APIs in this space (Castor XML, BEA XMLBeans, JAXB). JiBX's philosophy on data binding is that: [a] databinding should be fast, and [b] databinding frameworks should allow for the divergence and evolution of your codebase from its xml representation. JiBX excels on both counts and consequently is a practical tool for the purpose of data binding. In this session, Eitan will be covering all aspects of Dennis Sosnoski's JiBX framework.

Session Goals:
To learn the JiBX API in detail. JiBX can considerably simplify the task of parsing XML content into business objects and generating XML representations of these business objects.

Prerequisites:
Basic understanding of XML, but not of any of the variety of standards that build upon that foundation. Basic understanding of the Java programming language.

Session Rating:
Intermediate

Category:
XML/Web Services

By Eitan Suez
This talk covers the core of the Hibernate Object/Relational Mapping framework by example; that is: in a hands-on manner.

What does this mean? Two things:
1. Rather than spending 1.5 hours going from slide to slide, passively covering various aspects of the Hibernate framework, you'll be actively building a sample application, modeling, persisting, querying information using Hibernate 3.1
2. Hibernate today is a mature and rich framework consisting of _many_ features. Discussion of features outside of the Hibernate "Core" will be sacrificed for the sake of presenting Hibernate in an active, "by example" style.

No a-priori knowledge of Hibernate is assumed. We'll cover the basics of Hibernate v3.1, XML mappings, the Hibernate Query Language (HQL), the Criteria API, custom UserType's, Components, and more! (This talk does not discuss auxiliary topics such as the EJB 3 persistence API, Annotations, or integrating Hibernate in managed (J2EE) environments).

By Eitan Suez
Join Eitan in this hands-on session on Naked Objects. This session uses the "learning by doing" approach to learning an API or framework. Naked Objects is a powerful tool that can give you a significant advantage in the development of business systems. It gives you the ability to prototype a software application so quickly that it can be performed during information gathering phases of a project. It gives you the power to codevelop the core business model of your application with a non-developer business expert at your side. No prerequisite knowledge of Naked Objects is required.

Session Goals:
To learn to write software applications (possibly system prototypes) using the NakedObjects framework. Developing applications that use NakedObjects requires knowledge of the conventions and contract of this framework. NakedObjects is a fairly radical development in the domain of business software application development. Awareness of the concepts and implications of expressive systems is an important secondary goal.

Prerequisites:
Basic understanding of the Java programming language and of object-oriented programming and design. Familiarity in the domain of business application software development.

Session Rating:
Intermediate

Category:
Architecture

By Eitan Suez
Today, the Cascading Style Sheets (CSS) specification is well supported by the major browsers (Mozilla, Safari, IE). CSS has become a practical tool for web content publishers that has helped turn heavy, buggy, and hard-to-maintain web sites into lean, clean, and stylish ones. CSS is sometimes stereotyped as a technology geared for graphic designers and artists. I beg to differ: I see CSS as a refactoring tool for content publishers and one that encourages content to become more strongly semantic. Come see a developer's perspective on CSS and how it can be applied to refactor your web content.

Session Goals:
To "grok" CSS. To dispell the myth that CSS is not a tool for software developers. To learn to wield CSS to produce superior web user interfaces.

Prerequisites:
Prior experience with web technologies (specifically HTML) is assumed. Audience is assumed to have a programming background.

Session Rating:
Intermediate

Category:
Languages

By Glenn Vanderburg
With the sudden importance of Ajax, it's time to take JavaScript seriously. That means learning it the right way: looking at the fundamentals of the language and surveying its strengths and weaknesses, instead of just copying other people's poorly written examples.

JavaScript got a bum rap. It's almost universally derided among serious programmers for being a toy language, or for its strange characteristics, or bugs, or slowness, or because it's only good for adding useless window dressing to web pages.

But JavaScript is actually a very nice little language which is popping up everywhere these days (not just in Ajax apps). Sure, JavaScript is quirky, but its problems are mostly due to history, association, and misunderstanding. Especially misunderstanding. Let's face it: most developers learned JavaScript by looking at examples in web pages they found online, and few of those examples are paragons of JavaScript style. Other developers learned JavaScript from books, but the typical JavaScript book ignores the fundamentals of the language, instead focusing on examples and the fastest ways to do fancy web page tricks.

In this talk, we'll go back to the basics that most JavaScript resources omit. We'll talk about JavaScript as a language, learning its fundamental concepts and the simple rules that underlie the sometimes bewildering behavior.

By Glenn Vanderburg
Building on part 1, this talk dives deep into JavaScript's object model. We'll see how it differs from more mainstream object-oriented languages, and why. We'll explore how to hide some of those differences, as well as the reasons you might not want to. Additionally, we'll cover useful tools for JavaScript testing, debugging, and profiling.

Ajax is not the focus of this talk, but a strong foundation in JavaScript is essential for working with Ajax.

By Glenn Vanderburg
The support infrastructure for your software project is a crucial factor for success. A new generation of tools offers significant benefits over their predecessors. This talk discusses how to choose the right mix of tools for a top-shelf project infrastructure.

The support infrastructure for your software project is a crucial factor for success. Many projects waste enormous amounts of time fighting through projects without the help of good tools. Other projects are on the right track, but could be even more successful by filling some crucial infrastructure gaps or by moving to improved tools, or by implementing policies that maximize the tools' power.

This talk looks at the latest generation of infrastructure tools, what makes them better, and how to use them well. Additionally, we'll examine the role of the infrastructure on projects and identify principles that help us understand what kinds of infrastructure we need. Tools examined will include CruiseControl, Rake, Subversion, Trac, and others.

By Glenn Vanderburg
Most of the time, Java's automatic memory management works really well—it's one of the things that makes programming in Java a pleasant and productive experience, and it's nice that we don't have to worry about managing memory manually. However, although it's usually nice to ignore memory management, occasionally we have to pay close attention. Sometimes we need to take control of certain aspects of memory management. Sometimes Java programs do exhibit memory leaks, or unacceptably long garbage collection pauses, or very poor overall performance. But because Java's memory management is supposed to be "fully automatic," it can be difficult to find out what's really going on inside the VM.



Java memory management is just like most labor-saving simplifications: it works well most of the time, but for the weird edge cases when it doesn't work quite right, it can be a nightmare. This talk opens the hood, examining the inner workings of Java's memory system, including allocation and garbage collection. We'll look at how to control the memory system and interact with it, what's costly and what's not, how to tune the garbage collector and when to switch to a different GC algorithm, and other topics.

By Glenn Vanderburg
Performance myths about the Java platform abound, from the general "Java is slow", to the more specific "reflection is slow", "allocation is slow", "synchronization is slow", "garbage collection is slow", etc. Many of these myths have their root in fact (in JDK 1.0, everything was slow); today, not only are many of these statements not true, but Java performance has surpassed that of C in many areas, such as memory management.

In this class, we'll look at some common Java performance myths, identify where they came from, and explore the platform changes that have rendered them no longer true. Many common performance hacks don't actually help, and some can seriously hurt performance. The result is that clean code that follows common usage patterns generally shows far better behavior on modern JVMs than code laden with tweaks designed to "help" the JIT or garbage collector. More often than not, this well-intentioned assistance has the unfortunate effect of undermining many common JIT optimizations, resulting in slower -- not faster -- code.

By Jared Richardson
Validating a platform is hard work. We'll look at several approaches and strategies you can use to keep your platoform solid.

The platform is much broader today than it's every been before and validating a platform, whether it's hardware, an operating system or a program, is hard work. Let's look at a few strategies for creating and maintaining good automated test coverage. There are no silver bullets or easy answers, but these techniques can make a huge difference in product stability and quality.

By Jared Richardson
Throughout our software careers we learn habits from our coworkers, from books we've read, and occasionally, from conferences we attend. Much of our competence comes from the tips and tricks we pick up as we go.


In this session, learn five of the techniques I've borrowed along the way. We'll discuss The List, code reviews, code change notifications, daily meetings, and tech leads. These techniques are often abused, but when used properly they can make a huge difference in how you develop software. Take this opportunity to add these practices to your toolkit.

By Jared Richardson
Are your product designs hit or miss? Do you have trouble building a loosely coupled system? Is your code incestuous? Refactoring not an option with your code base? Tracer Bullets help keep your project out of the fire.

Tracer Bullet Development:

* helps you create great software
* lends itself to an iterative cycle
* can be used for demos early and often
* is easily refactored
* allows your teams to work in parallel
* makes a very testable system



Tracer Bullets can coexist with nearly any other development methodology. Come see how easy it is!

By Jared Richardson
a.. Do you spend more time fighting your tools than writing code?
b.. Do you avoid merging your code with your teammates because of “Integration Hell”?
c.. Do the same bugs keep sneaking back into your product?
d.. Do your builds depend on the roll of the dice?

A good set of infrastructure tools can go a long way toward smoothing out these and other problems. Come see how to make your toolset work seamlessly in the background so you can Just Work. We'll cover source code management (SCM), build scripts, automated test harnesses, automatic builds, feature tracking and issue tracking.



As part of the session, we'll set up Subversion, create a project, and then add code for the SCM section ... just to obliterate the "it takes too much time to set up and use" argument. For build scripts, we'll add an Ant script. Let's throw in a few JUnits to demonstrate test automation, and then I'll put it all together in CruiseControl. The live demo will include breaking the build, then breaking the JUnit test, and then finally fixing it and seeing it all work.

For this first session, we'll look at Subversion, Ant, and start the Cruise Control discussion.

By Jared Richardson
This talk is a continuation of Part One of the Tools talk. During Part Two we'll cover Continuous Integration, automated testing, bug tracking, and feature tracking.

We'll set up CruiseControl and walk through it's functionality, then look at JUnit and how it fits into CruiseControl and the Continuous Intregration idea. Finally, we'll talk about tracking features and bugs.

If you don't make Part One you can still attend and benefit.

By Jason Harwig
With the recent popularity of AJAX, JavaScript has entered a renaissance in the last year, bringing with it both cool new features and the potential for a mess. An increased number of scripts executing in web pages can lead to embedded behaviors fighting with each other and crowding "onEvent"
attributes. Most developers know that embedding script in html is not a best practice, but creating reusable and gracefully degrading libraries in JavaScript is not a widely known skill.

In this session, we'll discuss best practices for unobtrusively adding AJAX features to your HTML without conflicting with JavaScript from other developers. In addition I'll demo several examples of unobtrusive scripting.

By Justin Gehtland
The Spring framework is one of the fastest growing open source frameworks. New job postings are gaining rapidly, and many customers are adopting Spring instead of heavier alternatives. In this session, we’ll introduce Spring. You’ll see how Spring can give you much of the power of EJB, without the complexity or pain.

Spring uses concepts like dependency injection and aspect oriented programming to ease standard enterprise development. Spring developers write plain, ordinary Java objects (POJOs), instead of sophisticated components. In this session, you’ll see a basic Spring application. You’ll also see some details about some of the enterprise integration strategies, including:

• Spring AOP
• Transactions
• Persistence
• Model/view/controller

When the session is over, you won’t be an expert, but you should have a much clearer understanding of what Spring does, what it doesn’t do, and why it’s growing so rapidly.


This session, for the Spring beginner, helps you:
• Understand dependency injection and inversion of control
• Know the meaning of lightweight containers and Spring
• Understand the basic pieces of Spring
• See core Spring modules in action, including Persistence, AOP, transactions.

Attendees need not know anything about Spring. This session does talk about integration with core J2EE frameworks like JDBC and transactions.

By Justin Gehtland
Dependency Injection (DI) is the cornerstone of Spring. The core concept is quite simple, but (surprise!) actual practice can become complex. To take full advantage of Spring DI, you need to understand not only the basics on configuration, but also the container lifecycle model and the various hooks provided by the framework.





Topics will include




The difference between DI and Continuous Integration

Setter Injection

Constructor Injection

Factory Injection

Bean lifecycle

Method Injection

Using the ApplicationContext

Custom PropertyEditors

By Justin Gehtland
Spring offers developers a simpler, more robust method for configuring applications. These benefits extend to security through the ACEGI framework. ACEGI makes the otherwise daunting task of securing your application logical and straightforward. More importantly, through its support for single sign-on provision through Yale's CAS system and its ability to provide instance-level authorization, Spring extends the common security model of most J2EE apps beyond what they are traditionally capable of.




In this session, we'll explore:

• configuring ACEGI to authorize against an in-memory user list, a database, and a JAAS login module

• page level authorization

• method level authorization

• instance level authorization

• forcing HTTPS connections to secured sites

• impersonation using the RunAsManager

By Justin Gehtland
Ajax applications have unique architectural challenges and opportunities. This presentation will show you how to take advantage of the Ajax's strengths, and work around its quirks.




Topics covered will include

Selecting an Ajax toolkit

Dealing with browser differences

Handling the "Back" button

Degrading gracefully

Marshalling data

Managing XML

Minimizing roundtrips--or not!

When Ajax isn't enough

Packaging and deployment


Prior exposure to Ajax and JavaScript is very useful, but not required.

By Justin Gehtland
This presentation covers JavaScript from the perspective of an Ajax programmer. We assume that you may be using an Ajax toolkit, but still need to be able to read, modify, and test the JavaScript code in your application. You will learn the common idioms of JavaScript by looking at working code from the Ajax toolkits themselves.

All Ajax programmers need to know JavaScript. Toolkits will do some of the work for you, but your own JavaScript will differentiate your applications from others. A reading knowledge of JavaScript is also necessary when selecting an Ajax framework, and for testing and debugging applications.

We'll go straight to the interesting parts of JavaScript programming:

* Prototype-based inheritance
* Functional style
* Dynamic evaluation
* In-browser testing

We'll demonstrate these concepts using popular Ajax frameworks such as Dojo, Prototype, script.aculo.us.

By Justin Gehtland
Hibernate is easy to get started with, but can sometimes be hard to make efficient or secure. In fact, the default settings for Hibernate createapplications that will run slowly, cause unwanted round trips to the database, and may be more restrictive and/or permissive from a security standpointthan you would otherwise want.

This session will show advanced techniques for tuning performance, including:
• advanced collection mapping strategies
• lazy loading
• cascading update management
• lifecycle management
• Hibernate's interceptor layer
In addition, we'll examine the security considerations when using Hibernate. Often, single-credential data access isn't enough for sensitive data. We'll
walk through using per-user credentials for data access, logging security information about and through Hibernate, and accessing data sources through secure application servers.

By Justin Gehtland
The Java platform is built from the ground up with security in mind. This talk will introduce the security features of the J2SE, building quickly from the basic classes to realistic examples. You will learn the core APIs: SecurityManager, AccessController, Permissions and Policy JAAS Subjects, Principals,
and LoginModules

You will then see how to invoke these APIs in real application scenarios. You will learn how to:
• Partition your applications to safely invoke downloaded code
• Read and write Java policy files
• Extend the architecture with custom permissions

By Mark Richards
The new EJB 3.0 spec (JSR-220) offers some great improvements over the prior EJB specs in terms of development simplicity and new features. In this session we will take a look at the new EJB 3.0 spec and the new Java Persistence API. Included in this session will be a discussion about Java metadata annotations, simplification of enterprise beans (session and message-driven beans), interceptors, changes in transaction processing, and how the new Java Persistence API works. During the session I will be demonstrating how the EJB 3.0 spec differs from the EJB 2.1 spec through code example comparisons. I will also be discussing how the new Java Persistence API compares to related Java persistence options and whether we should be excited about the new persistence API or (yawn) sticking with what we have.

Agenda
- Introduction
- EJB 3.0 New Features Summary
- Java MetaData Annotations – no more ejb-jar.xml?
- Constructing and accessing an EJB 3.0 Session Bean
- EJB 3.0 Transactions
- Interceptors and use of the @AroundInvoke annotation
- Entities and the Java Persistence API

By Mark Richards
Tired of dealing with EJBs but cannot use other frameworks like Spring? How would you like to replace all of your remote Stateless Session Beans with POJOs and still access them remotely within Java EE? By using the Java EE Command Pattern we can write EJBs as POJOs and solve many of the issues facing EJB, including testability, configuration complexity, and performance, and still remain within the boundaries of the Java EE container. The Java EE Command Pattern is a simple pattern that can significantly reduce the complexity of large-scale Java EE enterprise applications. In this session we will explore the numerous issues facing a typical EJB architecture and learn how the use of the Java EE Command Pattern can solve these issues. We will walk through the different design alternatives and see how the command pattern is implemented in both EJB3 and in Spring. Through interactive coding examples you will learn what components make up the Command Pattern framework and what simple coding changes are required to convert a complex remote EJB-based application to a much simpler remote POJO-based application.

Agenda
- Issues with J2EE
- Java EE Command Pattern Introduction
- Java EE Command Pattern Core Components
- The Command Pattern Framework Implementation (EJB)
- The Command Pattern Framework Implementation (Spring/RMI)
- Applying the Command Pattern to a Typical EJB Application

By Mark Richards
There has been a significant amount of buzz in the community and industry about the definition and role of an Enterprise Service Bus (ESB), particularly within the area of Service-Oriented Architecture (SOA). In this product-agnostic high energy se