By Neal Ford

Lots of developers want to use Agile development technique but don't know where to start. This session discusses how to get started with Agility, the key benefits you can expect, and the pitfalls to avoid.

There's the perfect world, and then there's the world you have to live in. Lots of organizations would like to reap the benefits of Agile development techniques but don't know how to get started. This session discusses the key benefits you can derive from Agile software development so that you can decide for yourself how many agile techniques will work within your organization. I discuss project planning and estimation, how to benefit from pair programming when you aren't allowed to pair, how to measure your progress, and other project milestones. Agile software development isn't just an unrelated set of activities, it is a discipline. Once you understand the component parts of the discipline, you can apply them to your less-than-perfect world.

Key Session Points

• What makes Agile tick?
• Flavors of agility
• Selectively applying agile practices
• Enforcing code quality
• Measuring progress
• Iterating over the waterfall
• Lessons learned

By Neal Ford

Is Service Oriented Architecture the next wave of distributed computing or just the same old crap in a shiny new package? This session provides an overview of what most people agree is the definition of SOA. I talk about SOA, ESB, CORBA, your MOM, and a bunch of other acronyms.

This session is a pragmatic look at SOA from a developer perspective, including such (never talked about) topics like tranports, granularity, versioning services, transformations, and whether you should be doing this or not. I show lots of slides with diagrams and talk about how to evolve towards an SOA. SOA can work if you ignore the hype and focus on the real meat: building loosely coupled message-based applications. This session discusses just that.

By Neal Ford

This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques.

Building secure web applications is difficult. Common trivial mistakes in other programming environments break web applications. This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques. The material in this session is derived from the Open Web Application Security Project (OWASP) and other sources. It covers the OWASP top 10 list of vulnerabilities (including examples). It also demonstrates some (legal!) hacker tools that malicious developers use against you. This session includes case studies showing complete attacks, from vulnerability acquisition to compromise. It also covers open-source tools (such as Stinger) that automate some of the security jobs for developers. This session is designed to scare you – but in a good way!

Key Session Points:
* OWASP List of Vulnerabilities

1. Insecure configuration management
2. Denial of service
3. Insecure storage
4. Improper error handling
5. Injection flaws
6. Buffer overflows
7. Cross site scripting flaws
8. Broken authentication and session management
9. Broken access control

10. Unvalidated input

    • Security Tools and frameworks
    • Case Study: Hacking Oracle through a browser
    • Case Study: Cross-site scripting
    • Case Study: SQL Injection

By Neal Ford

This session describes the use and workings of Selenium, the open source web user interface testing tool.

Selenium is one of the most powerful functional testing frameworks to come from the open source world in a long time. This session covers all aspects of Selenium, starting from its origins as an internal user-acceptance testing tool through testing Ajax applications. This session covers Selenium functionality, syntax of the test scripts (both HTML and the scripting language), keywords, testing techniques, recording tests, creating extensions, and testing Ajax applications. Selenium is the premiere testing tool for Ajax, so I show several examples of the power of Selenium combined with Ajax.

Key Session Points

• Selenium origins and background
• Installation
• Building tests
• API overview
• The Selenium IDE
• Testing Ajax Applications
• Future directions

By Neal Ford

This session shows you how to become a more productive programmer every day by using tools that you didn't know you already had.

<grizzled-programmer>
Why, in my day, we didn't have any fancy Gooey tools -- we did everything from the command line and we liked it. And, we got a lot more done than all you point-and-click monkeys
<grizzled-programmer>
Have you ever noticed that some old-school developers can run rings around you at the keyboard? Have you ever seen a 2 week problem become a 2 hour solution because someone knew a better way to solve it? This session is about all the command line and other tools that are extremely powerful yet widely neglected in today's graphical environments. This session shows you how to take advantage of those tools whether you run Windows, *Nix, or Mac. It focuses on specific recipes to make your job easier. I'll show you how to get around your computer in a hurry (no more clicking around in trees), how to find anything fast, how to manage projects and artifacts from the command line, how to automate the repetative tasks you find yourself doing every single day, how to stop repeating yourself, and how to stop repeating yourself. This session is guaranteed to improve your developer productivity by an order of magnitude.

Key Session Points

• Creating a common environment
• The Unix philosophy (without Granola or sandals)
• Automating common programming tasks
• Getting around in a hurry
• Searching techniques
• Text techniques
• Project management from the command line
• Stop repeating yourself
• Tying it together

By Neal Ford

This session discusses techniques and tools for debugging enterprise applications (without using System.out.println()!)

It's an interesting dilemma – we have the best tools for software development ever, yet developers are still debugging enterprise applications using ystem.out.println()! This session discusses techniques and tools for debugging enterprise applications. It shows how to perform remote debugging through all the major IDEs, either on the same machine or across a network. It also shows how to debug using the command-line jdb debugger (the only one guaranteed to always be available).This session shows how to debug web, EJB, and lightweight enterprise applications. It discusses class loaders, interactive enterprise debugging with Groovy, and how to automate repetitive tasks using JWebUnit and Selenium, making the computer do work for you instead of vice versa (how many times do you have to walk multiple pages through a web application to get to the point where you can debug it?). This session shows you how to automate these and other common debugging tasks. The goal is to make hunting and eliminating bugs in complex applications much easier.

Key Session Points: • Setting up remote debugging in IDE's    o Eclipse    o IntelliJ • Effective remote debugging • When it's all you've got: jdb and enterprise applications • Forensic debugging using loggers • Debugging web applications    o Inspector    o Bookmarklets • Debugging EJB • Debugging in lightweight frameworks • Interactive Debugging with Groovy • Automating debugging tasks    o JWebUnit    o Selenium

By Neal Ford

This session begins a detailed discussion about how to actually get XP done in the real world (and what to tell your boss). This session includes artifacts (project tracking sheets, code coverage reports, etc.) from real XP projects.

Extreme programming sounds a little too “ESPN2” for most managers, but there is a lot of sound engineering behind its principles. My employer, ThoughtWorks, has been extremely successful using the full XP stack and we have developed lots of experience with it. This session talks about how to do XP in the real world. XP is all about feedback loops, so I discuss how to replace the radical sounding ones with more palatable ones. I talk about the parts of XP that are absolutely vital (unit testing, collective ownership, continuous integration, etc) and the ones that you can introduce a little more slowly (pair programming, only a 40 hour work week). This session focuses on the practicality of XP and how you can adopt it at your organization. I also talk about political battles with managers, other departments, and barriers that pop up anytime you try to introduce change in a large enterprise. Discussion is encouraged (required) in this session.

Key Session Points: XP and Feedback Loops A pragmatic look at the XP practices     The planning game     Small releases     Metaphor     Simple design     Testing     Refactoring     Pair programming     Collective ownership     Continuous integration     40-hour week     On-site customer     Coding standards Sample Project Tracking Sheets Code Coverage Overcoming objections What to say to your boss and his boss XP in the real world

By Neal Ford

Continues the discussion from Part 1, focusing on how to keep the benefits of XP without sacrficing it's effectiveness. This session shows real artifacts of XP in action.

Extreme programming sounds a little too “ESPN2” for most managers, but there is a lot of sound engineering behind its principles. My employer, ThoughtWorks, has been extremely successful using the full XP stack and we have developed lots of experience with it. This session talks about how to actually get XP done in the real world. XP is all about feedback loops, so I discuss how to replace the radical sounding ones with more palatable ones. I talk about the parts of XP that are absolutely vital (unit testing, collective ownership, continuous integration, etc) and the ones that you can introduce a little more slowly (pair programming, only a 40 hour work week). This session focuses on the practicality of XP and how you can adopt it at your organization. I also talk about political battles with managers, other departments, and barriers that pop up anytime you try to introduce change in a large enterprise. Discussion is encouraged (required) in this session.

Key Session Points: XP and Feedback Loops Continuing the pragmatic look at the XP practices Tools to support agility Overcoming objections What to say to your boss and his boss XP in the real world

By Ted Neward

Java5 introduced a whole slew of new features, including annotations (JSR 175), new language features (the enhanced for loop, generics, static imports, and more), new library support (java.lang.instrument, among others), and some interesting enhancements to the virtual machine itself.

This presentation will go over those features, explain why they matter, and how you can take advantage of them in a variety of different practical ways. (For an audience comfortable with Java 1.4, as a 90-minute or half-day presentation.)

By Ted Neward

Ever wished you could just put parts of your program in end-users' hands and let them build the infinite little changes they want? Ever thought about how you might make your application more robust by writing less code, not more? Embed a scripting engine into your application--complete with the safeguards necessary to ensure that users can't do anything they shouldn't be able to--and release yourself from the Principle of Perpetual Enslavement.

This presentation will describe how to embed a scripting engine using BSF and/or Java6, discuss the pros and cons of the various ones available, and how to put enough safeguards around the scripts to make sure that your application can't be hijacked by bad users' scripts. (For any intermediate Java audience, as a 90-minute presentation. Ask about the possibility of delivering it as a half-day or full-day tutorial.)

By Ted Neward

Managing state--both transient state (like your shopping cart) and your durable state (like your order placements, your inventory management forms, and so on)--is tricky in an enteprrise application. In this talk, we'll examine some of the trickiness, both high-level and low-.

We'll talk about the various forms of data persistence, including "procedural-first", "relational-first" and "object-first" approaches. We'll also talk about the costs of data-access logic, and ways to mitigate those costs. In short, if you store or use data in an enterprise Java application (be it J2EE or Spring or otherwise), you'll want to be here.

By Ted Neward

There's a lot of talk about web services, and most of it falls into one of two categories: lots of low-level talk about vendor-specific tools and extensions, or lots of high-level talk that never shows you a line of code. XML services aren't that hard, and in this talk, we'll see how, why and when to do one.

We'll talk about XML (and why it's the format used), Schema (and the core subset of Schema to focus on using, along with tools to help work with Schema more easily), SOAP (and why it's really crucial to making XML services work), and more.

By Brian Sletten

Imagine the simplicity of REST married to the power of Unix pipes with the benefits of a loosely-coupled, logically-layered architecture. If that is hard to imagine, it may because the architectures available to you today are convoluted accretions of mismatched technologies, languages, abstractions and data models.

NetKernel is a disruptive technology that changes the game. It has been quietly gaining mind share in the past several years; people who are exposed to it don't want to go back to the tired and blue conventions of J2EE and .NET. Not only does it make building the kinds of systems you are building today easier, it does it more efficiently, with less code and a far more scalable runway to allow you to take advantage of the emerging multi-core, multi-CPU hardware that is coming our way.

Come see how this open source / commercial product can change the way you think about building software.

NetKernel makes the things you are doing now easier, but also makes new types of systems possible.

A wise man once said, "XML is like lye. It is very useful, but humans shouldn't touch it." If you've had to incorporate XML into your project by hand, you have probably been burned by getting too close. NetKernel turns this wisdom on its head and encourages you to use XML like the liquid data stream you want it to be.

But, XML is only part of the story. Resource-oriented computing is a generalized and revolutionary approach to modern, flexible systems. There is less code to write, but it is more fun to do. Orchestration of existing services and data sources is faster, easier and more encompassing than with more conventional technologies.

This talk will help explain what NetKernel is (app server? pipeline tool? embedded SOA?) and, through a comprehensive set of examples, give you a glimpse at a deeper software reality than you might have thought possible.

Disclaimer: There will be no blue pills given to you to make you forget what you have seen. Come with an open mind.

By Brian Sletten

Most people new to Aspect-Oriented Programming (AOP) are fed up with separation of concerns zealots explaining how great their techniques are at dealing with... logging. Ok, you get it. Logging is a cross-cutting concern that can be appropriately modularized. What else does AOP have to offer? A lot, it turns out. This talk will give an introduction to the motivations of AOP as well as a series of concrete examples drawn from enterprise and client side Java. Come learn how AspectJ-flavored AOP can begin to benefit you immediately either in development or production environments. Learn how to enforce architectural policies, find Swing threading issues, reduce the invasiveness of the Observer design pattern or even improve the reusability of your domain models. Now that Spring 2.0 provides support for AspectJ, the time has never been better to learn about these new (but backwards compatible) ways of thinking about building software.

Attendees will learn about
The history and reasons behind AOP
Development-oriented aspects that can be useful, but compiled out of production code
Production-oriented aspects that can simplify development and ease the burden of future changes
Basic AspectJ usage and jargon How to use AspectJ with Spring

Rating: Intermediate
Category: Architecture/Languages, Client Side Java, Server Side Java Prerequisites: Basic Java. Some level of AOP understanding is helpful, but not required. The pace of the introduction will depend on the average level of exposure the audience has previously had to AOP.

By Brian Sletten

REST sounds like such a simple thing. But, what is it really? How do you convince your boss to let you try it when she has been sold on the equation SOAP = SOA + P(rofit)? How do you go about building, deploying, publishing and orchestrating web services without the (Un)Holy Trinity of SOAP, WSDL and UDDI?

This talk will thoroughly examine this REST phenomenon in terms of its history, its goals, its consequences and where it fits into the Big Picture of SOA. We will also look at exposing existing tools/APIs through RESTful APIs.

If you find yourself interested in talking about REST without people dismissing it as trivial (yeah, but what is it?!?!), unsaleable (yeah, but I am trying to solve problems, not buy tools!) or not SOA (<insert your own joke here -- that one leaves me speechless>), come on by.

By Brian Sletten

Just as the world is feeling comfortable with the Web, Tim Berners-Lee et al inform us that what we have seen so far is just the beginning. His original plans at CERN were larger and grander. The Semantic Web is the new vision of machine-processable documents and metadata to improve search, knowledge discovery and data integration and management. While there are many naysayers chiding such grand visions, there are also pragmatic and useful technologies emerging that can be applied today.

Attendees will learn:

The history and motivations behind the Semantic Web The technology stack that will make it happen (including RDF and OWL) An overview of tools and technologies that are beginning to satisfy the vision

This talk stands on its own, but feeds into the "Experiencing the Semantic Web" talk which is more hands on.

Rating: Intermediate
Prerequisites: This is all so new, most engineers will find something to excite them.

By Venkat Subramaniam

You have worked on software projects with varying degree of success. What were the reasons for the success of your last project? What were the reasons for those that failed? A number of issues contribute to project success - some non-technical in nature. In this presentation the speaker will share with you practices in a number of areas including coding, developer attitude, debugging, and feedback. The discussions are based on the book with the same title as the talk.

In this session you will learn about practices beyond what well know methodologies prescribe. While we reemphasize some popular practices, we will also discuss other often overlooked, but important practices - practices that contribute to success of projects.

By Venkat Subramaniam

Refactoring is one of the core practices in Agile Software Development. Refactoring is based on some core principles that apply to more than writing good code. But, what's refactoring? Why should you do it? How do you go about doing that? What tools are available to successfully refactor your App?

In this presentation we will address each of these questions. We will take an examples based approach to look at code that can benefit from refactoring. We will discuss how to identify a case for refactoring. Then we will use tools to help us refactor.

By Venkat Subramaniam

As a Java developer, you have taken the time to learn the basics of the language and relevant parts of its rich API. However, you need more than that to develop serious industrial strength applications. In this presentation, the speaker will introduce you to a number of open source tools which you can use to improve your application quality and your development process.

Instead of simply going through a laundry list of tools available, the speaker will engage you with motivation to use these tools, and show examples of their practical use.

We will start by looking at tools for unit testing and creating mock objects. We will then take a look at tools that will help you to ensure certain performance of your critical code.

You know writing good code is more than simply using an OO language. We will look at tools that will help you with code metrics, so you can analyze, and refactor your code to reduce coupling and undesirable dependencies.

But, what about hidden critical errors in your code, like synchronization problems that may potentially lead to deadlocks? We will look at how you can use open source tools to proactively eliminate these from your code.

Finally, we will look at tools available for automating your project and getting extreme feedback though out the development cycle.

By Venkat Subramaniam

Rule based programming allows us to develop applications using declarative rules. These can simplify development in applications where such rules based knowledge is used for decision making.

In this presentation we will take a look at the tools and techniques for developing rule based applications. We will take a look at open source tools, discuss their strengths, capabilities, and limitations.

By Venkat Subramaniam

Object-oriented scripting languages, or agile dynamic languages, as some like to call those, are gaining programmers' attention. Groovy bring this excitement to the Java platform with its ability to generate byte code. You can use Groovy instead of Java for some parts of your application. By learning it, you can switch between the languages where you consider fit.

In this session we will learn what Groovy is. We will take an example driven approach to look at interesting features. We will see how a piece of code you would write in Java can be written, elegantly, using Groovy. In addition to the current features, we will also discuss the state of the language and tools.

By Venkat Subramaniam

Inspired by the Ruby on Rails project, Grails brings the ease of web development and "convention over configuration" to the Java platform. We will learn how to create web applications using Grails, how to integrate it with Hibernate, and how to Ajax it, all using the built in features of Grails. This section assumes that you are familiar with Groovy or you have attended the “Groovy for Java Programmers” session. The session will be example driven with live coding where we will build a web application from scratch.

In this session you will learn *How to create web application using Grails * Understand Grails Conventions * Learn how to use the code generators and how to manual create domain models, controllers, and view * AJAX your application * Integrate with database

By Venkat Subramaniam

You are convinced that Test Driven Development is good for you and your project. You realize the benefits it has to offer. What's holding you back? All the code and components that your code so heavily depends on is most likely making you wonder if TDD is really for you. We will start out by looking at dependency and dependency inversion. Then we will discuss how mock objects can help separate our code from its dependencies.

In this presentation, we will take an examples oriented approach to utilizing mock objects. We will first hand toss a mock and see how our code benefits from it. Then we will take a look at using frameworks that can assist with the creation of mocks.

By Scott Delap

Rich client application development using Java can be intimidating giving the vast flexibility in application design and structure. It also can be frustrating to create the large number of support services (persistence, menus, event and job frameworks) that a large scale rich client applications needs. The Eclipse Rich Client Platform is one project attempting to solve these issues by providing a core infrastructure that not only provides the day to day services a rich client application developer needs, but also providing a suggested path to guide you down the road of designing your application. This presentation introduces both the Eclipse RCP and the tools provided by the Eclipse IDE that assist developers in writing RCP apps.

Rich client application development using Java can be intimidating giving the vast flexibility in application design and structure. It also can be frustrating to create the large number of support services (persistence, menus, event and job frameworks) that a large scale rich client applications needs. The Eclipse Rich Client Platform is one project attempting to solve these issues by providing a core infrastructure that not only provides the day to day services a rich client application developer needs, but also providing a suggested path to guide you down the road of designing your application. This presentation introduces both the Eclipse RCP and the tools provided by the Eclipse IDE that assist developers in writing RCP apps.

How can a RCP Framework help my application? Menus Events Jobs etc.. Introducing Eclipse RCP The base of the Eclipse IDE Actively Developed Leveraged By Many Projects ... Eclipse RCP Services Plugins Core based on OSGi Extensions Menus/Toolbars/Actions Jobs View Framework Tools Support Plugin Editors Product Definition ... Deployment One Click Webstart Deployment Support Multiple Platforms

By Scott Delap

Too often, Swing applications are slow, ugly, and hard-to-maintain. It turns out that it doesn't have to be this way. Swing can be used to create highly-responsive, beautiful applications that are very maintainable. If this isn't consistent with your own experience, don't feel bad; its not very obvious how to make Swing sing.

In this session, I explore three topics that lead to much better Swing applications:

• Proper Swing threading
• High-quality third-party Swing look-and-feels
• Good practices for coding Swing applications

In the threading portion of the session, I explain Swing's event handling architecture and its implications for Swing applications. Understanding this topic is crucial to creating highly-responsive Swing apps. I demonstrate how to use this knowledge in the form of many live-coded examples, and I show how frameworks like SwingWorker and FoxTrot can make this easier. Java's default look-and-feel, Metal, is awful (and in my opinion, the "Ocean" theme in JDK 5.0 doesn't do enough to improve it); you should stop using it immediately. But creating good-looking applications is sadly more than slapping in a look-and-feel; you must also take care to understand the principles behind attractive layouts. I spend the second part of this session exploring how to make your Swing applications look great through a combination of third-party look-and-feels and layout techniques.

By Scott Delap

Today's users are beginning to demand richer and richer application experiences. Plain html pages simply don't cut it anymore. Applications like Google Maps (Ajax) and Yahoo Maps (Flash) show how the UI experience can be pushed to the next level. As an IT manager, how do you decide which route to take however? Should you use Ajax because it is the new "it" technology. Is Flash a viable option with its 95%+ browser availability? Perhaps Java deployed through web start is really the best choice in contrast to what the buzz would lead you to believe. This presentation takes a look at these three core rich client technologies from both deployment/user experience and ease of development perspectives.

Today's users are beginning to demand richer and richer application experiences. Plain html pages simply don't cut it anymore. Applications like Google Maps (Ajax) and Yahoo Maps (Flash) show how the UI experience can be pushed to the next level. As an IT manager, how do you decide which route to take however? Should you use Ajax because it is the new "it" technology. Is Flash a viable option with its 95%+ browser availability? Perhaps Java deployed through web start is really the best choice in contrast to what the buzz would lead you to believe. This presentation takes a look at these three core rich client technologies from both deployment/user experience and ease of development perspectives.

Meet the Players Java Swing Swt Example Apps Ajax Ajax 101 Example Apps Flash Flash 2006 Laszlo Flex Example Apps User Experience Java Ajax Browser Issues Back/Forward Hyperlinks Flash Deployment Java Web Start Ajax Cross Browser Issues Flash Development Java Tool Support Http Invocation UI Libraries Swing Swt Ajax XMLHttpRequest XML DOM's Javascript Can Struts Developer's Get This? Flash Laszlo Flex Playing Nice in the Browser Conclusions Applications that Work Well with Java Applications that Work Well with Ajax Applications that Work Well with Flash

By David Geary

In April 2005, annual growth rates for jobs in JavaServer Faces, Struts, and Ruby on Rails were all at about 0%. Today, Struts' growth rate still hovers around 0%, but JSF and Rails have taken off. At the end of 2007, both JSF and Rails were growing at a rate of between 400-500% annually (according to indeed.com).

JSF has passed the adoption tipping point, and is now the Java-based framework of choice, as is evidenced by its ecosystem. From vendors such as MyEclipse and RedHat to open source projects such as Seam, Facelets, and Ajax4JSF, JSF is where the action is.

Come see why JSF is so popular. In this code- and demo-intensive session, I'll show you the fundamentals of JSF.

This session is taught by a member of the JSF Expert Group for JSF 1.0 and 2.0., and co-author of the best-selling book on JSF: Core JavaServer Faces. David will take you through a whirlwind introduction to JSF including what JSF is, how it was developed, and how you can best take advantage of the technology. Here is a list of topics:

Components, managed beans, value expressions, and static navigation i18n, CSS, and actions The Faces Context and Faces messages The JSF Event Model Using JavaScript with JSF

This introduction to JSF also contains 5 live-code demos, where David will develop a simple, but robust application during the course of the session.

Prerequisite: Some knowledge of Java-based web applications, such as Struts, is a plus, but is not required. If you have a significant experience with JSF, you probably already know most of what's covered in this session.

By David Geary

In 2005, JSF hit its stride, as evidenced from overwhelming support from both vendors and the open-source community. JSF 1.0 had plenty of holes, but open-source projects have arisen to address those needs. This session takes a look at three of those projects: Tomahawk (MyFaces component library) FaceletsSeam

MyFaces is an open-source implementation of the JSF spec. In addition, MyFaces developers got a little carried away and also developed a useful set of custom components that you can use in your own applications, regardless of whether you use MyFaces as your JSF implementation. Those components are now packaged separately from MyFaces under the name Tomahawk.

Facelets is an open-source project from java.net that lets you implement views with Tapestry-like HTML pages. That technique is a powerful feature that lets graphic designers and software developers work separately in parallel.

Seam is a framework from JBoss that provides a component model that unifies the EJB and JSF component models. Seam makes great use of annotations to meld EJBs and JSF components in a seamless fashion (thus the name).

Lots is happening in the JSF space. Come to this talk and learn about these three exciting open-source projects.

By David Geary

JavaServer Faces is a perfect platform for implementing Web 2.0 interfaces with Ajax. This session explores how you can use these two potent technologies--JSF and Ajax--together to create applications that look and behave like desktop applications but run in the browser.

JavaServer Faces, with a mature component model and flexible lifecyle, is a perfect platform for implementing Web 2.0 user interfaces with Ajax. This session explores using JSF and Ajax to create applications that act like desktop applications but run in a browser.

We'll start with a quick look at implementing basic Ajax in a JSF application. Then, once your bloodthirst has been slaked, we'll dive deeper into Ajaxian Faces dynamics with a form completion demo that requires its implementor to understand two simple, but vital facts about JSF.

If you're savvy, you probably use client-side validation to augment your server side validation logic, which parenthetically, is no no-brainer in either of the leading web application frameworks, JSF or Rails. But anyway, client-side validation is old school. All the cool developers nowadays use Ajax to implement realtime validation, where you sneak a trip to the server as an unwary user types into your input fields. But to accomplish that, we'll have to dive even deeper into JSF, with concerns such as accessing view state and accounting for client-side state saving.

All of this Ajax development is great fun, but most of it is best relegated to components and frameworks, which are the topics that will wrap up our session. We'll see how to keep your JavaScript separate from your JSF components and how to pass JSP tag attributes all the way through to JavaScript. Finally, we'll take a look at Ajax4jsf, a JSF component library with a tag library that blends Ajax into JSF in a natural, intuitive way without having to write JavaScript.

As web developers, we've been handcuffed long enough by the shackles of Web 1.0 development. Come to this session and see the brave new world of Web 2.0 development with one of the hottest web application frameworks.

By David Geary

JavaServer Faces is a well designed user interface framework, but it lacks a number of features you might otherwise expect out of the box; for example, JSF does not explicitly provide support for client-side validation.

So, from the folks that brought you Struts, comes Shale, a collection of useful enhancements to JSF. A top-level Apache Software Foundation project, Shale adds some really cool features to vanilla JSF, including:

Web flow: script dialog flow Remote Method Calls: easily call JavaBean methods from JavaScript Tapestry-like views: code views in pure HTML Use Apache Commons Validator validators on the client or server, or both JSF testing framework: mocks for easy JSF testing

There's a lot of cool stuff in Shale that makes JSF a much more compelling proposition. Come see what it's all about.

This is a code-intensive, fast-paced look at Apache Shale. Forty-plus slides and five demos makes for an action packed session that illustrates the cool features that Shale provides.

By David Geary

Developing highly interactive web applications, for the most part requires knowledge of a wide array of technologies: HTML, CSS, JavaScript, XMLHttpRequest, JSP, JSF, etc.

With the Google Web Toolkit (GWT), Google turns that notion of development on its head. Instead, you implement Ajax applications by writing almost entirely in Java. You use an AWT-like API, which the Google compiler compiles to JavaScript that runs on the client.

In the early days of Java, application development with the AWT was relatively simple. You had to have a decent understanding of Java and AWT fundamentals, but once equipped with such knowledge, you could dive in and develop some impressive applications.

Ten years later, we have, in so many respects, gone significantly backwards. We've shoehorned technologies such as HTML into shoes for which they were never intended, and for our efforts, we have a mismatch of disparate technologies that one needs to knit together for a truly interactive web application.

This is the first session of a two-part presentation on the GWT, where I'll concentrate on GWT basics: implementing Ajax-enabled applications in Java, internationalization, testing, and remote procedure calls.

By Justin Gehtland

The Spring framework is one of the fastest growing open source frameworks. New job postings are gaining rapidly, and many customers are adopting Spring instead of heavier alternatives. In this session, we’ll introduce Spring. You’ll see how Spring can give you much of the power of EJB, without the complexity or pain.

Spring uses concepts like dependency injection and aspect oriented programming to ease standard enterprise development. Spring developers write plain, ordinary Java objects (POJOs), instead of sophisticated components. In this session, you’ll see a basic Spring application. You’ll also see some details about some of the enterprise integration strategies, including:

• Spring AOP • Transactions • Persistence • Model/view/controller

When the session is over, you won’t be an expert, but you should have a much clearer understanding of what Spring does, what it doesn’t do, and why it’s growing so rapidly.

This session, for the Spring beginner, helps you: • Understand dependency injection and inversion of control • Know the meaning of lightweight containers and Spring • Understand the basic pieces of Spring • See core Spring modules in action, including Persistence, AOP, transactions.

Attendees need not know anything about Spring. This session does talk about integration with core J2EE frameworks like JDBC and transactions.

By Justin Gehtland

Dependency Injection (DI) is the cornerstone of Spring. The core concept is quite simple, but (surprise!) actual practice can become complex. To take full advantage of Spring DI, you need to understand not only the basics on configuration, but also the container lifecycle model and the various hooks provided by the framework.

Topics will include

The difference between DI and Continuous Integration

Setter Injection

Constructor Injection

Factory Injection

Bean lifecycle

Method Injection

Using the ApplicationContext

Custom PropertyEditors

By Justin Gehtland

Spring offers developers a simpler, more robust method for configuring applications. These benefits extend to security through the ACEGI framework. ACEGI makes the otherwise daunting task of securing your application logical and straightforward. More importantly, through its support for single sign-on provision through Yale's CAS system and its ability to provide instance-level authorization, Spring extends the common security model of most J2EE apps beyond what they are traditionally capable of.

In this session, we'll explore:

• configuring ACEGI to authorize against an in-memory user list, a database, and a JAAS login module

• page level authorization

• method level authorization

• instance level authorization

• forcing HTTPS connections to secured sites

• impersonation using the RunAsManager

By Justin Gehtland

Ajax applications have unique architectural challenges and opportunities. This presentation will show you how to take advantage of the Ajax's strengths, and work around its quirks.

Topics covered will include

Selecting an Ajax toolkit

Dealing with browser differences

Handling the "Back" button

Degrading gracefully

Marshalling data

Managing XML

Minimizing roundtrips--or not!

When Ajax isn't enough

Packaging and deployment

Prior exposure to Ajax and JavaScript is very useful, but not required.

By Justin Gehtland

This presentation covers JavaScript from the perspective of an Ajax programmer. We assume that you may be using an Ajax toolkit, but still need to be able to read, modify, and test the JavaScript code in your application. You will learn the common idioms of JavaScript by looking at working code from the Ajax toolkits themselves.

All Ajax programmers need to know JavaScript. Toolkits will do some of the work for you, but your own JavaScript will differentiate your applications from others. A reading knowledge of JavaScript is also necessary when selecting an Ajax framework, and for testing and debugging applications.

We'll go straight to the interesting parts of JavaScript programming:

* Prototype-based inheritance
* Functional style
* Dynamic evaluation
* In-browser testing

We'll demonstrate these concepts using popular Ajax frameworks such as Dojo, Prototype, script.aculo.us.

By Justin Gehtland

O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer. This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.

O/RM (Object/Relational Mapping) seeks to eliminate repetitive or tedious work enabling the CRUD (create, read, update, delete) that underlies most applications. Hibernate is a popular, open-source O/RM tool that uses reflection (instead of code generation, like EJB, or bytecode injection, like JDO) to manage your persistence layer. This session will introduce you to Hibernate. After an overview of common usage scenarios, including web and enterprise applications, we'll examine the basics of getting Hibernate running. We'll cover the mapping file format and syntax, including common relational mapping structures. Then, we'll examine the Hibernate API for interacting with the framework. Finally, we'll cover the common architectural decisions you'll have to make as you include this (or any other) O/RM framework.

By Justin Gehtland

Hibernate is easy to get started with, but can sometimes be hard to make efficient or secure. In fact, the default settings for Hibernate createapplications that will run slowly, cause unwanted round trips to the database, and may be more restrictive and/or permissive from a security standpointthan you would otherwise want.

This session will show advanced techniques for tuning performance, including: • advanced collection mapping strategies • lazy loading • cascading update management • lifecycle management • Hibernate's interceptor layer In addition, we'll examine the security considerations when using Hibernate. Often, single-credential data access isn't enough for sensitive data. We'll walk through using per-user credentials for data access, logging security information about and through Hibernate, and accessing data sources through secure application servers.

By Brian Goetz

The Java language included support for threads and concurrency from day 1, but writing correct multithreaded programs is not easy. This session will cover the how and why of using threads in Java.

Programming is hard, but concurrent programming is harder. Concurrent programs are at risk for all the safety, liveness, and performance hazards that sequential programs are. But there are also many hazards that apply exclusively to multithreaded programs, such as race conditions, stale data, and deadlock.

If an object is going to be accessed from multiple threads, it should be thread-safe. The requirement for thread-safety is often introduced into Java programs not by explicit use of threads within the program, but by the use of frameworks, such as Servlets and Swing, which create threads and call application components from those threads.

This class will cover what is thread safety, how to create thread-safe classes, and what costs and benefits you can expect to encounter by using threads in your programs.

By Brian Goetz

JDK 5.0 is a huge step forward in developing concurrent Java classes and applications, providing a rich set of high-level concurrency building blocks.

Prior to the release of JDK 5.0, the Java platform provided basic primitives for writing concurrent programs, but they were just that -- primitive -- and difficult to use properly. Building multithreaded applications on the Java platform's low-level concurrency primitives posed many traps for the unwary, and many developers were forced to reinvent the wheel by writing their own classes for thread pools, semaphores, and task schedulers.

To help users create robust, scalable, and (most importantly) correct multithreaded applications, JDK 5.0 includes a rich set of high-level concurrency constructs, such as thread pools, semaphores, mutexes, barriers, and high-performance concurrent collection classes. Using these concurrency utilities will, in most cases, make your programs clearer, shorter, faster, easier to write, and more reliable. This session provides you with an overview of the new high-level concurrency utilities in the new java.util.concurrent package in JDK 5.0.

By Brian Goetz

Does your program have bugs, despite unit tests, integration tests, and code reviews? You bet. Are you using static analysis as part of your QA process? If not, you're probably missing out on some bugs that can be caught before they bite your customers.

The cost of finding a bug increases dramatically the longer it lurks without being discovered. Fortunately, today?s development tools (IDEs and compilers) can identify many potential bugs within a few seconds of their creation, resulting in higher quality code and more productive programmers. However, even the best programmers can create bugs that are very hard to spot if they make it through their first few minutes of their existence.

Until recently, automated code analyzers have not been very useful for mainstream developers. Most code analysis packages focused either on stylistic issues (such as indenting and variable naming), or on formal correctness proofs (which require an investment in specification that few developers can afford to make.)

FindBugs, an open-source tool developed by Bill Pugh and David Hovermeyer of the University of Maryland, has raised the bar for ease-of-use and effectiveness of automated code analysis for finding bugs. FindBugs has been able to find many serious bugs in production software, including Eclipse, JBoss, Apache Tomcat and Sun's JDK implementation, with an impressively low false-positive rate compared to other approaches.

This session will explore how static code auditing tools work, how it is easy to write bug-detector plugins to find new bug patterns, presents some common bug patterns and fun "find the bug" puzzles, and shows how code auditing tools can easily identify them.

Every developer will want to have these tools in their toolbox.

By Brian Goetz

Performance myths about the Java platform abound, from the general "Java is slow", to the more specific "reflection is slow", "allocation is slow", "synchronization is slow", "garbage collection is slow", etc. Many of these myths have their root in fact (in JDK 1.0, everything was slow); today, not only are many of these statements not true, but Java performance has surpassed that of C in many areas, such as memory management.

In this class, we'll look at some common Java performance myths, identify where they came from, and explore the platform changes that have rendered them no longer true. Many common performance hacks don't actually help, and some can seriously hurt performance. The result is that clean code that follows common usage patterns generally shows far better behavior on modern JVMs than code laden with tweaks designed to "help" the JIT or garbage collector. More often than not, this well-intentioned assistance has the unfortunate effect of undermining many common JIT optimizations, resulting in slower -- not faster -- code.

By Brian Goetz

What's the worst thing that can happen when you fail to synchronize in a concurrent Java program? Its probably worse than you think -- modern shared-memory processors can do some pretty weird things when left to their own devices.

Java was the first mainstream programming language to incorporate a formal, cross-platform memory model, which is what enabled the development of write-once, run-anywhere concurrent classes. It is the Java Memory model that defines the semantics of synchronized, volatile, and final.

However, because the most commonly used processors (Intel and Sparc) offer stronger memory models than is required by the JMM, many developers frequently use synchronization and volatile incorrectly, but have been insulated from failure by the stronger memory guarantees offered by the processor architecture they happen to be deploying on. (The infamous "double checked locking" idiom is an example of this sort of error.)

Understanding the Java Memory model is key to using the core concurrency primitives (synchronized and volatile) to develop thread-safe, efficient concurrent classes. We?ll cover what a memory model is (and why we should care), what synchronization really means, and what can really go wrong when we fail to synchronized correctly.

By David Hussman

The participants of this session will become agile customers and product owners, using personas to create stories for a sample product development.

The questions around user stories are many, and the list grows larger as their popularity of increases. Many organizations are on their path to adopting stories as requirements vehicles, possibly struggling with story writing as well as finding a way to fit them into their organization. Along with writing stories, this session will cover connecting with product owners and a short review of several tools for tracking and managing user stories.

By David Hussman

The presentation will briefly discuss stories, the origin and authoring of story tests, and a demonstration of how FIT and FitNesse (FIT living within a Wiki) can be used to automate acceptance tests.

Agile communities consider stories “done” when the acceptance tests (also called story tests) are shown to the customer. Originally, this was a manual process, but in recent years, several frameworks have been created to automate this process, providing acceptance testing all the benefits of automated unit testing. One of the most popular of these if called FIT, created by Ward Cunningham.

By David Hussman

This session will focus on tools and techniques for tracking an agile project plan from creation to project completion.

As agile grows, so too do the questions for how to track and communicate progress within the project community as well as to upper management and others interested in progress. We will create a simple plan in a planning tool, and run a mock project, showing how to estimate and use agile planning to communicating progress, addressing missed estimates, scope modifications, and more.

By David Hussman

As with many methodologies, moving agile into an organizations poses larger challenges. Before jumping in, it helps to ask a few questions before "racing toward agility". This session will provide 3 tactical steps that can help your adoption of agile.

There are many factors outside the developer world that can crash all the benefits of agile without regard to its success. This session will provide ways to select agile practices, create a transition plan for adopting agile, and bring people together before trying to adopt new techiniques that are part of agile development. Various tools and techniques will be discussed, and at least part of the session will include Q/A for the presenter to field specific questions about your organization.

By David Hussman

Adopting agile is different for each company, but most companies will go through some amount of change during the adoption of agile.

This session will discuss some of the most common difficulties for adopting agile and provide various plans of attack. The session will start with a listing of issues for the session participants, and some portion of the session will be dedicated to an open forum where the presenter will address the issues collected.

By Howard Lewis Ship

An introduction to the Apache Tapestry web application framework, which will explain the concepts and features of the framework with some simple applications. We'll discsuss Tapestry forms, request cycle, component object model. The use of several important components, including BeanForm and Table will be highlighted, along with meta-programming using the Trails framework.

Tapestry is a powerful open-source Java web application framework that stands apart from most other technologies used for creating web applications ? it is based on highly reusable components, which are assembled to form complete pages. This session will get you started with Tapestry, showing how to build a simple form-based application. Along the way, we'll see how Tapestry simplifies your job: We'll see how Tapestry HTML templates are easier to create and maintain than JavaServer pages (JSPs). We'll see how Tapestry's built in error reporting lets you find and correct errors with startling speed. We'll see how Tapestry takes over responsibility for building and interpreting application URLs, eliminating large amounts of boring, error-prone, manual coding. Most importantly, we'll see how Tapestry bridges from the stateless world of HTTP and servlets into a more natural, more productive world of actual object oriented engineering ? allowing you to build applications in terms of objects with methods and properties (a true revolution if you are used to traditional servlets).

We'll also take a peek into more advanced aspects of Tapestry, such as its input validation subsystem that provides server- and client-side validation, as well as more advanced Tapestry components such as Table (a powerful data grid), and the Trails meta-framework that creates complete applications without almost no coding. Once you've learned a little bit about Tapestry, you might find it hard to go back to your old approach!

By Howard Lewis Ship

In Tapestry, components are not an add-on; in fact, anything but! Tapestry components are integral to the entire framework ? if something dynamic is going on in a page, there's a component involved.

When building Tapestry applications, a constant problem solving approach is to create new components. Tapestry makes creating components very, very easy. In this session, we'll see how to create simple output-only components, and how to create components with their own templates. We'll also see how to create components that can have interactions with the user independent of the containing page. Tapestry is designed so that the components just drop in and work, and we'll touch on some advanced services included in Tapestry, such as JavaScript generation.

By Howard Lewis Ship

You've heard about unit testing but were daunted when it came time to put the pedal to the metal. That's because JUnit is just one tool and there's others you need to learn about, including the wonderful and wierd EasyMock and the easy and powerful TestNG.

Unit testing with JUnit only gets you so far; even when you've refactored your code and hidden all your implementations behinds interfaces you are still stuck with the problem of testing the individual pieces. If you've hit this point and despaired, know that there are tools to help ... including the wierd and wonderful EasyMock. We'll discuss unit testing in general, and how EasyMock is used to to generate mock objects, allowing you test each class in isolation. We'll also leave JUnit behind and investigate using TestNG, a modern and improved test framework. We'll then learn how to tame EasyMock's awkward API with some modest refactoring and naming conventions.

By Glenn Vanderburg

With the sudden importance of Ajax, it's time to take JavaScript seriously. That means learning it the right way: looking at the fundamentals of the language and surveying its strengths and weaknesses, instead of just copying other people's poorly written examples.

JavaScript got a bum rap. It's almost universally derided among serious programmers for being a toy language, or for its strange characteristics, or bugs, or slowness, or because it's only good for adding useless window dressing to web pages.

But JavaScript is actually a very nice little language which is popping up everywhere these days (not just in Ajax apps). Sure, JavaScript is quirky, but its problems are mostly due to history, association, and misunderstanding. Especially misunderstanding. Let's face it: most developers learned JavaScript by looking at examples in web pages they found online, and few of those examples are paragons of JavaScript style. Other developers learned JavaScript from books, but the typical JavaScript book ignores the fundamentals of the language, instead focusing on examples and the fastest ways to do fancy web page tricks.

In this talk, we'll go back to the basics that most JavaScript resources omit. We'll talk about JavaScript as a language, learning its fundamental concepts and the simple rules that underlie the sometimes bewildering behavior.

By Glenn Vanderburg

Building on part 1, this talk dives deep into JavaScript's object model. We'll see how it differs from more mainstream object-oriented languages, and why. We'll explore how to hide some of those differences, as well as the reasons you might not want to. Additionally, we'll cover useful tools for JavaScript testing, debugging, and profiling.

Ajax is not the focus of this talk, but a strong foundation in JavaScript is essential for working with Ajax.

By Glenn Vanderburg

The support infrastructure for your software project is a crucial factor for success. A new generation of tools offers significant benefits over their predecessors. This talk discusses how to choose the right mix of tools for a top-shelf project infrastructure.

The support infrastructure for your software project is a crucial factor for success. Many projects waste enormous amounts of time fighting through projects without the help of good tools. Other projects are on the right track, but could be even more successful by filling some crucial infrastructure gaps or by moving to improved tools, or by implementing policies that maximize the tools' power.

This talk looks at the latest generation of infrastructure tools, what makes them better, and how to use them well. Additionally, we'll examine the role of the infrastructure on projects and identify principles that help us understand what kinds of infrastructure we need. Tools examined will include CruiseControl, Rake, Subversion, Trac, and others.

By Glenn Vanderburg

The Java Collections framework is a cornerstone of Java development. It's been a part of J2SE for six years now. Every Java developer knows it—how to create Lists, Maps, and Sets, how to put things into them and take things out, and how to iterate over the contents. But there's a lot more to the collections framework than that -- and very few programmers really know how to exploit the power that's just under the surface.

The basics of the collections classes are so simple that many developers haven't even thought to look for the additional power that's there. And it's not just built-in capabilities, either. The design of the collections framework makes possible several powerful techniques and patterns that can magnify your productivity, as well as helping you build systems that are efficient and scalable.

It may seem strange to give a talk on a framework that every Java programmer already knows. But in every project I've worked on for the past six years, I've seen a lot of code that uses the collections poorly. More often than not, that code was written by skilled programmers with significant Java experience. In this talk, you'll learn how to use the collections well, exploiting their full power—the little-known capabilities, the extensibility features, and powerful patterns such as wrappers, adapters, and decorators. We'll also cover some new features that slipped into Java 1.5, plus a few especially useful third-party collection implementations.