Lots of developers want to use Agile development technique but don't know where to start. This session discusses how to get started with Agility, the key benefits you can expect, and the pitfalls to avoid.

There's the perfect world, and then there's the world you have to live in. Lots of organizations would like to reap the benefits of Agile development techniques but don't know how to get started. This session discusses the key benefits you can derive from Agile software development so that you can decide for yourself how many agile techniques will work within your organization. I discuss project planning and estimation, how to benefit from pair programming when you aren't allowed to pair, how to measure your progress, and other project milestones. Agile software development isn't just an unrelated set of activities, it is a discipline. Once you understand the component parts of the discipline, you can apply them to your less-than-perfect world.

Key Session Points

• What makes Agile tick?
• Flavors of agility
• Selectively applying agile practices
• Enforcing code quality
• Measuring progress
• Iterating over the waterfall
• Lessons learned

Is Service Oriented Architecture the next wave of distributed computing or just the same old crap in a shiny new package? This session provides an overview of what most people agree is the definition of SOA. I talk about SOA, ESB, CORBA, your MOM, and a bunch of other acronyms.

This session is a pragmatic look at SOA from a developer perspective, including such (never talked about) topics like tranports, granularity, versioning services, transformations, and whether you should be doing this or not. I show lots of slides with diagrams and talk about how to evolve towards an SOA. SOA can work if you ignore the hype and focus on the real meat: building loosely coupled message-based applications. This session discusses just that.

This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques.

Building secure web applications is difficult. Common trivial mistakes in other programming environments break web applications. This session highlights common mistakes made by web programmers, stating the problems and avoidance techniques. The material in this session is derived from the Open Web Application Security Project (OWASP) and other sources. It covers the OWASP top 10 list of vulnerabilities (including examples). It also demonstrates some (legal!) hacker tools that malicious developers use against you. This session includes case studies showing complete attacks, from vulnerability acquisition to compromise. It also covers open-source tools (such as Stinger) that automate some of the security jobs for developers. This session is designed to scare you – but in a good way!

Key Session Points:
* OWASP List of Vulnerabilities

1. Insecure configuration management
2. Denial of service
3. Insecure storage
4. Improper error handling
5. Injection flaws
6. Buffer overflows
7. Cross site scripting flaws
8. Broken authentication and session management
9. Broken access control

10. Unvalidated input

    • Security Tools and frameworks
    • Case Study: Hacking Oracle through a browser
    • Case Study: Cross-site scripting
    • Case Study: SQL Injection

This session describes the use and workings of Selenium, the open source web user interface testing tool.

Selenium is one of the most powerful functional testing frameworks to come from the open source world in a long time. This session covers all aspects of Selenium, starting from its origins as an internal user-acceptance testing tool through testing Ajax applications. This session covers Selenium functionality, syntax of the test scripts (both HTML and the scripting language), keywords, testing techniques, recording tests, creating extensions, and testing Ajax applications. Selenium is the premiere testing tool for Ajax, so I show several examples of the power of Selenium combined with Ajax.

Key Session Points

• Selenium origins and background
• Installation
• Building tests
• API overview
• The Selenium IDE
• Testing Ajax Applications
• Future directions

This session shows you how to become a more productive programmer every day by using tools that you didn't know you already had.

<grizzled-programmer>
Why, in my day, we didn't have any fancy Gooey tools -- we did everything from the command line and we liked it. And, we got a lot more done than all you point-and-click monkeys
<grizzled-programmer>
Have you ever noticed that some old-school developers can run rings around you at the keyboard? Have you ever seen a 2 week problem become a 2 hour solution because someone knew a better way to solve it? This session is about all the command line and other tools that are extremely powerful yet widely neglected in today's graphical environments. This session shows you how to take advantage of those tools whether you run Windows, *Nix, or Mac. It focuses on specific recipes to make your job easier. I'll show you how to get around your computer in a hurry (no more clicking around in trees), how to find anything fast, how to manage projects and artifacts from the command line, how to automate the repetative tasks you find yourself doing every single day, how to stop repeating yourself, and how to stop repeating yourself. This session is guaranteed to improve your developer productivity by an order of magnitude.

Key Session Points

• Creating a common environment
• The Unix philosophy (without Granola or sandals)
• Automating common programming tasks
• Getting around in a hurry
• Searching techniques
• Text techniques
• Project management from the command line
• Stop repeating yourself
• Tying it together

This session discusses techniques and tools for debugging enterprise applications (without using System.out.println()!)

It's an interesting dilemma – we have the best tools for software development ever, yet developers are still debugging enterprise applications using ystem.out.println()! This session discusses techniques and tools for debugging enterprise applications. It shows how to perform remote debugging through all the major IDEs, either on the same machine or across a network. It also shows how to debug using the command-line jdb debugger (the only one guaranteed to always be available).This session shows how to debug web, EJB, and lightweight enterprise applications. It discusses class loaders, interactive enterprise debugging with Groovy, and how to automate repetitive tasks using JWebUnit and Selenium, making the computer do work for you instead of vice versa (how many times do you have to walk multiple pages through a web application to get to the point where you can debug it?). This session shows you how to automate these and other common debugging tasks. The goal is to make hunting and eliminating bugs in complex applications much easier.

Key Session Points: • Setting up remote debugging in IDE's    o Eclipse    o IntelliJ • Effective remote debugging • When it's all you've got: jdb and enterprise applications • Forensic debugging using loggers • Debugging web applications    o Inspector    o Bookmarklets • Debugging EJB • Debugging in lightweight frameworks • Interactive Debugging with Groovy • Automating debugging tasks    o JWebUnit    o Selenium

This session begins a detailed discussion about how to actually get XP done in the real world (and what to tell your boss). This session includes artifacts (project tracking sheets, code coverage reports, etc.) from real XP projects.

Extreme programming sounds a little too “ESPN2” for most managers, but there is a lot of sound engineering behind its principles. My employer, ThoughtWorks, has been extremely successful using the full XP stack and we have developed lots of experience with it. This session talks about how to do XP in the real world. XP is all about feedback loops, so I discuss how to replace the radical sounding ones with more palatable ones. I talk about the parts of XP that are absolutely vital (unit testing, collective ownership, continuous integration, etc) and the ones that you can introduce a little more slowly (pair programming, only a 40 hour work week). This session focuses on the practicality of XP and how you can adopt it at your organization. I also talk about political battles with managers, other departments, and barriers that pop up anytime you try to introduce change in a large enterprise. Discussion is encouraged (required) in this session.

Key Session Points: XP and Feedback Loops A pragmatic look at the XP practices     The planning game     Small releases     Metaphor     Simple design     Testing     Refactoring     Pair programming     Collective ownership     Continuous integration     40-hour week     On-site customer     Coding standards Sample Project Tracking Sheets Code Coverage Overcoming objections What to say to your boss and his boss XP in the real world

Continues the discussion from Part 1, focusing on how to keep the benefits of XP without sacrficing it's effectiveness. This session shows real artifacts of XP in action.

Extreme programming sounds a little too “ESPN2” for most managers, but there is a lot of sound engineering behind its principles. My employer, ThoughtWorks, has been extremely successful using the full XP stack and we have developed lots of experience with it. This session talks about how to actually get XP done in the real world. XP is all about feedback loops, so I discuss how to replace the radical sounding ones with more palatable ones. I talk about the parts of XP that are absolutely vital (unit testing, collective ownership, continuous integration, etc) and the ones that you can introduce a little more slowly (pair programming, only a 40 hour work week). This session focuses on the practicality of XP and how you can adopt it at your organization. I also talk about political battles with managers, other departments, and barriers that pop up anytime you try to introduce change in a large enterprise. Discussion is encouraged (required) in this session.

Key Session Points: XP and Feedback Loops Continuing the pragmatic look at the XP practices Tools to support agility Overcoming objections What to say to your boss and his boss XP in the real world