Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Belfast JUG 23-10-2013

757 views

Published on

Belfast JUG 23-10-2013

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Belfast JUG 23-10-2013

  1. 1. Belfast Java User Group Stuart Greenlees Eamonn Long Niall McLoughlin Wednesday 23/10/2013
  2. 2. Belfast Java User Group Agenda Introduction to the Belfast JUG • What is a JUG? • Some Logistics • How can you get involved? JavaOne Key Notes 20+ New Features of JEE7 Extras
  3. 3. Belfast Java User Group What is a JUG?
  4. 4. Belfast Java User Group Java User Groups (JUGs) are volunteer organizations that strive to distribute Java-rela
  5. 5. Belfast Java User Group Relation to Tech Forums? Relation to LIT?
  6. 6. Belfast Java User Group Meet Quarterly October 2013 August 2014 February 2014 May 2014
  7. 7. Belfast Java User Group Where can I find the Belfast JUG? JUG Page on Java.Net: https://java.net/projects/belfast-jug The Belfast JUG is on the MAP!
  8. 8. Belfast Java User Group What are the Goals of the JUG? Key • Establish Regular meetings of Java Users in Belfast • Share Information about Java • Get people involved Optional • Adopt a JSR - https://java.net/projects/adoptajsr/pages/Home • Adopt Open JDK - https://java.net/projects/adoptopenjdk/pages/AdoptOpenJDK
  9. 9. Belfast Java User Group How can you get involved? We Need Help! • Create a Belfast JUG logo • Create a simple website/wikki out on Java.Net Contribute content • • • • • • Join the Java.Net project Post topic suggestions you would like to here about Post recommendations of any good speakers you would like to hear from Contributing to OpenSource we would love to hear from you E.g. Night-hacking with Raspberry Pi Post Content on the java.net wiki/mailing list
  10. 10. Belfast Java User Group How Do I sign Up?
  11. 11. Belfast Java User Group JUG Leadership Team Stuart Greenlees – s.greenlees@liberty-it.co.uk Eamonn Long (a.k.a BlueArsedFly) – e.long@liberty-it.co.uk Niall McLoughlin – n.mclouoghlin@liberty-it.co.uk
  12. 12. JavaOne 2013 Keynote Speech Internet of Things Java 8 JEE7
  13. 13. Java 8 – What is a Lambda? Lambda expressions are anonymous methods Arguments person Arrow Expression or {Statement} -> person.getAge() > minimumAge Example usage with new Iterable.forEach default method: employees.forEach(e -> e.setSalary(e.getSalary() * 1.03)); The general syntax consists of an argument list, the arrow token ->, and a body. The body can either be a single expression, or a statement block. In the expression form, the body is simply evaluated and returned. In the block form, the body is evaluated like a method body. Benefits Internal Iteration Pass Behaviour not just Data Fluent Pipelined Operations Lazy Evaluation Parallelization
  14. 14. Java 8 –Streams A stream is a sequence of elements. Unlike a collection, it is not a data structure that stores elements. Instead, a stream carries values from a source, such as collection, through a pipeline. int sum = widgets.stream() .filter(w -> w.getColor() == RED) .mapToInt(w -> w.getWeight()) .sum(); // Filter // Map // Collect The operations filter, map, and forEach are aggregate operations. Aggregate operations process elements from a stream, not directly from a collection. A pipeline is a sequence of stream operations, which in this example is filter-map-sum. In addition, aggregate operations typically accept lambda expressions as parameters, enabling you to customize how they behave.
  15. 15. Java 8 – Lambda Stream Methods public interface Stream<T> extends BaseStream<T, Stream<T>> { /** * Returns a stream consisting of the elements of this stream that match * the given predicate. * * @param predicate a <a href="package-summary.html#NonInterference"> * non-interfering, stateless</a> predicate to apply to * each element to determine if it should be included * @return the new stream */ Stream<T> filter(Predicate<? super T> predicate); /** * Returns a stream consisting of the results of applying the given * function to the elements of this stream. * * @param <R> The element type of the new stream * @param mapper a <a href="package-summary.html#NonInterference"> * non-interfering, stateless</a> function to apply to each * element * @return the new stream */ <R> Stream<R> map(Function<? super T, ? extends R> mapper); }
  16. 16. Lambda – Filtering / Mapping Filtering List<Person> eligibleVoters = potentialVoters. stream(). // Get the List of voters as a Stream filter(p -> p.getAge() > legalAgeOfVoting). // Filter using Predicate collect(Collectors.toList()); // Convert Stream Back to List Mapping return mixedCaseStrings. stream(). // Get Stream from List map(s -> s.toUpperCase()). // Convert Value collect(Collectors.toList()); // Convert Back to List
  17. 17. Lambda – Method References // Reference to a Static method Arrays.asList("a", "b", "c").forEach(Printers::print) // Reference to an method on an instance public static void printPages(Document doc, int[] pageNumbers) { Arrays.stream(pageNumbers). map(doc::getPageContent). forEach(Printers::print); }
  18. 18. Java 8 – Lambda http://openjdk.java.net/projects/lambda/ Streams – Brian Goetz/Paul Sandoz CON7942_Sandoz-javaone-streamstopgear.pdf Stuart Marks TUT3877_Marks-JumpStartingLambda-v6.pdf Brian Goetz – State of the Lambda http://cr.openjdk.java.net/~briangoetz/lambda/lambda-state-final.html Java Tutorial http://docs.oracle.com/javase/tutorial/java/javaOO/lambdaexpressions.html JUnit Based Tutorial https://github.com/AdoptOpenJDK/lambda-tutorial
  19. 19. Adam Bien – Java Rockstar http://www.adam-bien.com/roller/abien/ Lightweight Java EE Architectures (Free Devcast) http://www.adam-bien.com/roller/abien/entry/lightweight_java_ee_architectures_a Rethinking JEE Design Patterns EJB’s are cool No need for DAO’s with EntityManager No need for DTO’s with JPA Entity No need to have an interface for every class Setting up JEE7 projects with Maven3 http://www.adam-bien.com/roller/abien/entry/setting_up_java_ee_7 Starting WebSphere with Java EE 6...in 3 seconds http://www.adam-bien.com/roller/abien/entry/starting_websphere_with_java_ee
  20. 20. Building Modular Cloud Apps - Luminis Technologies http://luminis-technologies.com
  21. 21. 20+ New Features of JEE7
  22. 22. 20+ New Features of JEE7 Bean Validation: Method Validation
  23. 23. 20+ New Features of JEE7 Concurrency: ManagedExecutor
  24. 24. 20+ New Features of JEE7 JPA: Schema Generation
  25. 25. 20+ New Features of JEE7 JPA: @Index
  26. 26. 20+ New Features of JEE7 JPA: Stored Procedure
  27. 27. 20+ New Features of JEE7 JTA: @Transactional
  28. 28. 20+ New Features of JEE7 JTA: @TransactionScoped
  29. 29. 20+ New Features of JEE7 JMS: JMSContext API
  30. 30. 20+ New Features of JEE7 JMS: Autocloseable
  31. 31. 20+ New Features of JEE7 Servlet: Improved Security
  32. 32. 20+ New Features of JEE7 WebSocket: Annotated server endpoint
  33. 33. 20+ New Features of JEE7 WebSocket: Annotated client endpoint
  34. 34. 20+ New Features of JEE7 JSF: Faces Flow
  35. 35. 20+ New Features of JEE7 JSF: Pass-through Attributes
  36. 36. 20+ New Features of JEE7 JSF: File Upload Component
  37. 37. 20+ New Features of JEE7 JAX-RS: Client API
  38. 38. 20+ New Features of JEE7 JAX-RS: Async Client
  39. 39. 20+ New Features of JEE7 JAX-RS: Async Server
  40. 40. 20+ New Features of JEE7 JSON-P: JSON Builder
  41. 41. 20+ New Features of JEE7 Batch: Chunk-style Processing
  42. 42. 20+ New Features of JEE7 Batch: Chunk-style processing
  43. 43. 20+ New Features of JEE7 Batch: Batchlet-style Processing
  44. 44. 20+ New Features of JEE7 Batch: Job/Step/Chunk Listeners
  45. 45. 20+ New Features of JEE7 Batch: Job/Step/Chunk Listeners
  46. 46. 20+ New Features of JEE7 Batch: Creating Workflows
  47. 47. 20+ New Features of JEE7 Batch: Creating Workflows
  48. 48. Ten Tips for Unit Tests • • Make the tests understandable • Comments • Expected Behaviour • Diagnostics • Absolute Repeatability • Must trust each test • Independent Tests only • Must run in any order • No dependencies • Diagnostics on Failure • Message in assets • Reference input data • Record test environment info • Make it simple to debug • • Think Before Testing • Input Data • What is it called • Expected Output No hard coding environment • Chained exceptions • Use config files for portability • Mock objects • No databases • No Extraneous Output • Too much output == confusion • Slient test • Use option/config to turn debug on Small and Simple • Use setup and teardown • Separate test logic from setup to make it easier to debug • Test 1 thing only • One scenario per test so its more obvious why it failed • Enables faster debugging • Fast Tests only • Run as often as possible • Quick results • Maintain quaility bar • More likely that devs will run with every change
  49. 49. Stress Testing – Arquillian & JMeter http://arquillian.org/ Arquillian brings the test to the runtime so you don’t have to manage the runtime from the test (or the build). Arquillian eliminates this burden by covering all aspects of test execution, which entails: • Managing the lifecycle of the container (or containers) • Bundling the test case, dependent classes and resources into a ShrinkWrap archive (or archives) Executing the tests inside (or against) the container http://jmeter.apache.org/ Apache JMeter - may be used to test performance both on static and dynamic resources (Files, Web dynamic languages - PHP, Java, ASP.NET, etc. -, Java Objects, Data Bases and Queries, FTP Servers and more). It can be used to simulate a heavy load on a server, group of servers, network or object to test its strength or to analyze overall performance under different load types. You can use it to make a graphical analysis of performance or to test your server/script/object behavior under heavy concurrent load.
  50. 50. Security – OWASP Top 10 Web App Defenses • SQL Injection Defence • Query Parameterization • Password Defences • Don’t limit length • credential-specific salt • Keyed functions • Multi-Factor Authentication • SMS / Mobile App / Tokens • Cross Site Scripting Defence • OWASP Java Encoder • OWASP HTML Sanitizer • JSHtmlSanitizer • Cross Site Request Forgery Defence • CSRF Cryptographic Tokens • Re-authentication • Controlling Access • Apache Shiro - comprehensive solution to authentication, authorization, cryptography, and session management. • Clickjacking Defence • response.addHeader( "X-FRAME-OPTIONS", "SAMEORIGIN" ); • App Layer Intrusion Detection • Input validation failure server side on non-user editable parameters • OWASP AppSensor Project • Encryption in Transit (HTTPS/TLS) • Credentials and Session IDs Encrypted in Transit • Use HTTPS/TLS from login to logout • Certificate Pinning • File Upload Security Jim Manico https://oracleus.activeevents.com/2013/connect/fileDownload/session/0C826D948B4001909E22C76D363E0E86 /CON5523_Manico-Top%20Ten%20Defenses%20v11.ppt
  51. 51. Security – OWASP Recommended Tools OWASP Java Encoder Project https://www.owasp.org/index.php/OWASP_Java_Encoder_Project XSS Defence - OWASP HTML Sanitizer Project https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project Apache SHIRO http://shiro.apache.org/ App Sensor Intrusion Detection https://www.owasp.org/index.php/OWASP_AppSensor_Project

×