This document provides an overview of Spring's support for building multi-client web applications. It discusses Spring's servlet support including the Servlet 3.0 initializer classes. It also covers Spring MVC, building mobile-friendly applications, native Android development with Spring, REST support, and securing applications with Spring Security. The document contains examples of core Spring features like controllers and uses diagrams to illustrate classic Spring MVC architecture. It aims to demonstrate these techniques through examples and code snippets.
Bring your Spring knowledge up-to-date by attending this workshop.
Instead of diving into functionality which was already there in older Spring versions, we will focus on the new Spring 4 features. We will however point out small API differences.
The structure of the Workshop will be as follows:
1. Java SE & Java EE support
2. Spring Core
3. Spring WebMVC
4. WebSockets & Messaging
5. Testing Improvements
This talk introduces some of the compelling features coming in Spring 3.1, 3.2 and then gazes into the future and looks at some of the powerful new features in the upcoming Spring 4.0 release.
HTML5 is all the rage with the cool kids, and although there's a lot of focus on the new language, there's lots of interesting new JavaScript APIs both in the HTML5 spec and separated out. This presentation will take you through demos and code behind the new JavaScript APIs, and explore where these features can be used
Bring your Spring knowledge up-to-date by attending this workshop.
Instead of diving into functionality which was already there in older Spring versions, we will focus on the new Spring 4 features. We will however point out small API differences.
The structure of the Workshop will be as follows:
1. Java SE & Java EE support
2. Spring Core
3. Spring WebMVC
4. WebSockets & Messaging
5. Testing Improvements
This talk introduces some of the compelling features coming in Spring 3.1, 3.2 and then gazes into the future and looks at some of the powerful new features in the upcoming Spring 4.0 release.
HTML5 is all the rage with the cool kids, and although there's a lot of focus on the new language, there's lots of interesting new JavaScript APIs both in the HTML5 spec and separated out. This presentation will take you through demos and code behind the new JavaScript APIs, and explore where these features can be used
Physical Web is an important component for the Smart Cities and for monetizing IoT projects. This talk explain what is it and how to implement it using Eddystone protocol.
Adding a modern twist to legacy web applicationsJeff Durta
Avoid misery of working with legacy code
We will see how you can add independent and isolated components to existing pages; pages that may be difficult to change
React and Flux allow you to make self-contained additions that handle their own data access/persistence
Everyone talks about raising the bar on quality of code, but it's always hard to start implementing it when you have no clue where to start. With this talk I'm shooing that there are many levels developers can improve themselves by using the right tools. In this talk I'll go over each tool with examples how to use them against your codebase. A must attend talk for every developer that wants to scale up their quality. Most PHP developers deploy code that does what the customer requested but they don't have a clue about the quality of the product they deliver. Without this knowledge, maintenance can be a hell and very expensive. In this workshop I cover unit testing, code measuring, performance testing, debugging and profiling and give tips and tricks how to continue after this workshop.
Building High Performance and Reliable Windows Phone 8 AppsMichele Capra
Have you ever dreamed to build a solid and fast application for your Windows Phone 8? Come to this session and you will see how to leverage the power of your device and how to deliver outstanding robust application. You'll discover how to unit test your WP8 application and how to tune its performance.
These are the slides for the talk given at https://www.meetup.com/South-Florida-Software-Testing/events/233980212
Short summary:
KISS (Keep It Simple Stupid) techniques and practices in Web UI Automation on topics:
- selenium webdriver vs wrappers
- XPath vs CSS Selectors + Selene
- End to End vs Atomic tests
- Pretty vs Simple reports
- BDD vs XUnit style of tests
- PageObject vs PageModules (OOP vs Procedural/Modular programming)
탑크리에듀교육센터(www.topcredu.co.kr)제공
스프링프레임워크 & 마이바티스(Spring Framework, MyBatis)
18번째 자료입니다. 참고하시어 많은 도움되셨길 바랍니다.
교육 및 수강문의/기타문의사항은 홈페이지(www.topcredu.co.kr)를 통하여 하실 수 있습니다.^^
The economies of scaling software - Abdel Remanijaxconf
You spend your precious time building the perfect application. You do everything right. You carefully craft every piece of code and rigorously follow the best practices and design patterns, you apply the most successful methodologies software engineering has to offer with discipline, and you pay attention to the most minuscule of details to produce the best user experience possible. It all pays off eventually, and you end up with a beautiful code base that is not only reliable but also performs well. You proudly watch your baby grow, as new users come in bringing more traffic your way and craving new features. You keep them happy and they keep coming back. One morning, you wake up to servers crashing under load, and data stores failing to keep up with all the demand. You panic. You throw in more hardware and try optimize, but the hungry crowd that was once your happy user base catches up to you. Your success is slipping through your fingers. You find yourself stuck between having to rewrite the whole application and a hard place. It's frustrating, dreadful, and painful to say the least. Don't be that guy! Save your soul before it's too late, and come to learn how to build, deploy, and maintain enterprise-grade Java applications that scale from day one. Topics covered include: parallelism, load distribution, state management, caching, big data, asynchronous processing, and static content delivery. Leveraging cloud computing, scaling teams and DevOps will also be discuss. P.S. This session is more technical than you might think.
What you need to know about Lambdas - Jamie Allenjaxconf
Lambdas are coming to the Java language in the upcoming release of Java 8! While this is generally great news, many Java developers have never experienced lambdas before, and may not realize the costs and pitfalls associated with this style of programming. In this talk, we will discuss the many issues of using Lambdas in Java as well as Scala, and measures we can talk to avoid them. We will also review concepts associated with lambdas to make sure everyone is on the same page, such as closures, higher order functions and Eta Expansion.
Physical Web is an important component for the Smart Cities and for monetizing IoT projects. This talk explain what is it and how to implement it using Eddystone protocol.
Adding a modern twist to legacy web applicationsJeff Durta
Avoid misery of working with legacy code
We will see how you can add independent and isolated components to existing pages; pages that may be difficult to change
React and Flux allow you to make self-contained additions that handle their own data access/persistence
Everyone talks about raising the bar on quality of code, but it's always hard to start implementing it when you have no clue where to start. With this talk I'm shooing that there are many levels developers can improve themselves by using the right tools. In this talk I'll go over each tool with examples how to use them against your codebase. A must attend talk for every developer that wants to scale up their quality. Most PHP developers deploy code that does what the customer requested but they don't have a clue about the quality of the product they deliver. Without this knowledge, maintenance can be a hell and very expensive. In this workshop I cover unit testing, code measuring, performance testing, debugging and profiling and give tips and tricks how to continue after this workshop.
Building High Performance and Reliable Windows Phone 8 AppsMichele Capra
Have you ever dreamed to build a solid and fast application for your Windows Phone 8? Come to this session and you will see how to leverage the power of your device and how to deliver outstanding robust application. You'll discover how to unit test your WP8 application and how to tune its performance.
These are the slides for the talk given at https://www.meetup.com/South-Florida-Software-Testing/events/233980212
Short summary:
KISS (Keep It Simple Stupid) techniques and practices in Web UI Automation on topics:
- selenium webdriver vs wrappers
- XPath vs CSS Selectors + Selene
- End to End vs Atomic tests
- Pretty vs Simple reports
- BDD vs XUnit style of tests
- PageObject vs PageModules (OOP vs Procedural/Modular programming)
탑크리에듀교육센터(www.topcredu.co.kr)제공
스프링프레임워크 & 마이바티스(Spring Framework, MyBatis)
18번째 자료입니다. 참고하시어 많은 도움되셨길 바랍니다.
교육 및 수강문의/기타문의사항은 홈페이지(www.topcredu.co.kr)를 통하여 하실 수 있습니다.^^
The economies of scaling software - Abdel Remanijaxconf
You spend your precious time building the perfect application. You do everything right. You carefully craft every piece of code and rigorously follow the best practices and design patterns, you apply the most successful methodologies software engineering has to offer with discipline, and you pay attention to the most minuscule of details to produce the best user experience possible. It all pays off eventually, and you end up with a beautiful code base that is not only reliable but also performs well. You proudly watch your baby grow, as new users come in bringing more traffic your way and craving new features. You keep them happy and they keep coming back. One morning, you wake up to servers crashing under load, and data stores failing to keep up with all the demand. You panic. You throw in more hardware and try optimize, but the hungry crowd that was once your happy user base catches up to you. Your success is slipping through your fingers. You find yourself stuck between having to rewrite the whole application and a hard place. It's frustrating, dreadful, and painful to say the least. Don't be that guy! Save your soul before it's too late, and come to learn how to build, deploy, and maintain enterprise-grade Java applications that scale from day one. Topics covered include: parallelism, load distribution, state management, caching, big data, asynchronous processing, and static content delivery. Leveraging cloud computing, scaling teams and DevOps will also be discuss. P.S. This session is more technical than you might think.
What you need to know about Lambdas - Jamie Allenjaxconf
Lambdas are coming to the Java language in the upcoming release of Java 8! While this is generally great news, many Java developers have never experienced lambdas before, and may not realize the costs and pitfalls associated with this style of programming. In this talk, we will discuss the many issues of using Lambdas in Java as well as Scala, and measures we can talk to avoid them. We will also review concepts associated with lambdas to make sure everyone is on the same page, such as closures, higher order functions and Eta Expansion.
Getting started with Websocket and Server-sent Events using Java - Arun Gupta jaxconf
Server-Sent Events defines a standard technology for server-push notifications. WebSocket attempts to solve the issues and limitations of HTTP for real-time communication by providing a full-duplex communication over a single TCP channel. Together, they bring new opportunities for efficient server-push and peer-to-peer communication, providing the basis for a new generation of interactive and “live” Web applications. This session provides a primer on WebSocket and Server-Sent Events and their supported use cases.
Building an Impenetrable ZooKeeper - Kathleen Tingjaxconf
ZooKeeper is the unsung hero. Although a critical component, ZooKeeper is often noticed only after it’s missing. In this presentation, we'll talk about how to efficiently resolve some of the common issues that can cause ZooKeeper’s unavailability. An impenetrable ZooKeeper makes for a healthy cluster. ZooKeeper provides reliable and timely coordination of processes.
Yehuda will talk about how the standards bodies are evolving the web to make it easier for web developers to evolve. Instead of trying to solve platform problems centrally, the web platform is increasingly giving us the power to decide what the next version will look like. What can we do with this power, and what should we do?
The New Reality: the Role of PaaS in Technology Innovation - Franklin Herbasjaxconf
Today, we are in the midst of a mobile, social, and big data revolution – a new era with the promise of never before imagined possibilities. We require a platform that can deliver these required capabilities in an easy to use manner. In-memory computing has becoming the leading solution for how these applications can bring together the huge amounts of varying data now available. You need a platform that offers services to develop real-time applications with mobile, social or big data capabilities.
In its 3.2 and 3.3 generations, the Spring Framework focuses on core features for asynchronous processing and message-oriented architectures, as well as enhancements to its caching support and its language support. The Spring Framework project also comes with a new Gradle-based build and a new GitHub-based contribution model. In this session, we'll discuss key features in this year's Spring 3.2 and next year's Spring 4.0, including support for upcoming standards such as JCache, websockets, JMS 2.0, and not least of all Java 8's language features.
There are many Java Cloud Platforms in the market today. CloudFoundry, CloudBees, Google App Engine, OpenShift, Heroku and, recently announced, Oracle Java Cloud Service. These variety of options often create a dilemma to choose a platform. This presentation would help in understanding and using these platform with some examples. This comparison would help in comparing them for selecting for your application. This presentation would also help in understanding various key factors to look for.
Apache Hadoop and its role in Big Data architecture - Himanshu Barijaxconf
In today’s world of exponentially growing big data, enterprises are becoming increasingly more aware of the business utility and necessity of harnessing, storing and analyzing this information. Apache Hadoop has rapidly evolved to become a leading platform for managing and processing big data, with the vital management, monitoring, metadata and integration services required by organizations to glean maximum business value and intelligence from their burgeoning amounts of information on customers, web trends, products and competitive markets. In this session, Hortonworks' Himanshu Bari will discuss the opportunities for deriving business value from big data by looking at how organizations utilize Hadoop to store, transform and refine large volumes of this multi-structured information. Connolly will also discuss the evolution of Apache Hadoop and where it is headed, the component requirements of a Hadoop-powered platform, as well as solution architectures that allow for Hadoop integration with existing data discovery and data warehouse platforms. In addition, he will look at real-world use cases where Hadoop has helped to produce more business value, augment productivity or identify new and potentially lucrative opportunities.
Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...jaxconf
Get introduced to the Vaadin framework by one of its core developers. Vaadin provides a desktop-like programming model on the server for creating Rich Internet Applications (RIAs) in plain Java - without the need for HTML, XML, plug-ins or JavaScript. In this session, Joonas lays out the key concepts of the server-side RIA development model and compares it to client-side RIA. To demonstrate the use of framework, an example application is developed during the session step-by-step. The presentation is concluded with pointers on how to start developing your own applications with Apache-licensed Vaadin-framework. You'll learn: * How to create a desktop like web application in Java * Difference between page oriented, client-side RIA and server-side RIA architectures * How Vaadin can be extended with Google Web Toolkit
MVC on the Server and on the Client: How to Integrate Spring MVC and Backbone...jaxconf
MVC is a well-known pattern used to reduce complexity and to increase reusability of your code, widely adopted in server-side languages. Spring MVC is an example of a really powerful framework that adopts this pattern extensively allowing you to create easily RESTful web services. MVC can also be applied to the client now and this approach really suits AJAX applications and single page applications. Backbone.js is one of the frameworks available to enforce this pattern. In this session we will explore how well you can integrate Spring MVC and Backbone.js in a really performant and neat single page application. Focus will be put on how Backbone.js can consume RESTful web services.
Android brings to the table a whole new set of building blocks:. Each has its own unique properties. Building an app is mashing them together in a unique way. Often, there are multiple approaches to seemingly the same result. Knowing what component to use when is often a balance of art and science. In this talk, we’ll explore the main building blocks of Android: activities, services, providers, receivers as well as intents that glue them all together. We’ll learn about properties and variations of each. By the end of this talk, you should know how to write a straw-man implementation of basic building blocks, when to use them, and how to connect them together. This talk is based on Ice Cream Sandwich release of Android.
The Evolution of Java Persistence in EclipseLink: Shaun Smithjaxconf
Data access today isn’t just about reading and writing from relational databases anymore. It’s also about mapping your objects to XML and to JSON for use in RESTful web services. It’s about being able to persist your objects in NoSQL databases and being able to cache them in data grids so you can scale out your application to hundreds of servers. The EclipseLink project is well known as an object-relational mapping framework and as the JPA 2.0 reference implementation in Java EE 6, but it is evolving to provide a comprehensive set of data services for Java developers building enterprise and cloud applications in Java EE, Java SE, and in OSGi. In this session we’ll dive into these new services and see how to build modern enterprise Java applications leveraging EclipseLink both in the back end for data persistence and on the front end to build RESTful services that support HTML5 clients.
This intensive workshop features the latest innovation in JavaServer Faces technology: JSF 2 composite components! With this exciting new feature, JSF 2 delivers on the promise of simplifying UI development and makes it easy to design, implement, package, and reuse custom UI components in Java web applications. In this session, participants will learn about the current evolution of JavaServer Faces technology and discover the state of the art of user interface development for Java web applications. Experienced Java trainer and JSF author Ian Hlavats provides an in-depth introduction to JSF 2 composite components and guides participants through an informative lecture and hands-on lab exercises geared towards developing a Java web application using JSF 2 composite components. After completing this workshop, participants will have demonstrated the knowledge and ability to customize a Java web application for JSF 2, design JSF 2 UI components, implement custom UI components using the Facelets View Declaration Language (VDL), add resources such as images and cascading stylesheets to a composite UI component, package composite components as part of a Java web application, and deploy a JSF 2 web application to a Java application server.
Norton lanseeraa uuden sideainejärjestelmän keraamisesti sidotuille hiomalaikoille, jotka on tarkoitettu tarkkuutta vaativaan hiontaan. Uutta patentoitua sideainejärjestelmää Vitrium3 voidaan käyttää useiden erilaisten hioma-aineiden kanssa ja näin alentaa hionnan kokonaiskustannuksia.
MeasureCamp IX (London) - 10 JavaScript Concepts for web analystsSimo Ahava
Here's my list of 10 JavaScript (related) concepts that I think all web analysts should understand at least on a basic level. A solid grasp of JavaScript is a base requirement for anyone working with the web browser.
There are more smart people building software now than there have been at any point in the past, which means that it's more important than ever to stay on top of new developments, libraries, frameworks, and everything else. To really take advantage of this wealth of innovation, however, you've got to look beyond your normal community -- what's going on in Python? And how can we use that to make our Ruby lives easier? In this session, we'll explore that question. We'll look at actual examples of code and concepts borrowed and reimplemented to form a better idea of when it's appropriate and when it'll fall flat.
Start developing for the Semantic Web with JAVA. This is an introduction how to tap into your linked data, open linked data and create flexible useful applications.
Nothing is as frustrated as deploying a new release of your web application to find out functionality you had doesn't work anymore. Of course you have all your unit tests in place and you run them through your CI environment, but nothing prepared you to a failing javascript error or a link that doesn't work anymore. Welcome to User Acceptance testing or UAT. Before you start putting real people in front of your application, create macros and export them as PHPUnit test classes. Then run them in an automated way just like your unit tests and hook them into your CI. In this talk I will show you how easy it is to create Selenium macros that can be converted into PHPUnit scripts and run automatically on different virtual machines (VM's) so you can test all different browsers on a diversity of operating systems.
Similar to Multi Client Development with Spring - Josh Long (20)
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
3. Servlet 3.0 Initializer Classes
public class SampleWebApplicationInitializer implements WebApplicationInitializer {
public void onStartup(ServletContext sc) throws ServletException {
AnnotationConfigWebApplicationContext ac = new AnnotationConfigWebApplicationContext();
ac.setServletContext(sc);
ac.scan( “a.package.full.of.services”, “a.package.full.of.controllers” );
sc.addServlet("spring", new DispatcherServlet(ac));
}
}
Wednesday, June 5, 13
4. Servlet Support in Spring
§ Spring Dispatcher Servlet provides a lot of powerful support
§ lots of convenient utility objects
HttpRequestHandlers supports remoting: Caucho, Resin, JAX RPC, etc.
DelegatingFilterProxy javax.filter.Filter that delegates to a Spring-managed lifecycle
HandlerInterceptor wraps requests to HttpRequestHandlers
ServletWrappingController lets you force requests to a servlet through the Spring Handler chain
OncePerRequestFilter ensures that an action only occurs once
WebApplicationContextUtils has a static method to look up the current ApplicationContext given a ServletContext
Wednesday, June 5, 13
5. Spring Web Framework Support
•Spring Faces for JSF 1 and 2
•Struts support for Struts 1
•Tapestry, Struts 2, Stripes, Wicket, Vaadin, Play framework, etc.
•GWT, Flex
Wednesday, June 5, 13
7. classic Spring MVC application architecture
DispatcherServlet controller
view
template
delegate
request
delegate
rendering of
response
render
response
return
control
model
model
incoming
requests
return
response
Wednesday, June 5, 13
8. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
// ...
}
Wednesday, June 5, 13
9. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value= “/url/of/my/resource”)
public String processTheRequest() {
// ...
return “home”;
}
}
GET http://127.0.0.1:8080/url/of/my/resource
Wednesday, June 5, 13
10. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value= “/url/of/my/resource”, method = RequestMethod.GET)
public String processTheRequest() {
// ...
return “home”;
}
}
GET http://127.0.0.1:8080/url/of/my/resource
Wednesday, June 5, 13
11. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value=“/url/of/my/resource”, method = RequestMethod.GET)
public String processTheRequest( HttpServletRequest request) {
String contextPath = request.getContextPath();
// ...
return “home”;
}
}
GET http://127.0.0.1:8080/url/of/my/resource
Wednesday, June 5, 13
12. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value=“/url/of/my/resource”, method = RequestMethod.GET)
public String processTheRequest( @RequestParam(“search”) String searchQuery){
// ...
return “home”;
}
}
GET http://127.0.0.1:8080/url/of/my/resource?search=searchQuery
Wednesday, June 5, 13
13. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value=“/url/of/my/{id}”, method = RequestMethod.GET)
public String processTheRequest( @PathVariable(“id”) Long id){
// ...
return “home”;
}
}
GET http://127.0.0.1:8080/url/of/my/12345
Wednesday, June 5, 13
14. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@Inject private CustomerService service ;
@RequestMapping(value=“/url/of/my/{id}”, method = RequestMethod.GET)
public String processTheRequest(Model model, @PathVariable(“id”) Long id){
model.addAttribute(“customer”, service.getCustomerById( id ) );
return “home”;
}
}
GET http://127.0.0.1:8080/url/of/my/12345
Wednesday, June 5, 13
15. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value=“/url/of/my/{id}”, method = RequestMethod.GET)
public String processTheRequest( ... ){
return “home”;
}
}
Wednesday, June 5, 13
16. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value=“/url/of/my/{id}”, method = RequestMethod.GET)
public View processTheRequest( ... ){
return new XsltView(...);
}
}
Wednesday, June 5, 13
17. the anatomy of a Spring MVC controller
@Controller
public class CustomerController {
@RequestMapping(value=“/url/of/my/{id}”, method = RequestMethod.PUT)
public ResponseEntity<byte[]> processTheRequest(UriComponentsBuilder componentsBuilder){
byte[] bytesToReturn = ...
HttpHeaders headers = new HttpHeaders();
headers.setLocation( componentsBuilder.toUri() );
return new ResponseEntity<byte[]>(
bytesToReturn, headers, HttpStatus.CREATED
);
}
}
Wednesday, June 5, 13
25. Roy Fielding’s “REST”
• The term Representational State Transfer was introduced and
defined in 2000 by Roy Fielding in his doctoral dissertation.
§ Takeaways:
• Use HTTP methods explicitly.
• Be stateless
• an HTTP resource is uniquely described by its URL
Wednesday, June 5, 13
27. RestTemplate
§ Google search example
§ Multiple parameters
RestTemplate restTemplate = new RestTemplate();
String url = "http://example.com/hotels/{hotel}/bookings/{booking}";
String result = restTemplate.getForObject(url, String.class, "42", “21”);
RestTemplate restTemplate = new RestTemplate();
String url = "https://ajax.googleapis.com/ajax/services/search/web?v=1.0&q={query}";
String result = restTemplate.getForObject(url, String.class, "SpringSource");
Wednesday, June 5, 13
28. the anatomy of a Spring MVC REST controller
@Controller
public class CustomerController {
@Inject private CustomerService service ;
@RequestMapping(value=”/url/of/my/resource”, method = RequestMethod.GET)
public @ResponseBody Customer processTheRequest( ... ) {
Customer c = service.getCustomerById( id) ;
return c;
}
}
GET http://127.0.0.1:8080/url/of/my/resource
Wednesday, June 5, 13
29. the anatomy of a Spring MVC REST controller
@Controller
public class CustomerController {
@RequestMapping(value=”/url/of/my/resource”, method = RequestMethod.POST)
public void processTheRequest( @RequestBody Customer customer ) {
// ...
}
}
POST http://127.0.0.1:8080/url/of/my/resource
Wednesday, June 5, 13
30. A Fly in the Ointment
•modern browsers only speak GET and POST
<filter>
<filter-name>hiddenHttpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>hiddenHttpMethodFilter</filter-name>
<url-pattern>/</url-pattern>
<servlet-name>appServlet</servlet-name>
</filter-mapping>
Wednesday, June 5, 13
33. Be Where Your Users Are
§ Best strategy? Develop Native
• Fallback to client-optimized web applications
§ Spring MVC mobile client-specific content
negotiation and rendering
• for other devices
Wednesday, June 5, 13
34. Registering Spring Android
@EnableWebMvc
@Configuration
public class MobileConfiguration extends WebMvcConfigurerAdapter {
@Override
public void addArgumentResolvers(List< HandlerMethodArgumentResolver > argumentResolvers) {
argumentResolvers.add(new DeviceHandlerMethodArgumentResolver());
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new DeviceResolverHandlerInterceptor());
}
}
Wednesday, June 5, 13
37. What is Spring for Android?
§ does not prescribe a dependency injection solution
§ provides an implementation of RestTemplate
Wednesday, June 5, 13
38. Some Native Android Code
public Customer updateCustomer(long id, String firstName, String lastName) {
RestTemplate restTemplate = new RestTemplate();
String url = “http://...8080/url/of/my/{id}”;
Customer input = new Customer(id, firstName, lastName);
ResponseEntity<Customer> re = restTemplate.postForEntity( url, input, Customer.class, id);
HttpStatus statusOfRequest = re.getStatusCode();
if(statusOfRequest.equals( HttpStatus.OK )){
Customer payloadOfResponse = re.getBody();
return payloadOfResponse;
}
...
}
Wednesday, June 5, 13
39. Make Work with
§ install android development kit http://developer.android.com/sdk/index.html
§ set up m2e-android http://rgladwell.github.io/m2e-android/
Wednesday, June 5, 13
44. What Problems Does OAuth Solve?
• new world of many, cooperating web services
• some web services may have a user context
• this user context can refer to a centrally managed identity (single sign-on)
• user passwords should be decoupled from the permissions a client is given
Wednesday, June 5, 13
48. Key Components of Spring Social
§ Connection Factories
• Creates connections; Handles back-end of authorization flow
§ Connection Repository
• Persists connections for long-term use
§ Connection Factory Locator
• Used by connect controller and connection repository to find connection factories
§ API Bindings
• Perform requests to APIs, binding to domain objects, error-handling (Facebook, Twitter, etc.)
§ ConnectController
• Orchestrates the web-based connection flow
§ ProviderSignInController
• Signs a user into an application based on an existing connection and links it to the local system
Wednesday, June 5, 13
52. The ConnectController
@Bean
public ConnectController connectController(
ConnectionFactoryLocator connectionFactoryLocator,
ConnectionRepository connectionRepository) {
return new ConnectController(
connectionFactoryLocator,
connectionRepository);
}
establishes an OAuth-secured connection with the service
provider and returns an access token
Wednesday, June 5, 13
53. The ProviderSignInController
@Bean
public ProviderSignInController providerSignInController(
final UsersConnectionRepository usersConnectionRepository,
final ConnectionFactoryLocator connectionFactoryLocator) {
SignInAdapter signInAdapter = ...
ProviderSignInController psic = new ProviderSignInController(
connectionFactoryLocator, usersConnectionRepository, signInAdapter);
psic.setSignInUrl("/crm/signin.html");
psic.setPostSignInUrl("/crm/customers.html");
psic.setSignUpUrl("/crm/signup.html");
return psic;
}
}
establishes an OAuth-secured connection with the service
provider and links it to a local account
Wednesday, June 5, 13
56. Security is Hard, Spring Security is Easy
§ Spring Security provides security services for the Spring framework
§ integrates with backend identity provider services like LDAP, JAAS, OAuth, etc.
§ API Bindings
• there are lots of implementations of the Spring Security API that can be used in terms of a particular backend
identity provider service.
§ can be used to secure web applications
• form submissions, XSS-protection, resource protection
§ can be used to secure method invocations
§ authentication and authorization API
§ cryptography implementations
Wednesday, June 5, 13
57. Install Spring Security in your web.xml or Application Initializer
public class CrmWebApplicationInitializer implements WebApplicationInitializer {
@Override
public void onStartup(ServletContext servletContext) throws ServletException {
String name = "springSecurityFilterChain";
Filter filter = new DelegatingFilterProxy();
FilterRegistration.Dynamic filterRegistration = servletContext.addFilter(name, filter);
filterRegistration.addMappingForUrlPatterns(null, true, "/");
filterRegistration.addMappingForServletNames(null, true, "spring");
filterRegistration.setAsyncSupported(true);
}
Wednesday, June 5, 13
58. Tell Spring About Your Identities: Inline
<sec:authentication-manager>
<sec:authentication-provider>
<sec:user-service>
<sec:user name="jlong" authorities="read" />
<sec:user name="mchang" authorities="read,write" />
</sec:user-service>
</sec:authentication-provider>
</sec:authentication-manager>
Wednesday, June 5, 13
59. Tell Spring About Your Identities With a Custom Implementation
<sec:authentication-manager>
<sec:authentication-provider user-service-ref = “customUserService” />
</sec:authentication-manager>
Wednesday, June 5, 13
60. Tell Spring About Your Identities with LDAP
<sec:authentication-manager>
<sec:ldap-authentication-provider ... />
</sec:authentication-manager>
Wednesday, June 5, 13
61. Secure Access to Certain Web Resources
<sec:http auto-config="true" use-expressions="true">
<sec:intercept-url pattern="/secured/**" access="hasRole('ROLE_USER')" />
<sec:intercept-url pattern="/**" access="isAnonymous()" />
<sec:anonymous />
</sec:http>
Wednesday, June 5, 13
62. Install a Sign-In Form
<sec:http auto-config="true" use-expressions="true">
<sec:intercept-url pattern="/secured/**" access="hasRole('ROLE_USER')" />
<sec:intercept-url pattern="/**" access="isAnonymous()" />
<sec:anonymous />
<sec:form-login
login-page="/crm/signin.html"
default-target-url="/crm/profile.html"
authentication-failure-url="/crm/signin.html?error=true" />
</sec:http>
Wednesday, June 5, 13
68. What Problems Does OAuth Solve?
• new world of many, cooperating web services
• some web services may have a user context
• this user context can refer to a centrally managed identity (single sign-on)
• user passwords should be decoupled from the permissions a client is given
Wednesday, June 5, 13
69. When Should I Use Spring Security OAuth?
§ when you want to build an OAuth authentication server
§ when your REST API has a user context that needs to be managed
Wednesday, June 5, 13
70. Spring Security OAuth
§ Extension to Spring Security
• originally a community contribution (now officially part of the project)
§ Features...
• endpoint management for OAuth service types
• token management (persistence, authentication)
• integrations for the web, as well as through standard Spring Security
Wednesday, June 5, 13
71. Tell Spring About the Clients That Might Connect
<oauth:client-details-service id="clientDetailsService">
<oauth:client
client-id="html5-crm"
scope="read,write"
authorities="ROLE_USER"
authorized-grant-types="authorization_code,implicit"
resource-ids="crm"/>
<oauth:client
client-id="android-crm"
scope="read,write"
authorities="ROLE_USER"
authorized-grant-types="authorization_code,implicit"
resource-ids="crm"/>
</oauth:client-details-service>
Wednesday, June 5, 13
72. Tell Spring About the Clients That Might Connect
<oauth:authorization-server
client-details-service-ref="clientDetailsService"
token-services-ref="tokenServices">
<oauth:authorization-code/>
<oauth:implicit/>
<oauth:refresh-token/>
<oauth:client-credentials/>
<oauth:password/>
</oauth:authorization-server>
@Bean
public InMemoryTokenStore tokenStore() {
return new InMemoryTokenStore();
}
@Bean
public DefaultTokenServices tokenServices(
InMemoryTokenStore tokenStore,
ClientDetailsService clientDetailsService) {
DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore);
defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices.setClientDetailsService(clientDetailsService);
return defaultTokenServices;
}
Wednesday, June 5, 13
73. Tell Spring About Which Resources It’s Protecting
<oauth:resource-server id="resourceServerFilter"
resource-id="crm" token-services-ref="tokenServices"/>
<sec:http pattern="/api/**"
create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager">
<sec:anonymous enabled="true"/>
<sec:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER"/>
...
Wednesday, June 5, 13
74. Tell Spring About Which Resources It’s Protecting
<oauth:resource-server id="resourceServerFilter"
resource-id="crm" token-services-ref="tokenServices"/>
<sec:http pattern="/api/**"
create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint"
access-decision-manager-ref="accessDecisionManager">
<sec:anonymous enabled="true"/>
<sec:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER"/>
<sec:intercept-url pattern="/api/users/**/photo" method="GET"
access="IS_AUTHENTICATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/api/users" method="GET" access="IS_AUTHENTI
CATED_ANONYMOUSLY"/>
<sec:intercept-url pattern="/api/**"
access="ROLE_USER,SCOPE_READ"/>
Wednesday, June 5, 13
75. Optional: Set Up an OAuth-Aware RestTemplate
<oauth:rest-template id="crmRestTemplate" resource="crm" />
Wednesday, June 5, 13
76. Enable Access to Certain OAuth-Context Objects in SpEL
<sec:global-method-security pre-post-annotations="enabled" proxy-target-class="true">
<sec:expression-handler ref="oauthExpressionHandler"/>
</sec:global-method-security>
<oauth:expression-handler id="oauthExpressionHandler"/>
<oauth:web-expression-handler id="oauthWebExpressionHandler"/>
Wednesday, June 5, 13