Saturday May 10, 2008

JavaOne Day Four

After having breakfest with some Sun friends we headed for Moscone.

General Session

This was a full session of cool Java demos:

  • VisualVM
  • JavaScript features in NetBeans
  • NVidia APX 2500, Java 3D on a mobile device
  • Project Darkstar
  • Java Card 3.0 innovation, robots fighting
  • Pervasive Java
  • Livescribe, very cool device, i might have to get one of these. It's amazing what a key note talk will do for business. Before the CEO of Livescribe finished his demo ... people were leaving the session to buy one. People were lined up out the door of Moscone to buy one.
  • Java Real Time
  • License to Drive, Tommy Jr.
  • Java Rocks on Mars, Arizona State University
  • CERN
We had to leave after the last demo. Got on BART and headed for SFO ... until next year: June 2-5, 2009.

Thursday May 08, 2008

JavaOne Day Three

Day three ... here's my notes from todays sessions that I attended, more good stuff.

GWT and jMaki: Expending the GWT Universe

  • Why use jMaki
    • Hide compexity of JS / CSS
    • portable library
    • standarized event / data model: JSON
    • easy integration of 3rd party tech
    • encourage re-usable JS tech
    • integrates with existing applications
  • jMaki widgets: component.htm, component.css, component.js
  • Hello World widget
  • jMaki events: pub /sub mechanism, declarative events, programmtic events
  • jMaki Application Recipe
  • Demo: (sumltron)
  • jMaki-store on java.net has all the demo code
  • What is GWT
    • Framework for building Ajax apps
    • open source (Apache 2.0)
    • targeted at Java Lang users
    • java src is compiled to browsers compliant JS code
  • Why use GWT
    • brower issues
    • integrated client - server debugging
    • tool of your choice
    • no need to learn another language
    • hides complexity of JS
  • GWT model
    • generate skelaton app
    • set layout
    • add container or components
  • Component configuration
  • Adding a widget
  • Demo: NetBeans with GWT plug-in
  • Marry the best of both worlds
  • jMaki Charting for GWT
  • jmaki.org
  • code.google.com/webtoolkit

Advanced Web Application Security

  • Speakers: Jeremiah Grossman, Whitehat Security; Joe Walker, Sitepen
  • Learn how to keep the bad guys out of your website
  • Web Hacking today
    • Past two years, web sites are lot less secure than we thought
    • over 90% of websites have serious security issues
  • The Attackers, being more organized, not just hacking for fun
    • Who is the target: you, company, others
    • Who is the attacker: troublemakers, theives
    • Who is the victim: data, users, partners
  • Cross Site Request Forgery
    • Cross-Domain Rules: browsers job to enforce cookie usage
    • How to abuse a cookie without reading it
    • evil.com sends request to bank.com
    • all you need is iframe src to bad url, or img or script
    • cant use XMLHttpRequest because cross-domain rules not allowed
    • are write-only
    • GET and POST can be forged
    • Reffer checking is not a complete fix
    • Not just cookies that get stolen
  • Demo: CSRF: bladder.sitepen.com
  • How to protect yourself
    • Force users to logout
    • check referrer headers
    • include authen toketn with every request, cookie is not enough
    • security tokens in GET requests are not a great idea
    • POST means forms with hidden fields: OWASP servlet filter www.owasp.org
    • Double-submit cookie pattern (Ajax requests only), read in JS and submit in the body
  • JavaScript hijacking
    • using "script" auto evals the returned script
    • might be able to setup the env to get information from the script
    • JS lets you redefine anything, Object, Getters and Setters, reading data from a script service
    • use JSON properly; wrap data with { ... } anr wrap keys in ''
    • use unpredictable URLs or other authen
    • deny GET requests
  • Cross Site Scripting
    • allow content that could contain scripts from someone untrusted into pages from your domain
    • 3 types:
      1. reflected script embedded in the request is 'relfected' in the response
      2. stored: input is stored and played back in alter page
      3. DOM: script injected into document
    • scenario: let the user enter their name
    • make user input safe
      • need to filter lots of things
      • could put scripts in css files
      • browsers try to understand anything
      • flash, svg, .htc XML
    • web developers get lazy ... browsers make it look good, they get lazier
  • Demo: XSS
  • How to fix XSS
    • filter input by white-listing input characters, "a-z, A-Z",etc
    • filter outputs for display environment
      • well formed HTML
      • validate as HTML and throw away
      • take extra care over attributes
    • use AntiSamy
    • hacking RSS Readers
    • RSS feeds -- aggregator generally change the domain -- browser
    • Hacking RSS and Atom Feed Implementations
    • www.cgisecurity.com/papers/HackingFeeds.pdf
    • restrict input as much as possible, whenever possible
    • ensure output encoding is correct
  • Combination attacks
    • small holes multiple
    • web worms
      • grow faster than email worms
      • XHR/Flash/Quicktime
      • www.whitehatsec.com/downloads/WHXSSThreats.pdf
      • users can attack their 'friends' with scripts
  • Demo: web worm

Using DTrace with Java apps: bridging the observability

  • How to use dtrace in java
  • Introduction to DTrace
    • available in Jan 2005
    • dynamic instrumentation of the whole software system - top to bottom
    • use in production; safe, zero disabled overhead, minimal enabled overhead
    • powerful interpreted language
    • Probes: place of interest in the system where we can make observations
    • Aggregations: patterns are more interesting than individual datum, look for trends
    • jstack() Action: prints mix mode stack trace
    • Demo: dtrace
  • DVM provider
    • java.net project to add DTrace support
    • solaris10-dtrace-vm-agents.dev.java.net
    • download shared libs
    • lots of new probes, alloc, methods, time spent
    • Demo:
  • hotspot provider
    • Dtrace in JDK 6 "out of the box"
    • implements all dvm probes plus extensions
    • JNI method probes: entry/return points
    • certain probes are expensive, some off by default
    • Demo: cokeandcoffee.com space invader game
  • Visualization and project DAVE
    • Dtrace Advanced Visualization Environment
    • uses D script and method probes
  • JSDT
    • Java Env Statically Defined Tracing
    • Java SE 7
    • com.sun.tracing.\*;
    • @ProviderName() @ProbeName()
    • public interace MyProvder implements Provider {}

JSF 2.0: Insight and Opinion

  • Where is JSF today:
    • latest 1.2 maint release 1
    • Glassfish v2
    • Apache MyFaces 1.2.2 / Tomcat 6.0
    • Component Libraries
    • JSF is everywhere
    • Every app server, except Geronimo, use Sun impl
    • What should be in Java EE 6 Web Profile ... JSF 2.0 and Web Beans (the web profile debate)
  • Where are we going:
    • JSF 1.0, 1.1 planted the seed; lots of opinions, tool support limited
    • JSF 1.2, mostly planting, some harvesting; fixed JSP, little easier, more opinions
    • How we listened; mostly harvesting, tool vendors are building on JSF
    • Keep current on web trends; Rails (focus on CRUD), Rich Internet Apps
    • JSF still lives in the "Desktop" space: ServerSide UI Framework
    • Top Five Goals
      • Components easier to deploy
      • Ajax support
      • Page Description Lang
      • Reduce config burden
      • Compat between component libs with vendors
    • Other Goals
      • state mgmt redo
      • bookmark urls (evetything is now a PORT)
      • zero deploy
      • tree traversal
      • scopes
      • better error reporting
  • What are we doing:
    • Easier to develop components: repackage as a single config, support locales, versions.
    • Facelets now core part of JSF
    • Template based Renderers and events from JSFTemplating
    • Should new components be added, maybe a component compat kit
    • Partial Tree Traversal
    • Partial PAge Update
  • Demo

Design Patterns Reconsidered

  • What is a Design Pattern: describe a problem that occurs over and over again. Don't do the same thing twice
  • Gang Of Four, Design Patterns
  • Creation, Structural, Behavioral
  • Patterns Backlash:
    • copy/paste, design by template, cookbook, stops people from thinking
    • Aren't patterns, workaround to lang missing features
    • Overuse; do a pattern just because it's there
  • Practical Patterns: a vocabulary, expose real issues, compare design choices
  • Singleton:
    • there can be only one
    • hard to know what they are really doing
    • hidden coupling
    • testing issues
    • Just one? it's a lie
    • possible memory leak
    • dependancy issues
    • Use interface and implementation
    • Control by configuration not by pattern
  • Template Method:
    • Pluggable Algorithm
    • usually abstracted methods
    • fighting over your inheritance
    • poorly documents intent to framework user
    • hard to maintain and evolve
    • use composition, context classes to expose state
    • Can closures help?
    • prefer composition to inheritance; easier to maintain, understand
  • Proxy
  • Vistor
    • operations over a composite heirarchy
    • tree / node example
    • one generic method which takes a "visitor"
    • define new visitors as needed
    • "The Expresion Problem"
      • add new cases to a data type
      • add new functions over data type
      • don't recompile when adding
      • don't lose static type safety
    • Where does navigation code live:
      • In node: limited to one navigaton strategy
      • In navigation node:
    • Common visitor types
      • Collector
      • Finder
      • Event:
      • Transform: modify the tree
      • Validation: verify structure
    • Problem: need to return a value, option: use Generics
    • Exception handling, store it in the visitor, generics
    • Can closures help
    • Learned: expression problem hard to solve. ngenerics add precision
  • Principles:
    • use interfaces and dependency injection
    • favor compostion over inheritance
    • leverage static typing and generics

Wednesday May 07, 2008

JavaOne Day Two

Here's my notes from another long day at the Moscone Center ... more great sessions

Ten ways to destroy your community

  • How to open source a project or how not to
  • When working on a open source project, you contract a diese ... a community
    • kiss your marketing plan good bye
    • mess up your product plans, unexpected innovation
    • they're never satisfied by any amount of quality ... no satisfying them
    • re-define who's a customer / partner, relationships change
    • you have to communicate all the time, who has time for that
  • Is there a way to address the menace: 10 steps to make it fail:
    1. difficult tools
      • issue trackers
      • weird build tools
      • single platform
    2. poisonous people; trolls, damage they can do
      • argue with them at length
      • denounce them public
      • ban them
      • argue in other forums
      • then allow them back in
    3. no documentation
      • no code
      • build methods
      • submission process
      • release process
      • how to install it
    4. Closed-Door Meetings
      • on-line, short notice
      • telephone meetings
      • meet in person, in secure office
    5. Legalese, legalese, legalese
      • the longer more complex the better
      • contributor, website, non-disclosure, trademark
      • change these docs all the time
    6. Bad liaison
      • someone reclusive
      • someone with no time
      • someone with no authority
      • someone unfamiliar with the technology
      • don't assign one at all
    7. Governance obfuscation
      • follow United Natations model
      • decision / election should be complex and lengthy
      • unclear what powers community have
      • rules nearly impossible to change
    8. Screw around with licenses
      • License == Identity
      • Developers have attachment to licenses (emotional)
      • Changing it or threaten to change it
    9. No outside committers
      • only employees get to be committers
      • if they ask, be evasive about it
      • have no written rules about how someone becomes a committer, or criteria is impossible to fulfill
      • promtoe an employee who doesn't code to be a committer
    10. Be silent: this is the most powerful of all
      • don't do anything
      • this is the easiest one
  • Ten ways to be successful:
    1. familiar tools
    2. discourage poisonous people
    3. document everything
    4. accessible meetings
    5. minize legalese
    6. expert liason
    7. governance simplification
    8. treat licenses with respect
    9. promote outside commtters
    10. communicate

Growing Open Source Developer Communities

  • goal / expectations
    • what are you building
    • different projects attract different contributors
    • product or platform
    • products extend
    • platforms are core
    • great projects do both aspects well, rare
  • code is king
    • starts with code and documentation
    • source code basic unit of open source
    • collaboration
    • first barrier is getting the source
    • make accessible
  • buildability
    • ensure builds for others
    • avoid unfamiliar, complicated tools
    • use open source build tools
    • document dependencies
    • make build work or fail fast
    • first impression, is important
  • tell the world about it
    • announce widely
    • freshmeat, osnews, slashdot, digg, reddit
    • development blogs
    • use blog aggregator / planet
    • use hackergotchis - recognition factor at conferences
    • who's the public face for the project
  • sharing wisdom
    • blogs have shared narratives
    • communities form around stories
    • how you write about yourself is how the world will see you
    • remains searchable forever
    • don't market project by slagging your peers
  • multimedia
    • podcasts let people hear your voice
    • get ideas into the ears
    • developer interviews
    • showcase people behind the code
    • screencasts, see features in actions
    • archive conference presentations
    • associate faces to a project
  • ubiquity
    • available to play with
    • Live CD, VMware images
    • success attracts success
    • present at local conferences
    • talk to press and analysts
  • the first patch is the hardest
    • smaller barrier to entry
    • make code build well
    • learn contributor interests
    • first impression matters a lot
  • converting volunteers into contributors
    • sources: porters, software distros, integrtors
    • work in other env
    • likely to become power users, try to tie them into the project
    • development is based on social trust networks
    • trust is earned through ood contribution
    • delegate early and often
    • encourgage good contributions
    • grow the developer pool
  • a bit of communication theory
    • two-step flow theory
    • info moves in two stages
    • mass media transmits
    • leaders pick it up, break it down, recombine it and disseminate it further
    • word-of-mouth
    • trust
  • the distribution model
    • linux distro aggregates open source
  • packaging
    • power users and marketers
  • tearing down the fourth wall
    • need infrastructure for collaboration
    • remove the committer access barrier to entry
    • mailing lists ( developers, users, announce)
    • IRC
    • bugtracker
    • setting priorities right
    • review tools
    • share results with everyone
  • ambient findability
    • serarhc engines drive a lot
  • social engineering
    • people are different
    • different strokes for different folks
    • keep out trolls
    • recognize through their posting behavior
    • encourage developers to take over responsibilities
    • volunteers to self-organize
    • developer audience is largely self-selecting
    • responses need to matter, even to the rude
    • avoid belittlement, hosility
  • it's not all code
    • non-programmers may want to help
    • docs, web site, marketng
    • low barrier to contrib
    • real world meetings and conferences
  • Governance
    • first time, join a foundation FSF, ASF, Eclipse, etc.
    • provide framework, legal and admin issues
    • pick an initial model (dictator, cliques, voters)
    • everyone different
    • expect to change over time
  • don't
    • mastermind and control the project
    • they to make everyone happy
  • don't fear the fork
    • experimental (good) and hostile (bad)
    • maybe for marketing
    • trademark assurance of code pedigree
    • best discouragement is a well-run project
  • dealing with legalese
    • don't create own license
    • stick with what developers know
    • prepare to change it
    • copyright assignments lets you change your mind
    • trademarks
    • patents

JRuby on Rails: Web Development Evolved

  • Overview of Ruby features
  • Overview of JRuby
    • Started in 2001
    • Java impl of the Ruby language
    • Opensource
    • Commercail backing, Sun, Thoughtworks
  • Why JRuby over Ruby
    • performance, scalability, native threads
    • integrate with Java libraries
  • Easy to use Java
    • require 'java'
  • Use juby within a Java program
  • Ruby on Rails:
    • web dev framework
    • single threaded, shared-nothing design
    • convention over configuration, common case should be the easiest
    • don't repeat yourself (dry)
    • agile development
  • Demo: create a blog application
  • Why JRuby on Rails
    • Ruby
    • Java app server, Java EE platform
  • Real world
    • mix.oracle.com
    • mediacast.sun.com
    • mingle, first JRoR product
  • Future: Ruby
    • rework integration feature
    • public api
    • better performance
    • light weight objects?
  • JRuby on Rails
    • mutltithreaded rails
    • runtime info sharing, avoid memory hit

Ajax and JSF: Natural Synergy

  • How to support Ajax without javascript guru
  • JSF in action book
  • What is JSF, standard framework for web user interfaces
  • JSF is a specification, component and event model, basic ui components, application infrastructure
  • Extensive tool support, RAD style design
  • third party component market
  • on top of Servlet API
  • Compare JSF and Struts
  • IDE effect; different levels and styles, not required
  • JSF programming model: View, Event, Backing Bean, out come, navigation
  • Pluggable Extension points: Resolver, View, Navigation, Action, State, Render
  • Ajaxian Faces: components and renders can be seperated, PhaseListeners can be modified, transparent Ajax support
    • JavaScript bridge sends request
    • PhaseListener sends changes
    • JavaScript Bridge updates page
    • some components may not be compatible
    • no standard for bridging, resource resolution
  • Sprinkling on Ajax
    • JSF event listener executed async
    • Ajax4jsf (RichFaces), AjaxAnywhere, DynaFaces
    • Ajax4jsf: add ajax support to JSF component with javascript events
    • Demo: apache myfaces tomahawk
  • Ajax inside
    • ECruiser Ajax Suite for JSF
    • ICEfaces, innovative take on ajax browser/server integration, direct-to-DOM, supports Comet
    • Infragistics NetAdvantage for JSF, full ajax support
    • Sun Project Woodstock
    • Apache MyFaces
  • Ajax on the outside:
    • what about those cool pure widgets
    • jMaki, wrqppers popular widgets, easy to create
    • YUI4JSF
    • DojoFaces
    • Mojarra Scales
  • Which one to pick
    • pick a component suite
    • myfaces tomahawk has some ajax support
    • has good JSF support
    • how much ajax do i need
    • use jMaki for eye candy or Web 2.0 components
    • don't forget tool support
  • rolling your own, use toolkits to build components
  • JSF 1.2: improve ajax support
  • JSF 2.0: late 2008, Java EE 6, incorporate more features, bookmarkable

What's new in Ajax

  • not long ago the web was not a fun place
  • now really nice interfaces
  • creating compelling user experiences
  • four main frameworks
    • jQuery, high level components
    • ext JS, thin ajax layer
    • dijit, on top of dojo
    • script.aculo.us , it's all about the interface
  • browser, is a single threaded process
  • access to threads outside the browser, google gears; worker pools (message passing)
  • Fluid, Mozilla Prism, Adobe Air; access to the desktop
  • Fluid: demo with campfire
  • userscripts.org uses greasemonkey, lots of javascript
  • problem wih ajax, need javascript and another language
  • how to create a better developer experience
  • Atana Jaxer - javascript on the server
  • netscape livewire (javascript on the server)
  • deployment
    • the cloud services - amazon EC2
    • Google App Engine - build code, hit the deploy button
    • Aptana Cloud - make cloud computing easy
    • moving your apps to a web service
  • how do we choose
    • dojo / dijit
    • jquery / jQueryUI
    • google widgit toolkit
    • prototype / script.aculo.us
  • The New Java Plug-in, 1.6 update 10
    • plug-in now out-of-process
    • improved applet deployment
    • smaller JDK, micro-kernel
  • Look into the future
    • Safari: css animation, reflections and masks
    • Mozilla monkeys, javascript runtime compiling, javascript two plugin for explorer, iron monkey (python)
    • constrant to browsers

How to build RESTful Clients with the JavaScript, Ruby, and JavaFX Programming Languages

  • RESTful web services
    • services are stateless
    • have unitform interface
    • built from resources via URIs
    • exchange representations of the resources
  • Building the client
    1. create request data
    2. send request
    3. parse the reponse
      • code, header, body
      • formats: xml, json, kml, taml, rss, etc.
  • Debuging RESTful client
    • PUT and DELETE is idempotent
    • non-connected
    • PUT vs POST
    • use POST if URI length issue
    • async issues, use XHR
    • authen
    • caching,
    • overloaing POST
  • Demo: JavaFX with flickr
  • Demo: Javascript with Amazon S3

Tuesday May 06, 2008

JavaOne Day One

JavaOne day one

First day of JavaOne. I got my Starbucks "Non-Fat, No Whip, Grande Mocha" and headed for Mosconne ... here are my notes from the sessions I attended.

General Session: morning

  • introductions from John Gage
  • talked about the sensors used throughout the conference, enter / level room, ir beams on all the doors
  • using RFID to check access to the sessions
  • power is being measured at the conference. and there's CO2 sensors.
  • video ... who will you be today ...
  • Rich Green:
    • announcements today
    • are you told which search engine to use
    • consumers are making choices ... even in the enterprise ... hand held devices
    • lots of competition for consumers' eye balls, they now have choices
    • need intuitive / easy / simple compeling environment
    • Ian Freed, amazon.com kindle
      • device, content and services
      • change book into another book, newspaper, browser
      • uses 3G wireless
      • buy the book, sent to the device
    • Rikko Sakaguchi, Sony Ericsson
      • walkman phones
      • java core to the technology strategy and vision
    • the screen/desktop is less and less important ... it now just a view port into the networked services.
    • rich internet apps: great UI,
    • need collaboration: developers, designers, artists ... small teams working together
    • creating the experience can take "too long"
    • people building on the work of others.
    • demo:
      • connected life, integrated social network feeds. built using JavaFX, facebook, twitter and flickr. move from browser to desktop
      • JavaFX 2D and 3D demos with videos
    • mobile devices: 2.2 billion devices, one runtime, one interface.
  • JavaFX roadmap
    • Java 6 update 10 preview release
    • july: SDK early access
    • fall JavaFX Desktop 1.0
    • spring: JavaFX ____ and TV 1.0
  • Glassfish v3: modular design
    • new kernel 98K, loads in 1 second
    • modular components: http listener, sip, etc.
  • Sun largest provider of open source software
    • glassfish, strong growing community, rate is increasing
    • mysql, 65,000 downloads / day
    • netbeans, wasn't only about java (other languages) join the eco systems, 44% growth year/year
    • OpenJDK, latest ubuntu release 8.04, redhat / fedora
  • bring technologies together to create a services platform, Project Hydrazine
    • a platform to design, build, deploy, manage services
    • Find, Merge, Deploy, Share, Monetize
  • Project Insite
    • new advertizing models, actions of users
    • JavaFX will have instrumentation, access user data
  • Jonanthan Schwartz:
    • battle emerging for next platform ...
      • reach more devices on the planet
      • need to make it compeling
      • java platform, more insite into the content, how users operate, we are out-of-the-loop
      • this will all be free, travel where ever the market will go
    • Neil Young:
      • Rocking in the free world
      • java.com/neil_young
      • sound challenges years ago
      • BlueRay demo

JRuby: What, Why, How ... Do it Now

  • Ruby, simple, productive, and fun.
  • main language is writen in C
  • pure object oriented language, no primitives
  • dynamically typed, "duck typing". very loosely typed
  • classes and modules, single inheritence
  • blocks ... anonymous methods, pass around and invoke
  • quick tour: metaprogramming, open classes, special handlers
  • JRuby: it's just ruby on top of the Java platform, improvements: native threading, better performance
  • Interactive Ruby Demo:
  • What are people doing with JRuby?
    • Swing: framework tools / projects: cheri, monkeybars
    • Tooling: NetBeans is the most popular
    • Pretty Graphics: ruby-processing library
  • Intoducing Ruby on Rails:
    • full stack web framework (MVC)
    • written in ruby
    • convention over configuration
    • don't repeat yourself, how DRY is your code
    • agile development environment
  • Why JRuby on Rails
    • greatly simplified application development
    • create apps quicky
    • deploy to app server
    • easy integration with exiting java technology
    • better performance
  • Production JRuby on Rails
    • Oracle's Mix
    • Suns Mediacast
    • ThoughtWorks' Mingle
    • Sonar - code/project analysis tool

JAX-RS: The Java API for RESTful Web Services

  • REST Primer
  • www.inoq.com
  • Give everything an ID ... a URI, everything has to have one
  • Link things together, send receive data
  • use standard methods: GET, POST, PUT, DELETE
  • multiple representations:
    • formats: XML, JSON, XHTML
    • maximize reach
    • support content negotiation:
  • stateless communications, long lived identifiers, avoid sessions, all needed data is within the request
  • common patterns;
    • Container, Item example: Atom publishing protocol
    • Map, Key, Value: example: Amazon S3
  • Key benefits:
    • server side: scaling, straightforward failover, cacheable, reduced coupling
    • client side: bookmarkable, experiment in browser, broad language support, choice of data formats
  • Everything is an ID
    • Thing == resource class
    • ID provided by @Path annotation
  • Link Things together
    • UriInfo, info about deployment context
    • UriBuilder, construct URIs
  • Use std methods
    • @GET, @POST, @PUT, @DELETE, @HEAD
    • @HttpMethod
  • Mutiple repesentations:
    • @PRoduceMime, @ConsumeMime
  • Demo: expose java system properties
  • Need to get the firefox plugin called "poster", very cool
  • JavaSE RuntimeDelegate
  • Jersey supports Grizzly
  • In public review, july final draft, final release in september
  • BOF @ 8:30 BOF-5613 - Jersey: RESTful Web Services Made Easy

General Session: afternoon

  • Project Hydrazine
  • Java EE 6
    • Theme ... rightsizing, flexibility, focus on segments of development community, simplify
    • Profiles: resource injection, security, naming
      • web profile
      • uses the JSR process
    • Pruning: certain technologies optional, depricated interfaces / features
    • Extensibility:
      • embrace open source libraries and frameworks
      • level playing field for extensions
      • scripting languages as first-class citizens
    • More ease of development: focusing on the web container
      • annotations across web apis
      • no editing of web.xml
      • self-registering third-party libraries
      • restful web services (jax-rs): example for activity log
      • scripting as an extension
  • Glassfish v3:
    • Modularity
    • extensible
    • OSGi-based
    • small foot-print, fast startup
    • multiple containers: ejb, web, scripting
    • mutliple language support: Jruby/rails, Jython/django, groovy/grails, javascript
  • Java SE 6:
    • web servces api
    • scripting languages
    • updated db apis
    • swing enhance
    • monitoring / management
    • compiler apis
    • pluggale interface
  • 2008:
    • over 7 million java developers, 700,000 jdk/month, 90.7% of PCs have java pre-installed
    • avg 48 million / month, JRE downloads
  • OpenJDK:
    • ubuntu core installed
    • apple has announced SE6 on leopard
  • Java SE roadmap:
    • performance release JRE 6u5p, setting new records
    • JRE 6u10
    • 7 next summer
  • SE 7:
    • modularity
      • support more code reuse, first-class modules
      • define a concrete file format, JAM
      • OSGi bundles
    • multiple langs
      • remove lang dependancies in the JVM
      • JRuby is first customer
      • bytecode for dynamic invocation
      • DaVinci Project
    • rich client support
    • Applets are back: new runtime: 6u10, shrink inital download size, quickstart
  • JavaFX Applets: take applets from the web page to the desktop (demoed on windows)
  • Wanting a media codec within the JDK, on2 technology into the javafx technology, any video anywhere
  • Demo: Parleys.com
  • Demo: Live Connect
  • Demo: Blending Worlds: bridging developers and designers

Secure Mashups and OpenAJAX

  • Origin, today 200 toolkits
  • Initiatives to drive interop; between components and browers

BOF: Jersey: RESTful Web Services made easy

  • JSR-311
  • in NetBeans 6.1, Glassfish v2/v3 update center
  • release 1.0 in September
  • join users@jersey.dev.java.net
  • Features:
    • WADL
    • JSON with JaxB Beans
    • Good support with jMaki
    • Containers:
    • IoC
    • MVC
    • client: great for testing
    • Reload
    • Comet
  • Demos
    • Secure PUT & POST
    • SunSPOT
    • smatch.com

BOF: REST vs. SOA - can we all just get along

About

Scott Fehrman

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today
News

No bookmarks in folder

Projects

No bookmarks in folder

Ref. Material

No bookmarks in folder