Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Belfast JUG 23-10-2013
1. Belfast Java User Group
Stuart Greenlees
Eamonn Long
Niall McLoughlin
Wednesday 23/10/2013
2. Belfast Java User Group
Agenda
Introduction to the Belfast JUG
• What is a JUG?
• Some Logistics
• How can you get involved?
JavaOne Key Notes
20+ New Features of JEE7
Extras
6. Belfast Java User Group
Meet Quarterly
October
2013
August
2014
February
2014
May
2014
7. Belfast Java User Group
Where can I find the Belfast JUG?
JUG Page on Java.Net: https://java.net/projects/belfast-jug
The Belfast JUG is on the MAP!
8. Belfast Java User Group
What are the Goals of the JUG?
Key
• Establish Regular meetings of Java Users in Belfast
• Share Information about Java
• Get people involved
Optional
• Adopt a JSR - https://java.net/projects/adoptajsr/pages/Home
• Adopt Open JDK - https://java.net/projects/adoptopenjdk/pages/AdoptOpenJDK
9. Belfast Java User Group
How can you get involved?
We Need Help!
• Create a Belfast JUG logo
• Create a simple website/wikki out on Java.Net
Contribute content
•
•
•
•
•
•
Join the Java.Net project
Post topic suggestions you would like to here about
Post recommendations of any good speakers you would like to hear from
Contributing to OpenSource we would love to hear from you
E.g. Night-hacking with Raspberry Pi
Post Content on the java.net wiki/mailing list
11. Belfast Java User Group
JUG Leadership Team
Stuart Greenlees – s.greenlees@liberty-it.co.uk
Eamonn Long (a.k.a BlueArsedFly) – e.long@liberty-it.co.uk
Niall McLoughlin – n.mclouoghlin@liberty-it.co.uk
13. Java 8 – What is a Lambda?
Lambda expressions are anonymous methods
Arguments
person
Arrow Expression or {Statement}
->
person.getAge() > minimumAge
Example usage with new Iterable.forEach default method:
employees.forEach(e -> e.setSalary(e.getSalary() * 1.03));
The general syntax consists of an argument list, the arrow token ->, and a
body. The body can either be a single expression, or a statement block. In the
expression form, the body is simply evaluated and returned. In the block form,
the body is evaluated like a method body.
Benefits
Internal Iteration
Pass Behaviour not just Data
Fluent Pipelined Operations
Lazy Evaluation
Parallelization
14. Java 8 –Streams
A stream is a sequence of elements. Unlike a collection, it is not a
data structure that stores elements. Instead, a stream carries
values from a source, such as collection, through a pipeline.
int sum = widgets.stream()
.filter(w -> w.getColor() == RED)
.mapToInt(w -> w.getWeight())
.sum();
// Filter
// Map
// Collect
The operations filter, map, and forEach are aggregate operations.
Aggregate operations process elements from a stream, not directly
from a collection.
A pipeline is a sequence of stream operations, which in this
example is filter-map-sum. In addition, aggregate operations
typically accept lambda expressions as parameters, enabling you to
customize how they behave.
15. Java 8 – Lambda Stream Methods
public interface Stream<T> extends BaseStream<T, Stream<T>> {
/**
* Returns a stream consisting of the elements of this stream that match
* the given predicate.
*
* @param predicate a <a href="package-summary.html#NonInterference">
*
non-interfering, stateless</a> predicate to apply to
*
each element to determine if it should be included
* @return the new stream
*/
Stream<T> filter(Predicate<? super T> predicate);
/**
* Returns a stream consisting of the results of applying the given
* function to the elements of this stream.
*
* @param <R> The element type of the new stream
* @param mapper a <a href="package-summary.html#NonInterference">
*
non-interfering, stateless</a> function to apply to each
*
element
* @return the new stream
*/
<R> Stream<R> map(Function<? super T, ? extends R> mapper);
}
16. Lambda – Filtering / Mapping
Filtering
List<Person> eligibleVoters =
potentialVoters.
stream().
// Get the List of voters as a Stream
filter(p -> p.getAge() > legalAgeOfVoting). // Filter using Predicate
collect(Collectors.toList()); // Convert Stream Back to List
Mapping
return mixedCaseStrings.
stream().
// Get Stream from List
map(s -> s.toUpperCase()). // Convert Value
collect(Collectors.toList());
// Convert Back to List
17. Lambda – Method References
// Reference to a Static method
Arrays.asList("a", "b", "c").forEach(Printers::print)
// Reference to an method on an instance
public static void printPages(Document doc, int[] pageNumbers)
{
Arrays.stream(pageNumbers).
map(doc::getPageContent).
forEach(Printers::print);
}
18. Java 8 – Lambda
http://openjdk.java.net/projects/lambda/
Streams – Brian Goetz/Paul Sandoz
CON7942_Sandoz-javaone-streamstopgear.pdf
Stuart Marks
TUT3877_Marks-JumpStartingLambda-v6.pdf
Brian Goetz – State of the Lambda
http://cr.openjdk.java.net/~briangoetz/lambda/lambda-state-final.html
Java Tutorial
http://docs.oracle.com/javase/tutorial/java/javaOO/lambdaexpressions.html
JUnit Based Tutorial
https://github.com/AdoptOpenJDK/lambda-tutorial
19. Adam Bien – Java Rockstar
http://www.adam-bien.com/roller/abien/
Lightweight Java EE Architectures (Free Devcast)
http://www.adam-bien.com/roller/abien/entry/lightweight_java_ee_architectures_a
Rethinking JEE Design Patterns
EJB’s are cool
No need for DAO’s with EntityManager
No need for DTO’s with JPA Entity
No need to have an interface for every class
Setting up JEE7 projects with Maven3
http://www.adam-bien.com/roller/abien/entry/setting_up_java_ee_7
Starting WebSphere with Java EE 6...in 3 seconds
http://www.adam-bien.com/roller/abien/entry/starting_websphere_with_java_ee
48. Ten Tips for Unit Tests
•
•
Make the tests understandable
• Comments
• Expected Behaviour
• Diagnostics
•
Absolute Repeatability
• Must trust each test
•
Independent Tests only
• Must run in any order
• No dependencies
•
Diagnostics on Failure
• Message in assets
• Reference input data
• Record test environment info
• Make it simple to debug
•
•
Think Before Testing
• Input Data
• What is it called
• Expected Output
No hard coding environment
• Chained exceptions
• Use config files for portability
• Mock objects
• No databases
•
No Extraneous Output
• Too much output == confusion
• Slient test
• Use option/config to turn debug on
Small and Simple
• Use setup and teardown
• Separate test logic from setup to make it easier to debug
•
Test 1 thing only
• One scenario per test so its more obvious why it failed
• Enables faster debugging
•
Fast Tests only
• Run as often as possible
• Quick results
• Maintain quaility bar
• More likely that devs will run with every change
49. Stress Testing – Arquillian & JMeter
http://arquillian.org/
Arquillian brings the test to the runtime so you don’t have to
manage the runtime from the test (or the build). Arquillian eliminates
this burden by covering all aspects of test execution, which entails:
• Managing the lifecycle of the container (or containers)
• Bundling the test case, dependent classes and resources into a
ShrinkWrap archive (or archives) Executing the tests inside (or against)
the container
http://jmeter.apache.org/
Apache JMeter - may be used to test performance both on static and
dynamic resources (Files, Web dynamic languages - PHP, Java, ASP.NET,
etc. -, Java Objects, Data Bases and Queries, FTP Servers and more).
It can be used to simulate a heavy load on a server, group of servers,
network or object to test its strength or to analyze overall performance
under different load types. You can use it to make a graphical analysis of
performance or to test your server/script/object behavior under heavy
concurrent load.
50. Security – OWASP Top 10 Web App Defenses
• SQL Injection Defence
• Query Parameterization
• Password Defences
• Don’t limit length
• credential-specific salt
• Keyed functions
• Multi-Factor Authentication
• SMS / Mobile App / Tokens
• Cross Site Scripting Defence
• OWASP Java Encoder
• OWASP HTML Sanitizer
• JSHtmlSanitizer
• Cross Site Request Forgery Defence
• CSRF Cryptographic Tokens
• Re-authentication
• Controlling Access
• Apache Shiro - comprehensive solution to
authentication, authorization, cryptography, and
session management.
• Clickjacking Defence
• response.addHeader( "X-FRAME-OPTIONS",
"SAMEORIGIN" );
• App Layer Intrusion Detection
• Input validation failure server side on non-user
editable parameters
• OWASP AppSensor Project
• Encryption in Transit (HTTPS/TLS)
• Credentials and Session IDs Encrypted in Transit
• Use HTTPS/TLS from login to logout
• Certificate Pinning
• File Upload Security
Jim Manico
https://oracleus.activeevents.com/2013/connect/fileDownload/session/0C826D948B4001909E22C76D363E0E86
/CON5523_Manico-Top%20Ten%20Defenses%20v11.ppt
The operations filter, map, and forEach are aggregate operations. Aggregate operations process elements from a stream, not directly from a collection. A stream is a sequence of elements. Unlike a collection, it is not a data structure that stores elements. Instead, a stream carries values from a source, such as collection, through a pipeline. A pipeline is a sequence of stream operations, which in this example is filter- map-forEach. In addition, aggregate operations typically accept lambda expressions as parameters, enabling you to customize how they behave.default void forEach(Consumer<? super T> action)
The operations filter, map, and forEach are aggregate operations. Aggregate operations process elements from a stream, not directly from a collection. A stream is a sequence of elements. Unlike a collection, it is not a data structure that stores elements. Instead, a stream carries values from a source, such as collection, through a pipeline. A pipeline is a sequence of stream operations, which in this example is filter- map-forEach. In addition, aggregate operations typically accept lambda expressions as parameters, enabling you to customize how they behave.default void forEach(Consumer<? super T> action)
The operations filter, map, and forEach are aggregate operations. Aggregate operations process elements from a stream, not directly from a collection. A stream is a sequence of elements. Unlike a collection, it is not a data structure that stores elements. Instead, a stream carries values from a source, such as collection, through a pipeline. A pipeline is a sequence of stream operations, which in this example is filter- map-forEach. In addition, aggregate operations typically accept lambda expressions as parameters, enabling you to customize how they behave.
Everything in blue has been updated in JEE7
Concurrency: ManagedExecutor DefaultManagedExecutor Specify in web.xmlConcurrency: ManagedScheduledExecutor Submit delayed or periodic tasks Access using JNDI. Can be defined in web.xml as wellConcurrency: ManagedThreadFactoryConcurrency: DynamicProxy
Can hook in encoders and decoders
Can hook in encoders and decoders
Can have Job/Step/Chunk
Jim Manicohttps://oracleus.activeevents.com/2013/connect/fileDownload/session/0C826D948B4001909E22C76D363E0E86/CON5523_Manico-Top%20Ten%20Defenses%20v11.ppt