Belfast JUG 23-10-2013

Belfast Java User Group
Stuart Greenlees
Eamonn Long
Niall McLoughlin

Wednesday 23/10/2013

Agenda
Introduction to the Belfast JUG
• What is a JUG?
• Some Logistics
• How can you get involved?

JavaOne Key Notes
20+ New Features of JEE7
Extras

What is a JUG?


Java User Groups (JUGs) are volunteer organizations that strive to distribute Java-rela

Relation to Tech Forums?
Relation to LIT?

Meet Quarterly

October
2013

August
2014

February
2014

May
2014

Where can I find the Belfast JUG?
JUG Page on Java.Net: https://java.net/projects/belfast-jug

The Belfast JUG is on the MAP!

What are the Goals of the JUG?
Key
• Establish Regular meetings of Java Users in Belfast
• Share Information about Java
• Get people involved
Optional
• Adopt a JSR - https://java.net/projects/adoptajsr/pages/Home
• Adopt Open JDK - https://java.net/projects/adoptopenjdk/pages/AdoptOpenJDK

How can you get involved?
We Need Help!
• Create a Belfast JUG logo
• Create a simple website/wikki out on Java.Net

Contribute content
•
•
•
•
•
•

Join the Java.Net project
Post topic suggestions you would like to here about
Post recommendations of any good speakers you would like to hear from
Contributing to OpenSource we would love to hear from you
E.g. Night-hacking with Raspberry Pi
Post Content on the java.net wiki/mailing list

How Do I sign Up?

JUG Leadership Team
Stuart Greenlees – s.greenlees@liberty-it.co.uk
Eamonn Long (a.k.a BlueArsedFly) – e.long@liberty-it.co.uk
Niall McLoughlin – n.mclouoghlin@liberty-it.co.uk

JavaOne 2013 Keynote Speech
Internet of Things

Java 8

JEE7

Java 8 – What is a Lambda?
Lambda expressions are anonymous methods
Arguments
person

Arrow Expression or {Statement}
->
person.getAge() > minimumAge

Example usage with new Iterable.forEach default method:
employees.forEach(e -> e.setSalary(e.getSalary() * 1.03));
The general syntax consists of an argument list, the arrow token ->, and a
body. The body can either be a single expression, or a statement block. In the
expression form, the body is simply evaluated and returned. In the block form,
the body is evaluated like a method body.
Benefits
Internal Iteration
Pass Behaviour not just Data
Fluent Pipelined Operations
Lazy Evaluation
Parallelization

Java 8 –Streams
A stream is a sequence of elements. Unlike a collection, it is not a
data structure that stores elements. Instead, a stream carries
values from a source, such as collection, through a pipeline.
int sum = widgets.stream()
.filter(w -> w.getColor() == RED)
.mapToInt(w -> w.getWeight())
.sum();

// Filter
// Map
// Collect

The operations filter, map, and forEach are aggregate operations.
Aggregate operations process elements from a stream, not directly
from a collection.

A pipeline is a sequence of stream operations, which in this
example is filter-map-sum. In addition, aggregate operations
typically accept lambda expressions as parameters, enabling you to
customize how they behave.

Java 8 – Lambda Stream Methods
public interface Stream<T> extends BaseStream<T, Stream<T>> {
/**
* Returns a stream consisting of the elements of this stream that match
* the given predicate.
*
* @param predicate a <a href="package-summary.html#NonInterference">
*
non-interfering, stateless</a> predicate to apply to
*
each element to determine if it should be included
* @return the new stream
*/
Stream<T> filter(Predicate<? super T> predicate);
/**
* Returns a stream consisting of the results of applying the given
* function to the elements of this stream.
*
* @param <R> The element type of the new stream
* @param mapper a <a href="package-summary.html#NonInterference">
*
non-interfering, stateless</a> function to apply to each
*
element
* @return the new stream
*/
<R> Stream<R> map(Function<? super T, ? extends R> mapper);
}

Lambda – Filtering / Mapping
Filtering
List<Person> eligibleVoters =
potentialVoters.
stream().
// Get the List of voters as a Stream
filter(p -> p.getAge() > legalAgeOfVoting). // Filter using Predicate
collect(Collectors.toList()); // Convert Stream Back to List
Mapping
return mixedCaseStrings.
stream().
// Get Stream from List
map(s -> s.toUpperCase()). // Convert Value
collect(Collectors.toList());
// Convert Back to List

Lambda – Method References
// Reference to a Static method
Arrays.asList("a", "b", "c").forEach(Printers::print)

// Reference to an method on an instance
public static void printPages(Document doc, int[] pageNumbers)
{
Arrays.stream(pageNumbers).
map(doc::getPageContent).
forEach(Printers::print);
}

Java 8 – Lambda
http://openjdk.java.net/projects/lambda/
Streams – Brian Goetz/Paul Sandoz
CON7942_Sandoz-javaone-streamstopgear.pdf
Stuart Marks
TUT3877_Marks-JumpStartingLambda-v6.pdf
Brian Goetz – State of the Lambda
http://cr.openjdk.java.net/~briangoetz/lambda/lambda-state-final.html
Java Tutorial
http://docs.oracle.com/javase/tutorial/java/javaOO/lambdaexpressions.html
JUnit Based Tutorial
https://github.com/AdoptOpenJDK/lambda-tutorial

Adam Bien – Java Rockstar
http://www.adam-bien.com/roller/abien/

Lightweight Java EE Architectures (Free Devcast)
http://www.adam-bien.com/roller/abien/entry/lightweight_java_ee_architectures_a

Rethinking JEE Design Patterns
EJB’s are cool
No need for DAO’s with EntityManager
No need for DTO’s with JPA Entity
No need to have an interface for every class

Setting up JEE7 projects with Maven3
http://www.adam-bien.com/roller/abien/entry/setting_up_java_ee_7
Starting WebSphere with Java EE 6...in 3 seconds
http://www.adam-bien.com/roller/abien/entry/starting_websphere_with_java_ee

Building Modular Cloud Apps
- Luminis Technologies http://luminis-technologies.com

Bean Validation: Method Validation

Concurrency: ManagedExecutor

JPA: Schema Generation

JPA: @Index

JPA: Stored Procedure

JTA: @Transactional

JTA: @TransactionScoped

JMS: JMSContext API

JMS: Autocloseable


Servlet: Improved Security

WebSocket: Annotated server endpoint


WebSocket: Annotated client endpoint

JSF: Faces Flow

JSF: Pass-through Attributes

JSF: File Upload Component

JAX-RS: Client API

JAX-RS: Async Client

JAX-RS: Async Server

JSON-P: JSON Builder

Batch: Chunk-style Processing

Batch: Chunk-style processing

Batch: Batchlet-style Processing

Batch: Job/Step/Chunk Listeners

Batch: Creating Workflows

Ten Tips for Unit Tests
•

•

Make the tests understandable
• Comments
• Expected Behaviour
• Diagnostics

•

Absolute Repeatability
• Must trust each test

•

Independent Tests only
• Must run in any order
• No dependencies

•

Diagnostics on Failure
• Message in assets
• Reference input data
• Record test environment info
• Make it simple to debug

•

•

Think Before Testing
• Input Data
• What is it called
• Expected Output

No hard coding environment
• Chained exceptions
• Use config files for portability
• Mock objects
• No databases

•

No Extraneous Output
• Too much output == confusion
• Slient test
• Use option/config to turn debug on

Small and Simple
• Use setup and teardown
• Separate test logic from setup to make it easier to debug

•

Test 1 thing only
• One scenario per test so its more obvious why it failed
• Enables faster debugging

•

Fast Tests only
• Run as often as possible
• Quick results
• Maintain quaility bar
• More likely that devs will run with every change

Stress Testing – Arquillian & JMeter
http://arquillian.org/

Arquillian brings the test to the runtime so you don’t have to
manage the runtime from the test (or the build). Arquillian eliminates
this burden by covering all aspects of test execution, which entails:
• Managing the lifecycle of the container (or containers)
• Bundling the test case, dependent classes and resources into a

ShrinkWrap archive (or archives) Executing the tests inside (or against)
the container

http://jmeter.apache.org/
Apache JMeter - may be used to test performance both on static and
dynamic resources (Files, Web dynamic languages - PHP, Java, ASP.NET,
etc. -, Java Objects, Data Bases and Queries, FTP Servers and more).
It can be used to simulate a heavy load on a server, group of servers,
network or object to test its strength or to analyze overall performance
under different load types. You can use it to make a graphical analysis of
performance or to test your server/script/object behavior under heavy
concurrent load.

Security – OWASP Top 10 Web App Defenses
• SQL Injection Defence
• Query Parameterization
• Password Defences
• Don’t limit length
• credential-specific salt
• Keyed functions
• Multi-Factor Authentication
• SMS / Mobile App / Tokens
• Cross Site Scripting Defence
• OWASP Java Encoder
• OWASP HTML Sanitizer
• JSHtmlSanitizer
• Cross Site Request Forgery Defence
• CSRF Cryptographic Tokens
• Re-authentication

• Controlling Access
• Apache Shiro - comprehensive solution to
authentication, authorization, cryptography, and
session management.
• Clickjacking Defence
• response.addHeader( "X-FRAME-OPTIONS",
"SAMEORIGIN" );
• App Layer Intrusion Detection
• Input validation failure server side on non-user
editable parameters
• OWASP AppSensor Project
• Encryption in Transit (HTTPS/TLS)
• Credentials and Session IDs Encrypted in Transit
• Use HTTPS/TLS from login to logout
• Certificate Pinning
• File Upload Security

Jim Manico
https://oracleus.activeevents.com/2013/connect/fileDownload/session/0C826D948B4001909E22C76D363E0E86
/CON5523_Manico-Top%20Ten%20Defenses%20v11.ppt

Security – OWASP Recommended Tools
OWASP Java Encoder Project
https://www.owasp.org/index.php/OWASP_Java_Encoder_Project

XSS Defence - OWASP HTML Sanitizer Project
https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project

Apache SHIRO
http://shiro.apache.org/

App Sensor Intrusion Detection
https://www.owasp.org/index.php/OWASP_AppSensor_Project

Belfast JUG 23-10-2013

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (19)

Similar a Belfast JUG 23-10-2013

Similar a Belfast JUG 23-10-2013 (20)

Último

Último (20)

Belfast JUG 23-10-2013

Notas del editor