Sessions at Central Iowa Software Symposium on Saturday 4th August

Most of the time when people talk about agile software development, they talk about project and planning practices and never mention actual development practices. This talk delves into best development practices for agile projects, covering all of its aspects.

Most of the time when people talk about agile software development, they talk about project and planning practices but never mention actual development, as if development where an afterthought when writing software. This talk bills into the real details of how to do agile development. I discuss best practices like continuous integration, pair programming, how developers should interact with story cards, how to handle enterprise concerns like integration with other software packages, and a slew of other topics related to agile software development.

Prerequisite: Having worked in an organization that values bureaucracy more than individuals

After 9 years and several significant releases, Spring has gone a long way from challenging the then-current Java standards to becoming the de facto enterprise standard itself. Although the Spring programming model continues to evolve, it still maintains backward compatibility with many of its earlier features and paradigms. Consequently, there's often more than one way to do anything in Spring. How do you know which way is the right way?

In this session, we'll explore several ways that Spring has changed over the years and look at the best approaches when working with the latest versions of Spring.

Groovy has been around for some time and is generally recognized as a highly productive object-oriented language with a tight association with Java. Groovy seems to be going through a second wave of popularity with a more diverse repertoire of benefits, including building, deploying and testing, in addition to rapid web development. The fastest growth of productivity tools are all powered by Groovy. Discover the Groovy Truth!

This session will start with a short introduction to Groovy and will walk through a number of groovy tools that can increase the speed of delivery of any Java software development shop. We will review the following Groovy Power Tools: - Spock - the best unit testing and mocking tool available to a Java developer leveraging the value of a testing DSL - Gradle - the fasting growing build tool for compiling and building Java-eco system projects. - Geb - A groovy DSL on top of Selenium for driving web testing - Glu - The groovy way to deploy and manage Java deployments in production - Grails - The groovy way to develop a web application against a relational database

The Web is changing faster than you can imagine and it is going to continue to do so. Webs of Documents are giving way to machine-processable Webs of Information. We no longer care about data containers, we only care about data and how it connects to what we already know.

Perhaps the concepts of the Semantic Web initiative are new to you. Or perhaps you have been hearing for years how great technologies like RDF, SPARQL, SKOS and OWL are and have yet to see anything real come out of it.

Whether you are jazzed or jaded, this workshop will provide you with the understanding of a technological tidal wave that is heading in your direction.

In this workshop, we will:

Explain the Web and Web architecture at a deeper level Apply Web and Semantic Web technologies in the Enterprise and make them work together Integrate structured and unstructured information Create good, long-lived logical names (URIs) for information and services Use the Resource Description Framework (RDF) to integrate documents, services and databases Use popular RDF vocabularies such as Dublin Core, FOAF, DOAP Query RDF and non-RDF datastores with the SPARQL query language Model and Do Inference with the Web Ontology Language (OWL)

Bring your laptops. This is a hands-on workshop.

Functional Programming has been around for a while, but it is gaining popularity, especially due to direct support in languages on the JVM. Writing code in functional style is not about syntax, it is a paradigm shift. In this presentation, using examples from Java, Groovy, and Scala, you will learn how to write code in functional style. We will start out discussing the elements of functional programming and then look at examples of some common operations and how you can implement those in functional style.

For a long while, we've built applications pretty much the same way. Regardless of the frameworks (or even languages and platforms) employed, we've packaged up our web application, deployed it to a server somewhere, and asked our users to point their web browser at it.

But now we're seeing a shift in not only how applications are deployed, but also in how they're consumed. The cost and hassle of setting up dedicated servers is driving more applications into the cloud. Meanwhile, our users are on-the-go more than ever, consuming applications from their mobile devices more often than a traditional desktop browser. And even the desktop user is expecting a more interactive experience than is offered by simple page-based HTML sites.

With this shift comes new programming models and frameworks. It also involves a shift in how we think about our application design. Standing up a simple HTML-based application is no longer good enough.

In this session, we'll discuss what the next generation of applications looks like, exploring such things as the mobile web and cloud computing. We'll also dig into some of the technologies and practices such as REST, OAuth, and JavaScript microframeworks that enable us to move forward.

Have you looked into Scala? Scala is a new object-functional JVM language. It is statically typed and type inferred. It is multi-paradigm and supports both object oriented and functional programming. And it happens to be my favorite programming language.

If you are interested in Scala, how you are planning to learn Scala? You probably are going to pick up a book or two and follow through some examples. And hopefully some point down the line you will learn the language, its syntax and if you get excited enough maybe build large applications using it. But what if I tell you that there is a better path to enlightenment in order to learn Scala?

Scala Koans, a set of test cases that will teach you Scala language. The Scala koans will help the audience learn the language, syntax and the structure of the language through test cases. It will also teach the functional programming and object oriented features of the language. Since learning is guided by failing tests it allows developers to think and play with the language while they are learning.

We know agile methods are proven on small teams, but really...almost any process works with a team of one. As the team scales, however, the challenges mount. In this session, we focus on proven practices that help large software development teams in excess of 100 developers maintain agility. We also explore how to scale agile across the enterprise.

Come learn about ways to increase transparency on large projects, structure the development team, garner the important feedback you need from customers, and avoid the lack of rhythm so common on large teams. We’ll explore how large teams can conduct effective code reviews, maintain a consistent architectural vision, take advantage of automation, and build a development process that is sustainable on large teams. In lieu of focusing on specific agile methods in this session, we turn our attention to practices that the development team can leverage today to get started on the road to increased agility.

The Web is changing faster than you can imagine and it is going to continue to do so. Webs of Documents are giving way to machine-processable Webs of Information. We no longer care about data containers, we only care about data and how it connects to what we already know.

Perhaps the concepts of the Semantic Web initiative are new to you. Or perhaps you have been hearing for years how great technologies like RDF, SPARQL, SKOS and OWL are and have yet to see anything real come out of it.

Whether you are jazzed or jaded, this workshop will provide you with the understanding of a technological tidal wave that is heading in your direction.

In this workshop, we will:

Explain the Web and Web architecture at a deeper level Apply Web and Semantic Web technologies in the Enterprise and make them work together Integrate structured and unstructured information Create good, long-lived logical names (URIs) for information and services Use the Resource Description Framework (RDF) to integrate documents, services and databases Use popular RDF vocabularies such as Dublin Core, FOAF, DOAP Query RDF and non-RDF datastores with the SPARQL query language Model and Do Inference with the Web Ontology Language (OWL)

Bring your laptops. This is a hands-on workshop.

Spock is a groovy based testing framework that leverages all the "best practices" of the last several years taking advantage of many of the development experience of the industry. So combine Junit, BDD, RSpec, Groovy and Vulcans... and you get Spock!

This is a significant advancement in the world of testing.

This session assumes some understanding of testing and junit and builds on it. We will introduce and dig deep into Spock as a test specification and mocking tool.

Prerequisite: junit

I call the JDK concurrency API as the synchronize and suffer model. Fortunately, you don't have to endure that today. You have some nice options, brought to prominence on the JVM by Scala and Clojure.

In this workshop, learn how to program with Actors and STM using Akka, a powerful and popular library created using Scala but usable from any language on the JVM. You have a choice to pick the language you like in this workshop, and learn how to use these powerful concurrency models.

This session starts with a high-level look at all that the Spring Data project has to offer. Then we'll dive deeper into a few select Spring Data modules, including Spring Data Neo4j, Spring Data MongoDB, Spring Data Redis, Spring Data JPA, and Spring Data JDBC Extensions

In recent years, there has been a renewed interest in how data is stored. Although RDBMS has long been treated as a one-size-fits-all solution for data storage, a new breed of datastores has arrived to offer a best-fit solution. Key-value stores, column stores, document stores, graph databases, as well as the traditional relational database are options to consider.

With these new data storage options come new and different ways of interacting with data. Even though all of these data storage options offer Java APIs, they are widely different from each other and the learning curve can be quite steep. Even if you understand the concepts and benefits of each database type, there's still the huge barrier of understanding how to work with each database's individual API.

Spring Data is a project that makes it easier to build Spring-powered applications that use new data, offering a reasonably consistent programming model regardless of which type of database you choose. In addition to supporting the new "NoSQL" databases such as document and graph databases, Spring Data also greatly simplifies working with RDBMS-oriented datastores using JPA.

Successful projects require any number of practices but if you don't know who you're building it for or what you're supposed to build, failure is a distinct possibility. How do we capture the who and what? Personas and story maps are two effective techniques that you can leverage. After discussing the basics, we'll break into small groups and you'll have a chance to actually try building a set of personas as well as a story map.

Personas are a time tested technique to help teams understand their users and facilitate building the right interface. While personas are often backed by extensive ethnographic research, they don't require months and months of effort.

Of course just knowing who we're building for is only part of the picture, we have to know what our users are trying to do. Wether you favor use cases, user stories or more traditional requirements documents, at the end of the day our customers are using our application to further some other goal.

We are far from the early days of ugly HTML. We have sophisticated visualization tools available to us now to help our users consume complex data in attractive and informative ways.

Come hear how you can adopt these visualization systems (calling them libraries is inappropriate) today.

This talk will introduce:

• D3.js
• RGraph
• SVG in the Browser
• Highcharts
• Raphael
• Reusable widgets from the Simile Project

As a web application developer, most of the focus is on the user stories and producing business value for your company or clients. Increasingly however the world wide web is more like the wild wild web which is an increasingly hostile environment for web applications. It is absolutely necessary for web application teams to have security knowledge, a security model and to leverage proper security tools.

This 1/2 day training workshop on security will provide an overview of the security landscape starting with the OWASP top ten security concerns with current real world examples of each of these attack vectors. The first session will consist of a demonstration and labs using hacker tools to get an understanding of how a hacker thinks. It will include a walk through of the ESAPI toolkit as an example of how to solve a number of these security concerns including hands-on labs using the OWASP example swingset.

The workshop will include several hands on labs from the webgoat project in order to better understand the threats that are ever so common today.

Attendees will come away with the following skills / capabilities: - threat modeling - security audit plan - introduction to Pen testing - key / certificate management - fixing web application security issues

Don't be the weakest link on the web!

Gradle. Another build tool? Come on! But before you say that, take a look at the one you are already using.

Whether your current tool is Make, Rake, Ant, or Maven, Gradle has a lot to offer. It leverages a strong object model like Maven, but a mutable, not predetermined one. Gradle relies on a directed acyclic graph (DAG) lifecycle like Maven, but one that can be customized. Gradle offers imperative build scripting when you need it (like Ant), but declarative build approaches by default (like Maven). In short, Gradle believes that conventions are great -- as long as they are headed in the same direction you need to go. When you need to customize something in your build, your build tool should facilitate that with a smile, not a slap in the face. And customizations should be in a low-ceremony language like Groovy. Is all this too much to ask?

Gradle has received the attention of major open source efforts and has chalked up significant conversions by the Spring Integration, Hibernate, and Grails projects. What do these technology leaders see in this bold new build tool? They see not only a better way to build Java applications, but an extensive ecosystem of connecting to existing Ant and Maven build files while expanding the horizon of test, CI, and deployment automation in an easy manner. Join us for 90 minutes and let us take you on this same walk of discovery of the most innovative build tool you've ever seen'.

In this session, we'll start with the basics of Spring MVC development, focusing on how to leverage the new annotation-driven model. With that foundation set, we'll continue by exploring the new features in Spring 3.0 and 3.1 to build RESTful web applications that can serve both human-facing content as well as resources that are consumed by machine clients.

From the very beginning, Spring has included Spring MVC, a web framework built around the Spring Framework. Originally based on a rich hierarchy of controller classes, Spring MVC served developers well, but began to look a little long in the tooth compared to other web frameworks.

Starting with Spring 2.5, Spring MVC took a major evolutionary step, breaking away from the rigid controller class hierarchy model to embrace a more flexible annotation-driven model. Often referred to as Spring @MVC, this new model has continued to improve with Spring 3.0 and Spring 3.1.

Technology changes, it's a fact of life. And while many developers are attracted to the challenge of change, many organizations do a particularly poor job of adapting. We've all worked on projects with, ahem, less than new technologies even though newer approaches would better serve the business. But how do we convince those holding the purse strings to pony up the cash when things are "working" today? At a personal, how do we keep up with the change in our industry?

This talk will explore ways to stay sharp as a software professional. We'll talk about how a technology radar can help you stay marketable (and enjoying your career) and how we can use the same technique to help our companies keep abreast of important changes in the technology landscape. Of course it isn't enough to just be aware, we have to drive change - but how? This talk will consider ways we can influence others and lead change in our organizations.

Mutability is something we're quite used to in Java. Sharing is a good thing. However, shared mutability is pure devil's work. If we remove shared mutability, all the problems of concurrent go away. In practice, however, it's hard to completely get rid of shared mutability. This is where STM comes in with managed shared mutable variables. In this presentation we will take an example driven approach to dive deep into STM, look at what it has to offer, explore different implementations, and how we can design concurrent applications without any explicit locks.

As a web application developer, most of the focus is on the user stories and producing business value for your company or clients. Increasingly however the world wide web is more like the wild wild web which is an increasingly hostile environment for web applications. It is absolutely necessary for web application teams to have security knowledge, a security model and to leverage proper security tools.

This 1/2 day training workshop on security will provide an overview of the security landscape starting with the OWASP top ten security concerns with current real world examples of each of these attack vectors. The first session will consist of a demonstration and labs using hacker tools to get an understanding of how a hacker thinks. It will include a walk through of the ESAPI toolkit as an example of how to solve a number of these security concerns including hands-on labs using the OWASP example swingset.

The workshop will include several hands on labs from the webgoat project in order to better understand the threats that are ever so common today.

Attendees will come away with the following skills / capabilities: - threat modeling - security audit plan - introduction to Pen testing - key / certificate management - fixing web application security issues

Don't be the weakest link on the web!