Saturday 29th March, 2014
3:00pm to 3:45pm
Groovy as a flexible, lightweight dynamic language is a natural companion in a Cloud environment. It is the ideal scripting engine to customize your web application in a multitenancy PaaS environment (like Jenkins, Oracle ADFm among well known use cases). Besides, you can customize your API close to your domain expert, writing your DSL in no time. But with great power comes great responsibilities… How can you make sure scripts written by end users won’t damage your application server in production? How can you validate them and catch errors as soon as possible? How can you secure the runtime execution of your scripts?
Groovy provides several tools to help, such as the ThreadInterrupt AST transformation or the SecureASTCustomizer. This session will show what you can achieve with those tools, but also their limitations, which led to a contribution we made to the community: securing scripts at runtime.
J2EE Architect looking at groovy/grails. Organiser of the french Riviera GUG bio from Twitter
Software Engineer @Gradle, Inc. Conference speaker. Introvert (http://www.carlkingdom.com/10-myths-about-introverts). Wrote the static compiler for #groovylang.
Sign in to add slides, notes or videos to this session