Collect your badge and attendee bag
Software exists in an ever-changing environment that places new demands on the code we're writing and the code we've already written. In this talk we'll look at how Spring adapts to these demands and how it can help your code to adapt as well.
by Joe Grandja
This talk will provide an Architectural Overview of Spring Security with a focus on Authentication and Authorization. The main goal is to empower users with a deeper knowledge of how Spring Security works “under the covers”. This talk will also demo various Authentication and Authorization scenarios.
by Matt Raible
To simplify development and deployment, you want everything in the same artifact, so you put your Angular app “inside” your Spring Boot app, right? But what if you could create your Angular app as a standalone app and make cross-origin requests to your API? A client app that can point to any server makes it easy to test your current client code against other servers (e.g. test, staging, production). This workshop shows how to develop with Java 8, Spring Boot, Angular 4, and TypeScript. You’ll learn how to create REST endpoints with Spring MVC, Spring Data REST, configure Spring Boot to allow CORS, and create an Angular app to display its data. If time allows we’ll cover microservices, security/authentication, continuous integration, and deployment to Cloud Foundry.
Prerequisites: Java 8, Maven 3.5.0, Node.js 6.9.5, Chrome (higher versions ok)
Install Angular CLI: npm install -g @angular/cli
Optional: Yarn instead of npm
by Simon Baslé
Spring Framework 5.0’s major theme is Reactive Programming support, specifically, Reactive Streams. To fuel that revolution, the same OSS teams behind Spring and RxJava are working on an independent reactive engine: Project Reactor. In fact, it’s supporting a wide range of reactive new features from Spring MVC to Spring Data, Spring Cloud Streams, or even Kafka, Netty and Cloud Foundry orchestration (!).
This session introduces Reactor 3 with practical examples. It will show how to write and test reactive applications or APIs that are backpressure-ready and resilient by design, going from callback hell to reactive well.
There are currently over 20 main projects, most of them containing multiple subprojects. Do you know each one of them? Probably not.
In this session we have only 1 main goal, taking a bird’s-eye view on all of them. I know, this will get challenging, but afterwards you’ll hopefully discover those projects that you never thought existed. Let’s dive in!
jOOQ is one of several quite different technologies to access relational data from Java based applications.
jOOQ is short for "Java object oriented querying" and describes a query builder framework that takes a look at your database schema, independent wether you use an Open Source database like PostgreSQL or an commercial product like Oracle Database., and provides you with a domain specific language (DSL) for generating statements.
jOOQs goal is explicitly not to shield the user from SQL but providing a type safe way to use it.
Learn in this session who you can facilitate the "magic" of Spring Boot to provide jOOQ with needed resources and then use it to publish advanced analytic queries as HTTP apis.
Along the way you learn how automatic database migrations help you to do continuous delivery even with database centric applications.
by Juven Xu
As a giant and fast growing cross border b2c e-commerce business, AliExpress heavily relies on Microservices to keep its speed and stability.
In this talk I will introduce:
1. How we integrate Spring Boot to Alibaba infrastructure services.
2. How we use BOM to manage dependencies.
3. How we integrate Spring Cloud Config to Alibaba configuration service.
4. Patterns we found as we write dozens of Spring Boot starters.
by Alex Soto
One of the most important benefits of automated testing is to ensure a fast and safe code refactoring to evolve our system architecture. The main problem is how to write tests that are easy to write, easy to follow and not time consuming during development nor execution time.
In this session, we are going to explore some powerful Java testing libraries that will help you write better (unit) tests focusing on the main Unicorns architecture challenges such as validating microservices endpoints, remote calls to other microservices or just asynchronous/reactive code.
by Matt Raible
During this 2 hour workshop, the attendees will be given the chance to experience first hand what the real power of spring boot (the internal auto configuration mechanics) can do to speed up development efforts. We've all been in the client environments where a lot of the services are using the same architecture and guidelines, more often than not copying entire spring configurations from previous services without even blinking! The workshop will provide attendees with a case which will guide them through creating custom but reusable autoconfiguration. The next step will be to combine this with the potential of writing your own starters to exploit the developed autoconfiguration. These two elements combined will result in a complete overview of how to make the most of Spring boot's internal mechanics to optimize your client's development efforts!
* your favorite IDE
The last couple of years we have been adopting Microservices but mainly for our backend services. When thinking of the frontend we most of the time end up with a monolithic web application which utilizes our modulair backend.
In this talk we will explore how we could use microservices to our advantage and also split up our frontend so that we can leverage the full power of microservices in both the backend and frontend.
by Ryan Baxter
You have heard and seen great things about Spring cloud and you decide it is time to dive in and try it out yourself. You fire up your browser head to Google and land on the Spring Cloud homepage. Then it hits you, where do you begin? What do each of these projects do? Do you need to use all of them or can you be selective? The number of projects under the Spring Cloud umbrella has grown immensely over the past couple of years and if you are a newcomer to the Spring Cloud ecosystem it can be quite daunting to sift through the projects to find what you need. By the end of this talk you will leave with a solid understanding of the Spring Cloud projects, how to use them to build cloud native apps, and the confidence to get started!
We'll start with a review on recent advances in Deep Learning. Then we'll present DeepLearning4J (the first commercial-grade, open-source, distributed deep-learning library written for Java) and explore how it covers topics explained in the initial review. We'll then present a Spring Boot application with some functionality run by a Neural Network. Finally we'll explore the possibilities of implementing a Supervised Learning System using Spring Boot Actuator, which will lead to a trained monitoring system that can be interacted with actuator endpoints.
Although security and identity management is a crucial aspect for any application, its implementation can be difficult. Worse, it is often neglected, poorly implemented and intrusive in the code. But lately, Identity Management servers has appeared which allow to outsource and delegate all authentication and authorization aspects, such as https://auth0.com/. Of these servers, one of the most promising is Keycloak, open-source, flexible and agnostic of any technology, it is easily deployable / adaptable in its own infrastructure. In this session, I propose you to discover KeyCloak progressively and in an interactive way: 0 slide, 100% live coding.
We will naturally focus on the Spring Boot adapter that Keycloak provides but also see how you can combine Spring Security with Keycloak.
In Spring 5, we introduced a new, functional web framework, next to the existing annotation-driven programming model. In this talk, we will discuss this new framework: how it is used, what its goals are, how it compares to the annotation model, and other related topics.
JHipster (https://jhipster.github.io/) is a widely-used, Open Source application generator platform for creating Spring Boot + Angular projects in minutes!
JHipster can generate simple web app to complex microservice architectures in a breeze.
JHipster comes packed with tools, tips and ideas to make you generate, code and deploy your application faster than you thought it was possible.
Deepu KS(JHipster project co-lead) will take you through and show how to create full fledged Spring boot webapp with Angular 4, Bootstrap 4 and Webpack from scratch using JHipster 4.0 and deploy it to production under 30 minutes
In the era of Docker, big data and microservices it is really important to distribute your applications reasonable across your cluster and keep a good overview of all of your running applications. Because of this, cluster management software like Apache Mesos and DC/OS are very important and popular. In this session we will implement a java based service using spring boot and will start him locally and with docker-compose. Then we will deploy our service to DC/OS and see how easy it is to scale, upgrade, monitor and do other fancy stuff. And the best thing for the demo: We will have a nice UI and super cool CLI.
Scalability and resilience are important key goals, characteristics for modern applications.
To achieve this applications can use non-blocking, event-driven manner that scale with a small number of threads with backpressure as a key ingredient.
In Spring Framework 5 a new reactive stack is introduced to answer these needs.
In this workshop attendees will build a reactive web application using Spring Framework 5.0 and the upcoming Spring Boot 2.0
We will cover the following WebFlux features:
- annotation-based and functional programming models
- functional, reactive WebClient
- reactive WebSocket including client and server
- integration testing support
- supported runtimes
Also a performance measurement will be done in order to show the scalability and benefit of the newly introduced features.
When you’re building microservices, managing state becomes a distributed systems problem. Instead of being able to manage state as transactions inside the boundaries of a single monolithic application, a microservice must be able to manage consistency by using transactions that are distributed across a network of many different applications and databases.
Event-driven architectures are a key component of solving data consistency issues in microservices. This session explores the problems of data consistency in microservices and the various event-driven practices that include CQRS and Event Sourcing. We will look at how these popular practices are implemented using Spring Boot and Spring Cloud Stream.
Getting up and running with Spring Cloud is a breeze. But once the initial setup is done, it needs to be complemented with an ecosystem that can cope with the extra operational complexity and quality concerns. While running Spring Cloud in production for years, we have integrated some interesting tools for documentation, operations and testing.
During this talk you will see a demo of an integrated platform based on Spring Cloud, including tools like Spring Cloud Contract, wiremock, saboteur, ELK, Spinnaker, Spring Boot Admin and more. One of these tools is a dashboard for visualising Spring Cloud microservice architecture, which has recently been open sourced.
Documenting, testing, troubleshooting, and monitoring highly distributed systems in microservice architectures is hard. Finding quality, complementary tools in the wilds of open source can be even harder. Join this talk for a pragmatic look at taming some of the challenges of running microservices in production.
by Michael Plöd
One of the most precious parts of Domain Driven Design are the concepts of Strategic Design. These concepts include the Bounded Context, the Context Map and the patterns that are being documented in the Context Map.
This talk explains all of the topics mentioned above as well as practical usage scenarios such as migrating a monolithic landscape to Microservices. In order to get hands-on I will also demonstrate the concepts surrounding Strategic Design with an application landscape of various Spring Boot Applications.
by Steve Pember
Cloud Native Microservice architectures have become increasingly popular over the past few years, and for good reasons: smaller, efficient codebases, finely targeted scaling options, and the ability to do continuous deployment along with continuous integration, among others. All potentially very powerful features. However - as with most things - Microservices bring tradeoffs in terms of application complexity: working with an individual service is easy; overall application development becomes increasingly complex. Perhaps too complex for your average web application.
Many presentations on the Microservice phenomena offer either a high level view on what it is, compare and contrast it with the Monolith pattern, or discuss how to migrate from a Monolith to Microservices, but rarely does one hear what it’s like to actually work in such an environment. Frankly, it can be intimidating for someone accustomed to a traditional monolithic development experience. Individual services are somewhat trivial to develop, but now you suddenly have countless others to keep track of. You may become lost: with all these services, is anyone directing the overall development? You’ll become obsessed over how and when they communicate. You’ll have to start referring to the application on the whole as “the Platform”. It’ll soon become difficult or even impossible to run the whole Platform on a development laptop. You may even have to take on some DevOps work, and start learning about deployment pipelines, and whole new worlds of metrics and logging.
Don’t panic. In this presentation we’ll discuss what we learned working with a Microservice platform for the past three years. We’ll cover what to expect when joining a Microservice team and what the situation will look like as the team size grows. We’ll see how critical inter-service testing strategies are to the success of the team. We’ll examine what a development lifecycle might look like for adding a new service, developing a new feature, or fixing bugs. We’ll dive a bit into DevOps and see how one will become dependent and various metric and centralized logging tools, like Kubernetes and the ELK stack. Finally we’ll talk about communication, team organization strategies, and how they are likely the most important tool for surviving a Microservices development team.
Spring 5 is almost here! One of the most exciting introductions in this release is support for reactive programming, building on Pivotal's Project Reactor to support message-driven, elastic, resilient, and responsive services. Spring 5 integrates an MVC-like component model adapted to support reactive processing and a new type of web endpoint, functional reactive endpoints. In this talk, we'll look at the net-new Netty-based web runtime and how to integrate it with existing Spring-stack technologies.
by Risto Yrjänä
Reactive web apps are the here now with their fancy flows, promises of scalability and horrible debugging experiences. We’ll show them a business UI or two.
* Properties of reactive UI’s
* Simple reactive UI with server-side Java
* Simple reactive UI with Polymer web components
by Robert Kubis
Live coding and demos! In this presentation you'll learn what Spanner is all about, how to setup you first instance and database. We walk through design decisions when coming up with your first schema and queries that are enabled to scale to terabytes of data. Come prepared to see some code, queries and query explains
When the word “microservice” comes up, many thoughts go directly to REST endpoints powering websites. However, applying the 12 factor concepts to batch and integration style workloads can provide immense benefits. In this talk, we will walk through creating data microservices for both streaming applications (integration) via Spring Cloud Stream as well as short lived microservices via Spring Cloud Task. We’ll finish by looking at how Spring Cloud DataFlow can be used to orchestrate these microservices into useful applications. A general knowledge of Spring and Spring Boot will be useful for this talk.
One of the most important components in a microservice landscape is the discovery service. During the last few years a large number of alternatives for service discovery have evolved, specifically in the area of container infrastructures.
This presentation will, based on my experiences, go through some of the alternatives. The presentation will cover discovery service components in Netflix OSS, Docker Swarm, Amazon ECS and Google Kubernetes. We will also cover how to use Spring Cloud to write microservices that are independent of the selected discovery service, i.e. that can be used with any of the alternatives without requiring modifications of the code.
Software vulnerabilities come in two basic flavors: security bugs and design flaws.
Security bugs, such as the popular SQL Injection and Cross-site Scripting vulnerabilities, are errors in coding and because all of them follow the same specific patterns, they can be detected easily by automated tools, even reporting the file and line where the security bug has been found making it simple for software developers to resolve them.
However, half of the software related security issues can not be detected by tools.
They are design flaws embedded in software and only a person who is familiar with the scope of the web application can identify such vulnerabilities. Until now, they had to be detected manually through pentesting, often resulting in the wholesale redesign of the application architecture.
This represents a huge problem for any business or organization, not only due to the economic cost, but more importantly because of the impact on time to market of applications.
So, what can we do to solve this problem?
This talk presents a solution to protect applications against design flaws and verify them automatically with application security architecture and testing tools working together for the first time.
Following a practical approach this talk presents practical examples using Spring reference applications (PetClinic) based on Spring MVC and Spring REST and using well known pentesting tools such as Burp.
18th–19th May 2017