Last night, I had the pleasure of delivering two talks at the Denver Java User Group. The first talk, The Modern Java Web Developer, was inspired by the book titled The Well-Grounded Java Developer. Ben Evans and Martijn Verburg mention in the beginning of the book that they wrote it as a training guide to get new Java developers up to speed. For my talk, I wanted to do something similar, but for Java Web Developers.
I mentioned that the first thing you have to do to become modern is to change your title from a Java Web Developer to a JVM Web Developer. After doing that, you have a whole slew of new and wonderful technologies at your disposal. From there, I believe the Modern JVM Web Developer:
- Starts with Fast Hardware
- Uses IntelliJ IDEA
- Leverages jQuery, HTML5, and CSS3
- Creates High Performance Web Sites
- For Mobile Devices
- In the Cloud
- And cares about Security
The second talk was on Java Web Application Security and was largely an updated version of the talk I gave a couple years ago, starting with an appearance at the Utah JUG. It was mostly a live demo session using my Ajax Login application. To prepare the project for this talk, I created branches for each step. This means you can checkout the "baseline" branch and use Git to compare it with the "javaee" branch. You can also compare the "spring-security" branch vs. the "apache-shiro" branch. Finally, you could see what I needed to do to fix many of the vulnerabilities found by Zed Attack Proxy.
Thanks to the DJUG and Thrive folks for providing good beer (especially the Guinness!) and FullContact for hosting. Also, I'd like to thank Manning for the copies of The Well-Grounded Java Developer they sent and No Starch Press for copies of Michal Zalewsky's The Tangled Web: A Guide to Securing Modern Web Applications. Last, but certainly not least, thanks to all the good people who attended and listened to me ramble on about all this cool technology.