Nebraska.Code() Sessions tagged java

JUnit 5 the Next Step in Automated Testing for Java

JUnit 5 has been out for a year, so what is the big fuss and why should I take the time to update my existing automated tests to use JUnit 5? In this presentation we will look at many of the new features that have been added in JUnit 5 and not only how they make automated testing easier, but allow developers to write tests in ways that were difficult or impossible to do before. If you have been wondering why you should make the switch from JUnit 4 to JUnit 5 you will definitely want to check out this presentation.

Speaker

Billy Korando

Billy Korando

Developer Advocate, IBM

Extending Spring Boot for Enterprise

Spring Boot has been an incredibly successful at reducing the time and complexity of spinning up new projects. However enterprise demands often cause Spring Boot projects to become bloated, out of date, and have inconsistent implementations, leading to them being difficult to maintain both for the teams responsible for a project and from an enterprise level of ensuring projects properly implement features like security, logging, database connectivity, and other common concerns.

In this presentation we will look at some of the underlying philosophies of Spring Boot and see at how to apply them to the enterprise. Specific topics include creating customs starter libraries, BOMs, and easing project initialization steps all with the goal of reducing developer toil and frustration while ensuring consistent behavior across large enterprises but not blocking experimentation. If your organization has been struggling with bloated poms, projects full of dead code, and long pipelines from project conception to deployment to production this is a presentation you will definitely want to check out.

Speaker

Billy Korando

Billy Korando

Developer Advocate, IBM

Securing Java Microservices with Java JWT

Abstract

Micah will take you on a token based journey. The talk covers what tokens are, looking at cryptographically signed tokens, using the JJWT library to create JWTs, mitigating CSRF attacks using JWTs and establishing trust between microservices using JWTs. Some slides and lots of code.

Description

"Microservices are awesome, but they're not free" - Les Hazlewood, CTO Stormpath

This is a popular talk that I gave during my motorcycle road trip up and down the east coast. While I work for Stormpath, there are no Stormpath dependencies in the code. It's an example that uses Spring Boot with Spring Security and the open-source JJWT.

In the first part of the talk, I introduce JWTs and their utility by replacing the default CSRF functionality in Spring Security with a custom one that uses JWT. It demonstrates how, in addition to doing a "dumb" equals match for the submitted token and the one on record, a JWT can be inspected for expiration. This makes it so that you can have a form, protected by CSRF, that must be submitted within a certain period of time.

In the second part of the talk, I have a Spring Boot microservices example. I run two instances of the example and demonstrate how they initially do not trust signed JWT messages between each other. I then discuss how to establish trust between these microservices (by registering the public keys of each with each other) and then show how they now will trust messages. Finally, I talk about and demonstrate a more modern approach to microservices using Kafka messaging as the backbone rather than HTTP.

Here's a blog post I wrote on the subject as well.

Speaker

Micah Silverman

Micah Silverman

Senior Developer Advocate, Okta

Reactive for the Impatient (A Gentle Intro to Reactive Programming and Systems)

As Java is an object-oriented language that inherently supports the imperative programming style, asynchronicity presents a challenge that can turn the code into nightmare. One way to deal with the complexity of asynchronicity is to introduce reactivity onto the coding level (reactive programming), and/or to handle it on the design and architecture level (reactive systems design).

This talk presents to the audience a few of the major Java-based reactive frameworks and toolkits in the market today, such as RxJava, Spring Reactor, Akka, and Vert,x. It will start by going over the basic tenets of reactive systems, and some examples of the problems that these systems aim to solve. It will discuss the 2 most commonly used Java frameworks for implementing reactive coding - RxJava and Spring Reactor, and will show some code samples. It will then bring the audience to the next level of "reactivity' by introducing 2 reactive frameworks - Akka and Vert,x, which are usually used for implementing reactive microservices. It will draw some comparisons between these 2 frameworks and cite some real-life examples of their usages.

The takeaways for the audience will be an understanding of the key differences between reactive programming versus reactive systems, and the strength and weaknesses of each of the surveyed frameworks.

Speaker

Mary Grygleski

Mary Grygleski

Developer Advocate, IBM