Last day of the conference and with some very specific sessions that I want to attend. The first one on What's New In Spring Security 2 with Ben Alex, the founder of the "It's not called Acegi anymore" framework for securing Spring based applications. Having first hand experience with the framework I wanted to see what's in the pipeline for version 2 (I think the final version is scheduled for March 2008). The first big noticeable enhancement is in the configuration side of things. While any Spring based XML based configuration file can be very verbose, it is particularly the case in version 1 of the framework where just about everything has to be set. In version 2 a lot of the security behaviour is set by default. Using a Spring XML schema DSL a typical Spring Security 2 configuration file is a lot more concise. Other noticeable changes that will be useful to us is the out of the box support for NTLM. I'll come back to Spring Security when I cover the Securing Portlet session later on.
The next session was on RESTful Web Services. Arjen Poutsma who is heading the Spring WS project covered the basics behind restful web applications. Unfortunately the echo in the room coupled with his accent made it very difficult to understand what he said from the back. But the presentation slides where clear enough to get a good overview of restful applications. It certainly confirmed to me why it is a good idea to decouple XSD form WSDL in web services projects so that it is easy to migrate a traditional SOAP web service into a restful one. Having said that the presentation didn't really cover REST web services from the point of view of the Spring WS project, more from a Spring MVC point of view (with annotations).
The first afternoon session was on Spring OSGi, with an overview of OSGi and then on the Spring Dynamic Modules project. You can easily detect when there is buzz behind new technology by just looking at the attendance numbers and the room was packed with some people having to standup, showing how interested in OSGi Spring developers are. There is certainly a lot of interesting technology there and it was demonstrated how a simple service object can be made an OSGi compliant service. The service was then injected in another Spring object. The proxy to the OSGi service can detect when the bundle is stopped/restarted and effectively waits until the backend service is ready to serve the call. It was an impressive demonstration when a simple web application could be patched without having to restart anything (not even the whole webapp itself so it is a lot more powerful than just a war hot deploy). All the Spring modules in Spring 2.5 are already OSGi compliant. My only concern is the level of adoption for OSGi in the container market place but I think that Spring itself will be the drive for its adoption.
The last session was on Securing Portlets with Spring Security by John Lewis. There where no more than 20 people attending and I wasn't sure whether it was because it was the last session slot and people where trying to catch their flight or whether it was a reflection of usage/interest in the community. But John was giving a very confident and clear presentation and I got the chance to ask some questions in the Q&A section. Our requirements, to separate the portal system from a backend service system, both potentially running on different boxes, was a familiar one to him. Yet it remains possibly the biggest challenge in implementing Security across the various tiers as credentials have to be passed around in an SSO type environment. We use Liferay and Jboss, both separate systems, and have had to configure Liferay authentication so that the SSO token can be passed through out as part of the SecurityContext lifecycle. Not very straightforward when it is not guaranteed that the SSO token can be infered from the Portlet session. So I got to talk to John and Ben on all that at the end of the session.
With the conference ending and no sign of a free iPhone to take back with me I still had plenty else, both in terms of freebies (a cool book from the No Fluff Just Stuff guys) and experience. I got to think about integration and clustering and I have got lots of cool ideas I'd like to prototype and implement when I'm back. But more than anything I got to meet some really cool people, that I will keep in touch with, and I got to realise how much penetration Spring now has in the enterprise and how it is just the beginning.
Will I come back to the Spring Experience? Hell yes, if I can!
Sunday, December 16, 2007
Saturday, December 15, 2007
The Spring Experience 2007: Day 2
While day 1 was more of an integration day for me, day 2 was more varied. There weren't any specific session that I felt I had to attend, which gave me more freedom to cherry pick different topics.
First I attended the AspectJ for Spring Developers session with Ramnivas Laddad giving a very good overview of AOP support, in particular AspectJ, for the Spring platform. Having played with proxy based Spring AOP and a little bit of the new AspectJ XML configuration syntax it was interesting to see what all the options for AOP are. What thing that is recurrent in the configuration side of Spring is how Spring projects support both annotation based configuration and XML configuration (with usually new DSL type schemas). Being stuck on 1.4 on the server in our current production environment, annotation based configuration isn't really an option for us. Beside some of it's limitations like class bound as opposed to instance bound isn't appealing to me. However in the case of AspectJ annotations it makes perfect sence. Aspects can be written as Java classes with @Aspect annotations without the need for AspectJ Java language syntax (and therefore no custom compilers). Ramnivas also covered the various load time weaving options available, eg via the use of a javaagent option in the vm or via XML configuration for the environment where the use of a vm option isn't an option.
The second session I attended was not really Spring specific. Called Practical Enterprise Concurrency, by Rob Harrop, it covered tips and trick to write safe/performant code in a multi threaded environment. This is were I learned something new about the Java language with regards to the volatile keyword. This keyword (like final) is applied to a variable where its state/value must be guaranteed to be the same across concurrent threads. Something to check in our custom cache and other multi-threaded "safe" code. Rob also covered the Java concurrency API which we have used (using the backport jar) and it got me thinking about Terracota and our clustering plans.
This links nicely to the first afternoon session where Nati Shalom, from Gigaspaces presented Scale Out Your Spring Applications in 3 simple steps. Nati explained the concept behind Gigaspaces (using Java spaces in some of their architecture I think) and how putting both the database data and the messaging side of an architecture all in memory through a cluster of spaces to create massively scalable applications. Gigaspaces also demonstrated failover by shutting down one of the nodes in the cluster. Something tells me though that for our clustering, Terracota fits our requirements better.
The last session, Spring LDAP Essentials, was unfortunately disappointing. Compare to the other "sexier" sessions, an overview of what is just another Spring template was a bit of a let down. Not something that could have been quickly picked up by reading the doc.
On a more social note, there was a beach party at 4.00pm and we were handed a set of beach goodies (and some will be thrown in the office when I come back...) and I had the chance to meet more people including Carlos, working for the BBC in London, and Ted, working for Icesoft (the Icefaces folks).
Back at dinner time and I yet have to win an iPhone at the raffle...
First I attended the AspectJ for Spring Developers session with Ramnivas Laddad giving a very good overview of AOP support, in particular AspectJ, for the Spring platform. Having played with proxy based Spring AOP and a little bit of the new AspectJ XML
The second session I attended was not really Spring specific. Called Practical Enterprise Concurrency, by Rob Harrop, it covered tips and trick to write safe/performant code in a multi threaded environment. This is were I learned something new about the Java language with regards to the volatile keyword. This keyword (like final) is applied to a variable where its state/value must be guaranteed to be the same across concurrent threads. Something to check in our custom cache and other multi-threaded "safe" code. Rob also covered the Java concurrency API which we have used (using the backport jar) and it got me thinking about Terracota and our clustering plans.
This links nicely to the first afternoon session where Nati Shalom, from Gigaspaces presented Scale Out Your Spring Applications in 3 simple steps. Nati explained the concept behind Gigaspaces (using Java spaces in some of their architecture I think) and how putting both the database data and the messaging side of an architecture all in memory through a cluster of spaces to create massively scalable applications. Gigaspaces also demonstrated failover by shutting down one of the nodes in the cluster. Something tells me though that for our clustering, Terracota fits our requirements better.
The last session, Spring LDAP Essentials, was unfortunately disappointing. Compare to the other "sexier" sessions, an overview of what is just another Spring template was a bit of a let down. Not something that could have been quickly picked up by reading the doc.
On a more social note, there was a beach party at 4.00pm and we were handed a set of beach goodies (and some will be thrown in the office when I come back...) and I had the chance to meet more people including Carlos, working for the BBC in London, and Ted, working for Icesoft (the Icefaces folks).
Back at dinner time and I yet have to win an iPhone at the raffle...
Thursday, December 13, 2007
The Spring Experience 2007: Day 1
The name of the Spring conference underlines the spirit of the event: it's all about the experience. The experience of listening to the very folks that are behind what is probably the biggest innovation in the Java space since, well, Java itself. The experience of meeting other like minded professionals who are passionate about technology and who have first hand experience with Java entreprise systems. Every person I've talked to so far is highly excited about the changes that Spring technology brings to their organisation and systems. A lot have "been there", that is, going through the pain of traditional J2EE development and the inevitable loss of faith in design by committee specifications.
The first two sessions I attended where on Enterprise Integration patterns and the speaker, Mark Fisher, gave an excellent overview of integration patterns in Spring. The big surprise, for me, was the announcement of the Spring Integration API during the second session. Mark went through the upcoming message oriented integration API that will be part of the Spring portfolio. With an expected final release in Q2 2008, and a milestone in January, it looks like SpringSource is aggressively moving into the ESB/SOA space. Given the penetration of Mule in that space (which is playing nicely with Spring) it will be interesting to see how the two positions themselves with respect to each other.
The Spring Integration API is directly relevant to the work we've been doing on our internal integration platform in the recent weeks. I've had a chance to catch up with Mark in the afternoon and explained what framework we put in place. The Spring Integration API aims to provide an out of the box messaging framework for SOA. It is not really following the JBI "standard" (another EJB-esque design by committee spec). It is more in line with the no nonsense integration framework that Mule is. Looking at the API during the session, I could see how easy it would be to migrate our framework (which is Spring based) to it. So we'll definitely be watching that space.
The first afternoon session I attended was on Data Access & I/O Strategies for Batch Processing which included in the end a small introduction to Spring Batch. Quite a good session and relevant to us considering batching is another area where we had to put in place our home brew architecture.
I was going to attend the next session on Spring Batch Introduction however Rod Johnson's session on the State of the Art in Dependency Injection proved too tempting. Listening to the man himself on the history of the DI side of the Spring framework and other competing frameworks was fascinating. The Java Configuration annotation based project was also covered and it showed a good alternative to the traditional XML configuration (I don't like the normal annotation-based configuration as it is class bound and not instance bound).
To sum up, a very satisfying first day with very relevant topics.
The first two sessions I attended where on Enterprise Integration patterns and the speaker, Mark Fisher, gave an excellent overview of integration patterns in Spring. The big surprise, for me, was the announcement of the Spring Integration API during the second session. Mark went through the upcoming message oriented integration API that will be part of the Spring portfolio. With an expected final release in Q2 2008, and a milestone in January, it looks like SpringSource is aggressively moving into the ESB/SOA space. Given the penetration of Mule in that space (which is playing nicely with Spring) it will be interesting to see how the two positions themselves with respect to each other.
The Spring Integration API is directly relevant to the work we've been doing on our internal integration platform in the recent weeks. I've had a chance to catch up with Mark in the afternoon and explained what framework we put in place. The Spring Integration API aims to provide an out of the box messaging framework for SOA. It is not really following the JBI "standard" (another EJB-esque design by committee spec). It is more in line with the no nonsense integration framework that Mule is. Looking at the API during the session, I could see how easy it would be to migrate our framework (which is Spring based) to it. So we'll definitely be watching that space.
The first afternoon session I attended was on Data Access & I/O Strategies for Batch Processing which included in the end a small introduction to Spring Batch. Quite a good session and relevant to us considering batching is another area where we had to put in place our home brew architecture.
I was going to attend the next session on Spring Batch Introduction however Rod Johnson's session on the State of the Art in Dependency Injection proved too tempting. Listening to the man himself on the history of the DI side of the Spring framework and other competing frameworks was fascinating. The Java Configuration annotation based project was also covered and it showed a good alternative to the traditional XML configuration (I don't like the normal annotation-based configuration as it is class bound and not instance bound).
To sum up, a very satisfying first day with very relevant topics.
Subscribe to:
Posts (Atom)