What the Heck Are OAuth and OIDC?

Session abstract

OAuth is not an API or a service: it is an open standard for authorization, any developer can implement it, and applications can use it to provide client applications with “secure delegated access.” OAuth works over HTTPS and authorizes devices, APIs, servers, and applications with access tokens rather than credentials. OpenID Connect (OIDC), built on top of the OAuth 2.0 protocol, enables clients to verify the identity of the user and obtain their basic profile information. This session covers how OAuth and OIDC work, when to use them, and frameworks/services that simplify authentication.

CodeOne2018

more >>

Benefiting from Java 9 Improvements

Session abstract

Mention Java 9, and everyone immediately thinks of modularization. Although that’s quite important, Java 9 contains many other improvements to the language and the JDK. This presentation dives into the language-level improvements and also the changes related to the Streams API and the functional style of programming. The objective of this session is to help developers make better use of Java 9 from the language, JDK, and functional programming point of view.

CodeOne2018

more >>

Enough java.lang.String to Hang Ourselves...

Session abstract

Is it better to write “” + 42 or Integer.toString(42)? How much memory can you save if you intern() all your strings? How can String Deduplication reduce your memory footprint, and what does it cost? And how much memory will Java 9 strings save in Bulgaria? What is the maximum length of a constant string? And a dynamic string? How much faster is the new StringBuilder().append(“Hello “).append(name).toString() than “Hello “ + name? What are intrinsics, and how do they relate to strings? Are strings really immutable? How can you efficiently create substrings? You’ll get answers to these and many more questions in this session.

CodeOne2018

more >>

Keynote: Groundbreakers: The Code Avengers

Session abstract

Superheroes protect the peace, save lives, and fight evildoers with their superhuman powers; however, they are not the only ones who have these abilities. Each day developers build highly advanced algorithms, design and code solutions to better humanity, deploy to thousands of servers in seconds, and come up with groundbreaking innovations. In this session join community leaders, unconference disorganizers, open-source standards gurus, and technology visionaries to hear an action-packed keynote to celebrate the developer community and you, a groundbreaker.

CodeOne2018

more >>

Hacking and Hardening Java Web Applications Workshop

Session abstract

PLEASE NOTE: YOU MUST BRING YOUR OWN LAPTOP (BYOL) TO PARTICIPATE IN THE HANDS-ON LABS.It seems like every day there is a new headline about a security breach in a major company’s web application. This hands-on workshop is designed to teach you how to identify and fix vulnerabilities in Java web applications. Using an existing web application, you will learn ways to scan and test for common vulnerabilities such as hijacking, injection, cross-site scripting, and cross-site forgery. You will learn best practices for logging, error handling, intrusion detection, authentication, and authorization. You will also learn how to improve security in your applications with existing libraries, frameworks, and techniques to patch and prevent vulnerabilities.*NOTE - Please download:- Virtual Box 64-bit -https://www.virtualbox.org(windows users please make sure you test virtual box ahead of time)- Kali Linux Varient Virtual Machine -https://s3.amazonaws.com

CodeOne2018

more >>

A Thousand Things You Always Wanted to Know About SSO but Never Dared Ask

Session abstract

How many times have you been in a meeting with a salesperson and started to sweat when you heard, “Yes, the system will be fully integrated with your SSO”? How many times have you searched on the internet forSSOand closed your browser after the second click? SAML, OAUth, ws-fed…which of these is the right protocol? Shibboleth, OpenAM, ADFS2, Keycloak…do I need all of them? Do I need them at all? Which is the right solution for my application? How can I protect my APIs? This session covers the most-popular SSO scenarios and will guide you along the sometimes obscure path to the “log in once and access everything” Grail.

CodeOne2018

more >>

Fully Reactive: Spring, Kotlin, JavaFX, and MongoDB Playing Together

Session abstract

Spring Framework 5 brings full reactive support to developers everywhere. What better way to demo reactive programming than to actually build something live? This session’s presenters perform a daring feat of pair programming/dueling coding to create an end-to-end application by using Spring Framework 5, Spring Boot, Reactor, Kotlin, JavaFX, REST, and MongoDB, all built with IntelliJ IDEA. What could possibly go wrong?

CodeOne2018

more >>

Ten Things You Can Do with GraalVM

Session abstract

PLEASE NOTE: YOU MUST BRING YOUR OWN LAPTOP (BYOL) TO PARTICIPATE IN THE HANDS-ON LABS.The GraalVM project enhances the Java ecosystem with an integrated polyglot, high-performance execution environment for dynamic, static, and native languages. GraalVM supports Java, Scala, Kotlin, Groovy, and other JVM-based languages. Simultaneously, it can run the dynamic scripting languages JavaScript, Ruby, R, and Python. In this lab, you’ll learn what you can do with GraalVM: Use it as the JVM JIT compiler, enhancing the JIT Run native and polyglot programs Compile them ahead of time for faster startup and lower runtime overhead Debug your polyglot code, using exactly the same tools for any language Profile the performance and memory of your application Embed GraalVM in a native application for portabilityPlease review the documentherein preparation for the lab.

CodeOne2018

more >>

Keynote: Oracle Code One

Session abstract

Oracle Code One Fireside ChatJoin us as some of today’s top developers meet up for a fireside chat.Building Next-Gen Cloud Native Apps with Embedded Intelligence, Chatbots, and ContainersThe cloud is fundamentally changing how enterprise applications are being built today. Developers are leveraging new services and capabilities up and down the stack to more quickly deliver innovation and provide greater ease of use, management, and integration, while also providing deeper intelligence through these applications. In this session see how data science, embedded intelligence, digital assistants, and easy-to-build/easy-to-manage cloud infrastructure are enabling these next generations of cloud native apps to be built on Oracle Cloud Platform.

CodeOne2018

more >>

One VM to Rule Them All? Lessons Learned with Truffle and Graal

Session abstract

Goldman Sachs has an in-house programming language used for its critical pricing and risk applications. This session’s speakers share their experiences of using Truffle and Graal as they headed along the path to turn it into a JVM language. They showcase some of the complexities of a complex dynamic type system, interfacing with C native functions, and trying to evolve an existing system with 150 million lines of code.

CodeOne2018

more >>