The Play vs. Grails Smackdown. A comparison done by James Ward and Matt Raible. Includes detailed analysis from building the same webapp with these two popular JVM Web Frameworks.
See the HTML5 version of this presentation at http://www.ubertracks.com/preso.
Get Hip with JHipster - Colorado Springs OSS Meetup April 2016Matt Raible
Building a modern web (or mobile) application requires a lot of tools, frameworks and techniques. This session shows how JHipster unites popular frameworks like AngularJS, Spring Boot and Bootstrap. Using Yeoman, a scaffolding tool for modern webapps, JHipster will generate a project that uses Java 8, SQL or NoSQL databases, Spring profiles, Maven or Gradle, Gulp.js, WebSockets and BrowserSync. It also supports a number of different authentication mechanisms: classic session-based auth, OAuth 2.0, or token-based authentication. For cloud deployments, JHipster includes out-of-the-box support for Cloud Foundry and Heroku.
Get Hip with JHipster: Spring Boot + AngularJS + Bootstrap - Devoxx 2015Matt Raible
JHipster is a development platform that generates Spring Boot and AngularJS projects. It aims to make developers hip by including the latest trends like microservices, Docker, and cloud-native technologies. The presentation demonstrated generating a blog application with JHipster and deploying it to the cloud in under 30 minutes. JHipster allows generating CRUD screens from entities and provides features like authentication, metrics monitoring, and internationalization out of the box.
Getting Started with Angular - Stormpath Webinar, January 2017Matt Raible
This document provides an overview of Angular and highlights some key points about Matt Raible and his experience with Angular. It discusses Angular's speed, security features, and easy API. It also shows trends in Angular's popularity compared to other frameworks and provides code examples to demonstrate how to get started with Angular. The document encourages learning Angular and directs readers to additional resources like Matt's open source projects and presentations.
The Modern Java Web Developer Bootcamp - Devoxx 2013Matt Raible
HTML5, CSS3, JavaScript, jQuery, Angular JS, Bootstrap, Mobile, CoffeeScript, GitHub, functional programming, Page Speed, Apache, JSON with Jackson, caching, REST, Security, load testing, profiling, Wro4j, Heroku, Cloudbees, AWS.
These are just some of the buzzwords that a Java web developer hears on a daily basis. This talk is designed to expose you to a plethora of technologies that you might've heard about, but haven't learned yet. We'll concentrate on the most important web developer skills, as well as UI tips and tricks to make you a better front-end engineer. Some of the most valuable engineers these days have front-end JS/CSS skills, as well as backend Java skills.
This presentation is from the University session I delivered at Devoxx 2013, in Antwerp. http://devoxx.be/dv13-matt-raible.html?presId=3648
Comparing Hot JavaScript Frameworks: AngularJS, Ember.js and React.js - Sprin...Matt Raible
JavaScript MVC Frameworks are all the rage these days. They’ve taken the web development world by storm. This session explores the various features of the three hottest JavaScript MVC frameworks: AngularJS, Ember.js and React.js. It also compares client-side templating vs. server-side templating and how well each framework supports Isomorphic JavaScript (code that can run both client-side and server-side). Finally, it ranks each framework on 10 different criteria using Yevgeniy Brikman’s framework scorecard.
Video on InfoQ: https://www.infoq.com/presentations/comparing-angular-ember-react
This talk covers the history of Spring, as well as what's new in Spring 3.1.
Specific areas discussed:
- Environments and Profiles
- Servlet 3.0 Support
- Hibernate 4 Support
- Cache Abstraction
- Java Configuration
- Test Context Support for Configuration Classes and Profiles
Read more about this presentation at:
http://raibledesigns.com/rd/entry/my_what_s_new_in
The best reason for writing tests is to automate your testing. Without tests, you'll likely be testing manually. This manual testing will take longer and longer as your codebase grows. In this session, you’ll learn how to test an Angular 2 application. You'll learn how to use Jasmine to unit testing components and Protractor for integration testing. We’ll also take a look at code coverage options and explore continuous integration tools.
Java Web Application Security - Utah JUG 2011Matt Raible
During this presentation, I demonstrate how to implement authentication in your Java web applications using Spring Security, Apache Shiro and good ol' Java EE Container Managed Authentication. You'll also learn how to secure your REST API with OAuth and lock it down with SSL.
After learning how to develop authentication, I'll introduce you to OWASP, the OWASP Top 10, its Testing Guide and its Code Review Guide.
Much of this talk is contained in demos and I plan on uploading those as screencasts throughout May and June. I'll also be delivering this talk at ÜberConf in July 2011.
The Art of Angular in 2016 - Devoxx France 2016Matt Raible
AngularJS is one of today's hottest JavaScript MVC Frameworks. In this session, we explore its next version: Angular 2. You'll see how to build and test Angular 2 components with TypeScript, as well as how to develop forms with validation. Finally, you'll learn about related Angular 2 projects and be on your way to becoming an Angular 2 Artist!
This document discusses Clojure web development and describes a web-based project management system called Trakr that was created using Clojure. Trakr uses a MongoDB database and has a modern friendly UI. The architecture involves a Clojure HTTP server with a Ring middleware pipeline and Compojure routing to map requests to handlers. Testing is done with clojure.test and clojure.contrib.mock. Performance is around 70ms average latency.
Take some time to try various art mediums on your own, recognize your strengths, do research to learn basics, get necessary supplies, observe the world, make time for art daily, and seek feedback to develop your style. Enrolling in classes, studying masters, and visiting art studios can further help you learn from others. While it takes practice, just start creating to become an artist.
Tips and criteria for selecting a web presentation framework. The focus is on Java-based frameworks, but the criteria are valid for any platform. From a panel discussion at the Seattle Java User Group (SeaJUG)
The Modern Java Web Developer - JavaOne 2013Matt Raible
HTML5, CSS3, JavaScript, jQuery, Angular JS, Bootstrap, Mobile, CoffeeScript, GitHub, functional programming, Page Speed, Apache, JSON with Jackson, caching, REST, Security, load testing, profiling, Wro4j, Heroku, Cloudbees, AWS. These are just some of the buzzwords that a Java web developer hears on a daily basis. This talk is designed to expose you to a plethora of technologies that you might've heard about, but haven't learned yet. We'll concentrate on the most important web developer skills, as well as UI tips and tricks to make you a better front-end engineer. Some of the most valuable engineers these days have front-end JS/CSS skills, as well as backend Java skills.
A Gentle Introduction to Angular Schematics - Angular SF 2019Matt Raible
You might’ve heard of Angular Schematics, but do you know what they do? Learn how you can use this powerful tool to develop workflows and simplify configurations for your Angular projects.
Blog post: https://developer.okta.com/blog/2019/02/13/angular-schematics
Source code: https://github.com/oktadeveloper/okta-angular-schematics-example
Screencast: https://youtu.be/ANwZIt3Ni2s
The Art of AngularJS in 2015 - Angular Summit 2015Matt Raible
Presentation from Angular Summit Keynote in September 2015. http://angularsummit.com/conference/boston/2015/09/session?id=34212
AngularJS is one of today's hottest JavaScript MVC Frameworks. In this session, we'll explore many concepts it brings to the world of client-side development: dependency injection, directives, filters, routing and two-way data binding. We'll also look at its recommended testing tools and build systems.
A Gentle Introduction to Angular Schematics - Devoxx Belgium 2019Matt Raible
The document discusses using Angular Schematics to simplify development tasks. It covers creating a basic schematic, adding templates, testing schematics, publishing to NPM, and integrating with Angular CLI. Schematics can generate code and files and are useful for tasks like authentication, routing, and application shell generation. The document provides examples of building schematics that generate components and applications.
Play Framework on Google App Engine - Productivity StackMarcin Stepien
This document discusses using the Play Framework for web application development on Google App Engine (GAE). It provides an overview of Play and GAE, how they work together, and some tradeoffs. Specifically, it covers how Play abstracts away the GAE infrastructure, limitations of the GAE sandbox environment, options for running Play 2 applications on GAE including using a WAR file or custom runtime, and the pros and cons of the Play Framework on GAE approach.
Microservices for the Masses with Spring Boot, JHipster, and JWT - Rich Web 2016Matt Raible
Microservices are all the rage and being deployed by many Java Hipsters. If you’re working on a large team that needs different release cycles for product components, microservices can be a blessing. If you’re working at your VW Restoration Shop and running its online store with your own software, having five services to manage and deploy can be a real pain. Share your knowledge and experience about microservices in this informative and code-heavy talk.
We’ll use JHipster (a Yeoman generator) to create Angular + Spring Boot apps on separate instances with a unified front-end. I’ll also show you options for securing your API gateway and individual applications using JWT. Heroku, Kubernetes, Docker, ELK, Spring Cloud, Stormpath; there will be plenty of interesting demos to see!
Web Frameworks of the Future: Flex, GWT, Grails and RailsMatt Raible
The document introduces a session on web frameworks of the future that will discuss Flex, GWT, Rails and Grails. It provides background on the speaker, Matt Raible, who is a Java blogger and author with experience in various web frameworks. The session agenda outlines that it will discuss SOFEA and SOUI, introduce Rails, Grails, GWT and Flex, and help attendees choose between frameworks by focusing on eliminating rather than including options.
Running your Java EE 6 Apps in the Cloud - JavaOne India 2011Arun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of deploying Java EE 6 applications to various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. It also discusses the Java EE 7 specification and how it will further support cloud deployments with a focus on multi-tenancy and elasticity. Lastly, it outlines the GlassFish Server distributions for both open source and commercial use on private and public clouds.
JavaOne India 2011 - Running your Java EE 6 Apps in the CloudArun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of deploying Java EE 6 applications to various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. It also discusses the Java EE 7 specification and how it will further support cloud deployments with a focus on multi-tenancy and elasticity. Lastly, it outlines the GlassFish Server distributions for both open source and commercial use on private and public clouds.
Web Performance Part 4 "Client-side performance"Binary Studio
The presentation is devoted to client side performance of a web app. All 4 presentations will help you reduce latency, enrich optimization of javascript code, discover tricky parts when working with API browser, see best practices of networking and learn lots of other important and interesting things. Enjoy! =)
Running your Java EE 6 applications in the Cloud (FISL 12)Arun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of Java EE 6 and demonstrates how to deploy Java EE 6 applications on various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. The document also discusses the Java EE 7 specification and upcoming GlassFish Server distributions.
Running your Java EE 6 Applications in the CloudArun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of Java EE 6 and demonstrates deploying applications to various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. It also compares these platforms and discusses how Java EE can evolve to better support cloud computing.
Running your Java EE 6 applications in the CloudArun Gupta
The document discusses running Java EE applications in the cloud using platforms like Amazon Web Services, RightScale, Microsoft Azure, and Joyent. It provides an overview of deploying Java EE applications on each platform, including how to configure and manage applications on Amazon EC2 and S3, deploy using RightScripts on RightScale, publish to Microsoft Azure using Visual Studio, and the language and server options for Joyent. The document also touches on pricing models and some considerations for evolving Java EE for cloud platforms.
JFokus 2011 - Running your Java EE 6 apps in the CloudArun Gupta
Oracle provides Java EE 6 application servers and databases that can run on various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. These cloud platforms offer virtual servers, storage, databases and additional services that allow flexible deployment of Java EE 6 applications in public, private and hybrid cloud environments. Pricing models vary between platforms and include consumption-based or commitment-based options.
Lean microservices through ahead of time compilation (Tobias Piper, Loveholid...London Microservices
Recorded at the London Microservices Meetup: https://www.meetup.com/London-Microservices/
- Date: 05/08/2020
- Event page: https://www.meetup.com/London-Microservices/events/272223163/
Follow us on Twitter! https://twitter.com/LondonMicrosvc
---
Services interpreted at runtime often suffer from slow startup times when components are intitialized at runtime. Ahead of time compilation allows condensing down an application by stripping down unused dependencies and pre-initializing components for a short time to first request served. This is explored by the example of GraalVM and native images.
Key takeaways:
- Be aware what your service contains
- Approaches to improve startup time of a service
- Reduction of resource requirements for a service
Tobias works at Loveholidays.com as a senior software engineer extending it's microservice architecture and turning it more event-driven.
Running your Java EE 6 applications in the Cloud @ Silicon Valley Code Camp 2010Arun Gupta
Arun Gupta presented on running Java EE 6 applications in the cloud. He discussed Java EE 6 support on various cloud platforms including Amazon, RightScale, Elastra, and Joyent. He also compared features of different cloud vendors and how Java EE can evolve to better support cloud computing. Gupta concluded that Java EE 6 applications can easily be deployed to various clouds and GlassFish provides a feature-rich implementation of Java EE 6.
Connector/J is a popular Java database connector for connecting to MySQL databases. It allows building Java applications that connect to MySQL and provides features for high availability access. The presentation discusses using Connector/J to connect to MySQL for basic queries, in Tomcat applications, and for high availability configurations like replication, multi-master replication, MySQL Fabric, and MySQL Cluster. It also covers monitoring connections using tools like MySQL Enterprise Monitor.
1. The document analyzes obfuscated JavaScript exploitation using the process debug manager extension of Microsoft Visual Studio.
2. This extension allows tracing of JavaScript behavior like function calls and property changes during execution, which can help analyze sophisticated attacks using techniques like binary encoding and obfuscation.
3. The debugging extension provides a higher-level view of the scripting environment compared to traditional low-level debuggers, helping bridge the "semantic gap" between the kernel/user modes and the web application layer.
The document discusses new features and improvements in Grails 2.0, including enhanced plugin support, NoSQL integration, improved unit testing, static resource handling, GORM updates, and SQL database migration tools. It provides an overview of several new capabilities and summarizes key areas that received attention in the latest Grails release.
Running your Java EE 6 applications in the clouds Arun Gupta
Running Java EE 6 applications in the cloud can provide scalability and flexibility. The document discusses deploying Java EE 6 applications on various cloud platforms including Amazon EC2, RightScale, Elastra, and Joyent. It provides an introduction to Java EE 6 and demonstrates running applications on Amazon EC2. It also compares deployment processes and pricing models across cloud vendors.
The document discusses adopting Grails for web application development. It summarizes several episodes or lessons learned:
1. GORM constraints were ignored when domain classes were loaded by a shared classloader rather than the Grails classloader. The constraints had to be extracted to a shared library.
2. Using BlazeDS for Flex communication caused data objects to lose field values after round trips. DTOs and mapping tools like Dozer were needed.
3. Web services should treat the UI as another automation client to avoid duplicating XML flows. Domain data can be mapped to XML in GSPs without DTOs.
4. When domain classes were no longer stored in the database, meta-
The document discusses adopting the Grails web application framework. It describes several episodes that a company experienced in using Grails in production applications. Episode 1 discusses how GORM constraints were ignored when domain classes were shared between applications. Episode 2 describes issues mapping domain objects to Flex classes. Episode 3 provides recommendations for designing web services for both user interfaces and automation. Episode 4 discusses enhancing meta-classes when domain classes were no longer stored in the database. Episode 5 offers suggestions for improving developer support. Episode 6 shows how to leverage functionality across applications by extracting shared services into plugins. The summary provides best practices including clearly communicating benefits, maintaining coding guidelines, and staying close to Grails strengths.
Grails is an open-source framework that enables high-velocity development of Spring applications. It uses conventions over configuration, integrates best-of-breed Java technologies like Spring and Hibernate, and provides a full-stack framework with object-relational mapping, web controllers, and view rendering. Grails aims to increase developer productivity through sensible defaults and simplified APIs.
Haj 4344-java se 9 and the application server-1Kevin Sutter
Our presentation at InterConnect 2017 about Java SE 9 and our direct experiences with using it as our Java runtime for the WebSphere Liberty application server.
Continuous Deployment: The Dirty DetailsMike Brittain
Presented at ALM Summit 3 in Redmond, WA. January 2013.
Like what you've read? We're frequently hiring for a variety of engineering roles at Etsy. If you're interested, drop me a line or send me your resume: mike@etsy.com.
http://www.etsy.com/careers
Accelerating Deep Learning Training with BigDL and Drizzle on Apache Spark wi...Databricks
The BigDL framework scales deep learning for large data sets using Apache Spark. However there is significant scheduling overhead from Spark when running BigDL at large scale. In this talk we propose a new parameter manager implementation that along with coarse-grained scheduling can provide significant speedups for deep learning models like Inception, VGG etc. Aggregation functions like reduce or treeReduce that are used for parameter aggregation in Apache Spark (and the original MapReduce) are slow as the centralized scheduling and driver network bandwidth become a bottleneck especially in large clusters.
To reduce the overhead of parameter aggregation and allow for near-linear scaling, we introduce a new AllReduce operation, a part of the parameter manager in BigDL which is built directly on top of the BlockManager in Apache Spark. AllReduce in BigDL uses a peer-to-peer mechanism to synchronize and aggregate parameters. During parameter synchronization and aggregation, all nodes in the cluster play the same role and driver’s overhead is eliminated thus enabling near-linear scaling. To address the scheduling overhead we use Drizzle, a recently proposed scheduling framework for Apache Spark. Currently, Spark uses a BSP computation model, and notifies the scheduler at the end of each task. Invoking the scheduler at the end of each task adds overheads and results in decreased throughput and increased latency.
Drizzle introduces group scheduling, where multiple iterations (or a group) of iterations are scheduled at once. This helps decouple the granularity of task execution from scheduling and amortizes the costs of task serialization and launch. Finally we will present results from using the new AllReduce operation and Drizzle on a number of common deep learning models including VGG and Inception. Our benchmarks run on Amazon EC2 and Google DataProc will show the speedups and scalability of our implementation.
Similar to Play Framework vs Grails Smackdown - JavaOne 2013 (20)
Keep Identities in Sync the SCIMple Way - ApacheCon NA 2022Matt Raible
What if keeping your user stores in sync across domains was as simple as running "java -jar"? With Apache SCIMPle, it is!
Apache SCIMple is a SCIM 2.0-compliant server powered by Spring Boot 3. You can run it standalone or embedded in your existing app. It exposes user management REST endpoints and handles the hassle of user synchronization for you. If your identity provider supports SCIM, use the simple way!
GitHub example: https://github.com/mraible/okta-scim-spring-boot-example
Demo script: https://github.com/mraible/okta-scim-spring-boot-example/blob/main/demo.adoc
Micro Frontends for Java Microservices - Belfast JUG 2022Matt Raible
You've figured out how to split up your backend services into microservices and scale your teams to the moon, right?
But what about the frontend? Are you still building monoliths for your UI?
If so, you might want to check out micro frontends—basically extensions to the microservices pattern, where the concept is extended to the frontend.
Find out how to package and deploy your microservices and their UIs in the same artifact, as well as make it possible to test and develop them independently.
In this live session, Matt will show you how to build a microservices and micro frontends architecture using Angular, Spring Boot, and Spring Cloud.
Related blog post: https://auth0.com/blog/micro-frontends-for-java-microservices
GitHub repo: https://github.com/oktadev/auth0-micro-frontends-jhipster-example
Micro Frontends for Java Microservices - Dublin JUG 2022Matt Raible
The document discusses micro frontends for Java microservices. It provides an overview of microservices and frameworks like Spring and JHipster that can be used to develop microservices in Java. It then introduces the concept of micro frontends as an architecture for microservice applications and demonstrates how to build a sample application with micro frontends using JHipster. It also covers securing microservices with OAuth 2.1 and shows a live demo of creating and running microservice applications with JHipster.
Micro Frontends for Java Microservices - Cork JUG 2022Matt Raible
You've figured out how to split up your backend services into microservices and scale your teams to the moon, right?
But what about the frontend? Are you still building monoliths for your UI?
If so, you might want to check out micro frontends—basically extensions to the microservices pattern, where the concept is extended to the frontend.
Find out how to package and deploy your microservices and their UIs in the same artifact, as well as make it possible to test and develop them independently.
In this live session, Matt will show you how to build a microservices and micro frontends architecture using Angular, Spring Boot, and Spring Cloud.
Related blog post: https://auth0.com/blog/micro-frontends-for-java-microservices
GitHub repo: https://github.com/oktadev/auth0-micro-frontends-jhipster-example
Comparing Native Java REST API Frameworks - Seattle JUG 2022Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!! What about Helidon?
There are a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, Spring Boot, and Helidon. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Helidon companion post: https://developer.okta.com/blog/2022/01/06/native-java-helidon
GitHub repo: https://github.com/oktadev/native-java-examples
Reactive Java Microservices with Spring Boot and JHipster - Spring I/O 2022Matt Raible
Microservice architectures are all the rage in JavaLand. They allow teams to develop services independently and deploy autonomously.
Why microservices?
IF
you are developing a large/complex application
AND
you need to deliver it rapidly, frequently, and reliably over a long period of time
THEN
the Microservice Architecture is often a good choice.
Reactive architectures are becoming increasingly popular for organizations that need to do more, with less hardware. Reactive programming allows you to build systems that are resilient to high load.
In this session, I'll show you how to use JHipster to create a reactive microservices architecture with Spring Boot, Spring Cloud, Keycloak, and run it all in Docker. You will leave with the know-how to create your own resilient apps!
Related blog post: https://developer.okta.com/blog/2021/01/20/reactive-java-microservices
YouTube demo: https://youtu.be/clkEUHWT9-M
GitHub repo: https://github.com/oktadev/java-microservices-examples/tree/main/reactive-jhipster
Comparing Native Java REST API Frameworks - Devoxx France 2022Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!! What about Helidon?
There are a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, Spring Boot, and Helidon. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Helidon companion post: https://developer.okta.com/blog/2022/01/06/native-java-helidon
GitHub repo: https://github.com/oktadev/native-java-examples
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open-source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Native Java with Spring Boot and JHipster - Garden State JUG 2021Matt Raible
Do you want to deploy your Spring Boot apps in a serverless environment and have them start up in milliseconds? Of course, you do!
In this talk, Josh Long and Matt Raible will introduce you to Spring Native. They'll teach you all about how it can compile Spring Boot apps into native binaries that start faster than a speeding bullet! You'll learn about native testing support with JUnit 5 and the pros and cons of native vs JVM deployments.
This talk will also highlight a customer, the JHipster project. JHipster generates Spring Boot-based monoliths and microservices. You'll learn about the project's experience with Spring Boot, Spring Cloud, Spring WebFlux, and Spring Native. It ain't easy being a Java Hipster, but the Spring ecosystem does simplify the process quite a bit.
Recording on YouTube: https://youtu.be/k6nBB8FOmQ8
Examples on GitHub: https://github.com/mraible/spring-native-examples
Writeup on LinkedIn: https://www.linkedin.com/pulse/jhipster-works-spring-native-part-2-matt-raible/
Java REST API Framework Comparison - PWX 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Web App Security for Java Developers - PWX 2021Matt Raible
Web app security is not just authentication and authorization. It's also the things you do to protect your web app from attackers with their XSS (cross-site scripting), SQL injection, DoS/DDoS attacks, and CSRF (cross-site request forgery), to name a few.
Web app security is a central component of any web-based business. The internet exposes web apps to attacks from different locations and various levels of scale and complexity. Web application security deals specifically with the security surrounding websites, web applications, and web services such as APIs.
In this presentation, you'll learn seven ways to better web app security, using Spring Security for code samples. You'll also see some quick demos of Spring Boot, Angular, and JHipster with Keycloak, Auth0, and Okta.
Mobile App Development with Ionic, React Native, and JHipster - Connect.Tech ...Matt Raible
Mobile development offers a lot of options. To develop native apps, you can use Java or Kotlin on Android. On iOS, you can use Objective C or Swift. There are other options, too. You can build hybrid mobile apps and Progressive Web Apps (PWAs). Hybrid mobile apps are those created with web technologies (HTML, JavaScript, and CSS) that look like native apps. PWAs have the ability to work offline and act like mobile apps.
In this talk, we'll explore a few different mobile technologies: PWAs, React Native, and Ionic (with Angular). You'll walk away with knowledge of how to build mobile + Spring Boot apps in minutes with JHipster.
* GitHub repo: https://github.com/mraible/mobile-jhipster
* Demo script: https://github.com/mraible/mobile-jhipster/blob/main/demo.adoc
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open-source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Delivered at JokerConf on October 28, 2021 at 11am MDT: https://jokerconf.com/en/talks/lock-that-sh*t-down-auth-security-patterns-for-apps-apis-and-infra/
Web App Security for Java Developers - UberConf 2021Matt Raible
Web app security is not just authentication and authorization. It's also the things you do to protect your web app from attackers with their XSS (cross-site scripting), SQL injection, DoS/DDoS attacks, and CSRF (cross-site request forgery), to name a few.
Web app security is a central component of any web-based business. The internet exposes web apps to attacks from different locations and various levels of scale and complexity. Web application security deals specifically with the security surrounding websites, web applications, and web services such as APIs.
In this presentation, you'll learn seven ways to better web app security, using Spring Security for code samples. You'll also see some quick demos of Spring Boot, Angular, and JHipster with Okta.
Java REST API Framework Comparison - UberConf 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Native Java with Spring Boot and JHipster - SF JUG 2021Matt Raible
Do you want to deploy your Spring Boot apps in a serverless environment and have them start up in milliseconds? Of course, you do!
In this talk, Josh Long and Matt Raible will introduce you to Spring Native. They'll teach you all about how it can compile Spring Boot apps into native binaries that start faster than a speeding bullet! You'll learn about native testing support with JUnit 5 and the pros and cons of native vs JVM deployments.
This talk will also highlight a customer, the JHipster project. JHipster generates Spring Boot-based monoliths and microservices. You'll learn about the project's experience with Spring Boot, Spring Cloud, Spring WebFlux, and Spring Native. It ain't easy being a Java Hipster, but the Spring ecosystem does simplify the process quite a bit.
Recording on YouTube: https://youtu.be/F9oydL_MndA
Examples on GitHub: https://github.com/mraible/spring-native-examples
Writeup on LinkedIn: https://www.linkedin.com/pulse/jhipster-works-spring-native-matt-raible/
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Reactive Java Microservices with Spring Boot and JHipster - Denver JUG 2021Matt Raible
Microservice architectures are all the rage in JavaLand. They allow teams to develop services independently and deploy autonomously.
Why microservices?
IF
you are developing a large/complex application
AND
you need to deliver it rapidly, frequently, and reliably over a long period of time
THEN
the Microservice Architecture is often a good choice
Reactive architectures are becoming increasingly popular for organizations that need to do more, with less hardware. Reactive programming allows you to build systems that are resilient to high loads.
In this session, I'll show you how to use JHipster to create a reactive microservices architecture with Spring Boot, Spring Cloud, Keycloak, and run it all in Docker. You will leave with the know-how to create your own resilient apps!
Related blog post: https://developer.okta.com/blog/2021/01/20/reactive-java-microservices
YouTube demo: https://youtu.be/clkEUHWT9-M
YouTube recording: https://youtu.be/8OuZMFyh0xE
GitHub repo: https://github.com/oktadev/java-microservices-examples/tree/main/reactive-jhipster
Get Hip with JHipster - Colorado Springs Open Source User Group 2021Matt Raible
JHipster is bad-ass. It's an Apache-licensed open source project that allows you to generate Spring Boot APIs and Angular (or React/Vue) apps. It has a vibrant community and ecosystem with support for deploying to many cloud providers and using the latest DevOps buzzwords, like Docker and K8s.
This session will show you JHipster, why it's cool, and show you how to create an app with it.
JHipster 7 Demo: https://www.youtube.com/watch?v=6lf64CctDAQ
JHipster 7 Tutorial: https://github.com/mraible/jhipster7-demo#readme
JHipster and Okta - JHipster Virtual Meetup December 2020Matt Raible
YouTube video: https://www.youtube.com/watch?v=ym-OPn4e_nQ
When I first started working at Okta, I refactored JHipster's OAuth support to move from authentication on the client to the server, leveraging Spring Security. This allowed for easier client integration since we didn't need to worry about finding an OIDC client for each frontend framework.
Fast forward four years and JHipster's OAuth 2.0 and OIDC support is first-class! It uses Keycloak in a Docker container by default, but it's easy to switch to another identity provider (IdP) thanks to Spring Boot. Other blueprints like Micronaut, Quarkus, Node.js, and .NET support OAuth and OIDC too!
This presentation explains what OAuth 2.0 and OIDC is, gives an overview of JHipster’s OAuth implementation, and provides three quick demos with Keycloak, the Okta CLI, and Heroku.
See https://developer.okta.com/blog/tags/jhipster for Okta + JHipster tutorials and screencasts! 邏
You also might enjoy my What the Heck is OAuth? blog post:
https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...Chris Swan
Have you noticed the OpenSSF Scorecard badges on the official Dart and Flutter repos? It's Google's way of showing that they care about security. Practices such as pinning dependencies, branch protection, required reviews, continuous integration tests etc. are measured to provide a score and accompanying badge.
You can do the same for your projects, and this presentation will show you how, with an emphasis on the unique challenges that come up when working with Dart and Flutter.
The session will provide a walkthrough of the steps involved in securing a first repository, and then what it takes to repeat that process across an organization with multiple repos. It will also look at the ongoing maintenance involved once scorecards have been implemented, and how aspects of that maintenance can be better automated to minimize toil.
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc
Six months into 2024, and it is clear the privacy ecosystem takes no days off!! Regulators continue to implement and enforce new regulations, businesses strive to meet requirements, and technology advances like AI have privacy professionals scratching their heads about managing risk.
What can we learn about the first six months of data privacy trends and events in 2024? How should this inform your privacy program management for the rest of the year?
Join TrustArc, Goodwin, and Snyk privacy experts as they discuss the changes we’ve seen in the first half of 2024 and gain insight into the concrete, actionable steps you can take to up-level your privacy program in the second half of the year.
This webinar will review:
- Key changes to privacy regulations in 2024
- Key themes in privacy and data governance in 2024
- How to maximize your privacy program in the second half of 2024
Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
Key Takeaways: Open source, vendor neutral instrumentation is an exciting new reality as the industry standardizes on openTelemetry for observability. OpenTelemetry is on a mission to enable effective observability by making high-quality, portable telemetry ubiquitous. The world of observability and monitoring today has a steep learning curve and in order to achieve ubiquity, the project would benefit from growing our contributor community.
Transcript: Details of description part II: Describing images in practice - T...BookNet Canada
This presentation explores the practical application of image description techniques. Familiar guidelines will be demonstrated in practice, and descriptions will be developed “live”! If you have learned a lot about the theory of image description techniques but want to feel more confident putting them into practice, this is the presentation for you. There will be useful, actionable information for everyone, whether you are working with authors, colleagues, alone, or leveraging AI as a collaborator.
Link to presentation recording and slides: https://bnctechforum.ca/sessions/details-of-description-part-ii-describing-images-in-practice/
Presented by BookNet Canada on June 25, 2024, with support from the Department of Canadian Heritage.
Mitigating the Impact of State Management in Cloud Stream Processing SystemsScyllaDB
Stream processing is a crucial component of modern data infrastructure, but constructing an efficient and scalable stream processing system can be challenging. Decoupling compute and storage architecture has emerged as an effective solution to these challenges, but it can introduce high latency issues, especially when dealing with complex continuous queries that necessitate managing extra-large internal states.
In this talk, we focus on addressing the high latency issues associated with S3 storage in stream processing systems that employ a decoupled compute and storage architecture. We delve into the root causes of latency in this context and explore various techniques to minimize the impact of S3 latency on stream processing performance. Our proposed approach is to implement a tiered storage mechanism that leverages a blend of high-performance and low-cost storage tiers to reduce data movement between the compute and storage layers while maintaining efficient processing.
Throughout the talk, we will present experimental results that demonstrate the effectiveness of our approach in mitigating the impact of S3 latency on stream processing. By the end of the talk, attendees will have gained insights into how to optimize their stream processing systems for reduced latency and improved cost-efficiency.
Blockchain technology is transforming industries and reshaping the way we conduct business, manage data, and secure transactions. Whether you're new to blockchain or looking to deepen your knowledge, our guidebook, "Blockchain for Dummies", is your ultimate resource.
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfNeo4j
Presented at Gartner Data & Analytics, London Maty 2024. BT Group has used the Neo4j Graph Database to enable impressive digital transformation programs over the last 6 years. By re-imagining their operational support systems to adopt self-serve and data lead principles they have substantially reduced the number of applications and complexity of their operations. The result has been a substantial reduction in risk and costs while improving time to value, innovation, and process automation. Join this session to hear their story, the lessons they learned along the way and how their future innovation plans include the exploration of uses of EKG + Generative AI.
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxSynapseIndia
Your comprehensive guide to RPA in healthcare for 2024. Explore the benefits, use cases, and emerging trends of robotic process automation. Understand the challenges and prepare for the future of healthcare automation
The Rise of Supernetwork Data Intensive ComputingLarry Smarr
Invited Remote Lecture to SC21
The International Conference for High Performance Computing, Networking, Storage, and Analysis
St. Louis, Missouri
November 18, 2021
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
Kief Morris rethinks the infrastructure code delivery lifecycle, advocating for a shift towards composable infrastructure systems. We should shift to designing around deployable components rather than code modules, use more useful levels of abstraction, and drive design and deployment from applications rather than bottom-up, monolithic architecture and delivery.
論文紹介:A Systematic Survey of Prompt Engineering on Vision-Language Foundation ...Toru Tamaki
Jindong Gu, Zhen Han, Shuo Chen, Ahmad Beirami, Bailan He, Gengyuan Zhang, Ruotong Liao, Yao Qin, Volker Tresp, Philip Torr "A Systematic Survey of Prompt Engineering on Vision-Language Foundation Models" arXiv2023
https://arxiv.org/abs/2307.12980
Comparison Table of DiskWarrior Alternatives.pdfAndrey Yasko
To help you choose the best DiskWarrior alternative, we've compiled a comparison table summarizing the features, pros, cons, and pricing of six alternatives.
Quality Patents: Patents That Stand the Test of TimeAurora Consulting
Is your patent a vanity piece of paper for your office wall? Or is it a reliable, defendable, assertable, property right? The difference is often quality.
Is your patent simply a transactional cost and a large pile of legal bills for your startup? Or is it a leverageable asset worthy of attracting precious investment dollars, worth its cost in multiples of valuation? The difference is often quality.
Is your patent application only good enough to get through the examination process? Or has it been crafted to stand the tests of time and varied audiences if you later need to assert that document against an infringer, find yourself litigating with it in an Article 3 Court at the hands of a judge and jury, God forbid, end up having to defend its validity at the PTAB, or even needing to use it to block pirated imports at the International Trade Commission? The difference is often quality.
Quality will be our focus for a good chunk of the remainder of this season. What goes into a quality patent, and where possible, how do you get it without breaking the bank?
** Episode Overview **
In this first episode of our quality series, Kristen Hansen and the panel discuss:
⦿ What do we mean when we say patent quality?
⦿ Why is patent quality important?
⦿ How to balance quality and budget
⦿ The importance of searching, continuations, and draftsperson domain expertise
⦿ Very practical tips, tricks, examples, and Kristen’s Musts for drafting quality applications
https://www.aurorapatents.com/patently-strategic-podcast.html
2. Why a Smackdown?
Play 2 and Grails 2 are often hyped as the most productive JVM
Web Frameworks.
* We wanted to know how they enhanced the Developer Experience (DX).
3. Happy Trails Requirements
Server-side Templates
Play 2 with Java
Form Validation
Data Pagination
Authentication
Scheduled Jobs
Atom / RSS
Email Notifications
Unit / Integration Tests
Load Tests
Performance Tests
Stretch Goals: Search, Photo Upload to S3
6. “Play Framework is based on a lightweight,
stateless, web-friendly architecture. Built on Akka,
Play provides predictable and minimal resource
consumption (CPU, memory, threads) for highly-
scalable applications.”
7. My Top 10 Favorite Features
1. Just hit refresh workflow
2. Type safety
3. RESTful
4. Stateless
5. Reactive
6. Asset Compiler
7. First-class JSON
8. Java & Scala
9. Templates in Activator
10. LinkedIn, Gawker, etc
9. “ Powered by Spring, Grails outperforms the
competition. Dynamic, agile web development
without compromises. ”
10. My Top 10 Favorite Features
1. Documentation
2. Clean URLs
3. GORM
4. IntelliJ IDEA Support
5. Zero Turnaround
6. Excellent Testing Support
7. Groovy
8. GSPs
9. Resource Optimizer
10. Instant Deployment on Heroku
11. Our Setup
IntelliJ IDEA for Development
GitHub for Source Control
CloudBees for Continuous Integration
Heroku for Production
Later added: QA Person and BrowserMob
12. Code Walk Through
We developed the same app, in similar ways, so let's look at the
different layers.
↓
Database
URL Mapping
Models
Controllers
Views
Validation
IDE Support
Job
Feed
Email
Photo Upload
Testing
Demo Data
Configuration
Authentication
13. Database - Grails
Hibernate is the default persistence provider
Create models, Hibernate creates the schema for you
grails-app/conf/DataSource.groovy
environments{
development{
dataSource{
dbCreate="create-drop"//oneof'create','create-drop','update','val
idate',''
url="jdbc:postgresql://localhost:5432/happytrails"
}
}
14. Database - Play
EBean is the default persistence provider in Java projects
Evolutions can be auto-applied
Initial evolution sql is auto-created
Subsequent changes must be versioned
Auto-created schema file is database dependent
Play 2 supports multiple datasources (Play 1 does not)
conf/evolutions/default/2.sql
#---!Ups
ALTERTABLEaccountADDis_adminboolean;
UPDATEaccountSETis_admin=FALSE;
#---!Downs
ALTERTABLEaccountDROPis_admin;
17. URL Mapping - Play
conf/routes
GET / controllers.ApplicationController.index()
GET /signup controllers.ApplicationController.signupForm()
POST /signup controllers.ApplicationController.signup()
GET /login controllers.ApplicationController.loginForm()
POST /login controllers.ApplicationController.login()
GET /logout controllers.ApplicationController.logout()
GET /addregion controllers.RegionController.addRegion()
POST /addregion controllers.RegionController.saveRegion()
GET /:region/feed controllers.RegionController.getRegionFeed(region)
GET /:region/subscribe controllers.RegionController.subscribe(region)
GET /:region/unsubscribe controllers.RegionController.unsubscribe(region)
GET /:region/addroute controllers.RegionController.addRoute(region)
POST /:region/addroute controllers.RegionController.saveRoute(region)
GET /:region/delete controllers.RegionController.deleteRegion(region)
GET /:region/:route/rate controllers.RouteController.saveRating(region, route, rating: java.lang.Integer)
POST /:region/:route/comment controllers.RouteController.saveComment(region, route)
GET /:region/:route/delete controllers.RouteController.deleteRoute(region, route)
GET /:region/:route controllers.RouteController.getRouteHtml(region, route)
GET /:region controllers.RegionController.getRegionHtml(region, sort ?= "name")
18. Models - Grails
All properties are persisted by default
Constraints
Mappings with hasMany and belongsTo
Override methods for lifecycle events
grails-app/domain/happytrails/Region.groovy
packagehappytrails
classRegion{
staticcharactersNumbersAndSpaces=/[a-zA-Z0-9]+/
staticsearchable=true
staticconstraints={
nameblank:false,unique:true,matches:charactersNumbersAndSpaces
seoNamenullable:true
routescascade:"all-delete-orphan"
}
statichasMany=[routes:Route]
Stringname
StringseoName
defbeforeValidate(){
29. Job - Play
Plain old `static void main`
Independent of web app
app/jobs/DailyRegionDigestEmailJob.java
publicclassDailyRegionDigestEmailJob{
publicstaticvoidmain(String[]args){
Applicationapplication=newApplication(newFile(args[0]),DailyRegionDigest
EmailJob.class.getClassLoader(),null,Mode.Prod());
Play.start(application);
List<RegionUserDigest>regionUserDigests=getRegionUserDigests();
36. Testing - Grails
Unit Tests with @TestFor and @Mock
Test URL Mappings with UrlMappingsUnitTestMixin
Integration Testing with GroovyTestCase
Functional Testing with Geb
* Grails plugins often aren't in test scope.
test/unit/happytrails/RouteTests.groovy
packagehappytrails
importgrails.test.mixin.*
@TestFor(Route)
classRouteTests{
voidtestConstraints(){
defregion=newRegion(name:"Colorado")
defwhiteRanch=newRoute(name:"WhiteRanch",distance:12.0,location:"Gol
den,CO",region:region)
mockForConstraintsTests(Route,[whiteRanch])
//validationshouldfailifrequiredpropertiesarenull
defroute=newRoute()
assert!route.validate()
assert"nullable"==route.errors["name"]
37. Testing - Play
Standard JUnit
Unit Tests & Functional Tests
FakeApplication, FakeRequest, inMemoryDatabase
Test: Controllers, Views, Routing, Real Server, Browser
test/ApplicationControllerTest.java
@Test
publicvoidindex(){
running(fakeApplication(inMemoryDatabase()),newRunnable(){
publicvoidrun(){
DemoData.loadDemoData();
Resultresult=callAction(routes.ref.ApplicationController.index());
assertThat(status(result)).isEqualTo(OK);
assertThat(contentAsString(result)).contains(DemoData.CRESTED_BUTTE_COLORADO_R
EGION);
assertThat(contentAsString(result)).contains("<li>");
}
});
}
38. Demo Data - Grails
grails-app/conf/BootStrap.groovy
import happytrails.User
import happytrails.Region
import happytrails.Route
import happytrails.RegionSubscription
class BootStrap {
def init = { servletContext ->
if (!User.count()) {
User user = new User(username: "mraible@gmail.com", password: "happyhour",
name: "Matt Raible", enabled: true).save(failOnError: true)
User commentor = new User(username: "mraible+comments@gmail.com", password: "happyhour",
name: "Fitz Raible", enabled: true).save(failOnError: true)
Region frontRange = new Region(name: "Colorado Front Range").save(failOnError: true)
// Add routes
def whiteRanch = new Route(name: "White Ranch", distance: 10, location: "Golden, CO",
description: "Long uphill climb", region: frontRange).save(failOnError: true)
// Add comments
whiteRanch.addComment(commentor, "Coming down is the best!")
// Add a few ratings
whiteRanch.rate(user, 3)
41. Configuration - Play
Based on the TypeSafe Config Library
Override config with Java Properties:
-Dfoo=bar
Environment Variable substitution
Run with different config files:
-Dconfig.file=conf/prod.conf
conf/prod.conf
include"application.conf"
application.secret=${APPLICATION_SECRET}
db.default.driver=org.postgresql.Driver
db.default.url=${DATABASE_URL}
applyEvolutions.default=true
42. Authentication - Grails
Spring Security UI Plugin, “I love you!”
grails-app/conf/Config.groovy
grails.mail.default.from="BikeÃberTracks<bike@ubertracks.com>"
grails.plugins.springsecurity.ui.register.emailFrom=grails.mail.default.from
grails.plugins.springsecurity.ui.register.emailSubject='WelcometoÃberTracks!'
grails.plugins.springsecurity.ui.forgotPassword.emailFrom=grails.mail.default.from
grails.plugins.springsecurity.ui.forgotPassword.emailSubject='PasswordReset'
grails.plugins.springsecurity.controllerAnnotations.staticRules=[
'/user/**':['ROLE_ADMIN'],
'/role/**':['ROLE_ADMIN'],
'/registrationCode/**':['ROLE_ADMIN'],
'/securityInfo/**':['ROLE_ADMIN']
]
//AddedbytheSpringSecurityCoreplugin:
grails.plugins.springsecurity.userLookup.userDomainClassName='happytrails.User'
grails.plugins.springsecurity.userLookup.authorityJoinClassName='happytrails.UserRol
e'
grails.plugins.springsecurity.authority.className='happytrails.Role'
43. Authentication - Play
Uses cookies to remain stateless
app/controllers/Secured.java
publicclassSecuredextendsSecurity.Authenticator{
@Override
publicStringgetUsername(Contextctx){
//todo:needtomakesuretheuserisvalid,notjustthetoken
returnctx.session().get("token");
}
app/controllers/RegionController.java
@Security.Authenticated(Secured.class)
publicstaticResultaddRegion(){
returnok(views.html.regionForm.render(form(Region.class)));
}
76. Conclusions: Code
From a code perspective, very similar frameworks.
Code authoring good in both.
Grails Plugin Ecosystem is excellent.
TDD-Style Development easy with both.
Type-safety in Play 2 was really useful, especially
routes and upgrades.
77. Conclusions: Statistical
Analysis
Grails has better support for FEO (YSlow, PageSpeed)
Grails has less LOC! (4 more files, but 20% less code)
Apache Bench with 10K requests (2 Dynos):
Requests per second: {Play: 242, Grails:
257}
Caching significantly helps!
78. Conclusions: Ecosystem
Analysis
"Play" is difficult to search for.
Grails is more mature.
Play has momentum issues.
LinkedIn: more people know Grails than Spring MVC.
Play had 3x user mailing list traffic, but gap is
narrowing.
We had similar experiences with documentation and
questions.
Outdated documentation is a problem for both.
Play has way more hype!
79. Questions?
Source:
Branches: grails2, play2_java
Presentation*: master/preso
Contact Us:
* Presentation created with , and .
http://ubertracks.com
https://github.com/jamesward/happytrails
jamesward.com
raibledesigns.com
Reveal.js Google Charts GitHub Files