|Behind the Scenes of the Apache Software Foundation (Part 1)||Eilebrecht, Schmidt|
|Behind the Scenes of the Apache Software Foundation (Part 2)||Eilebrecht, Schmidt|
|Secure Single-Sign-On with Apache Directory and Apache Kerberos||Rodriguez|
|Securing Web Access with a Private
|Apache Roller: an Open Source Java Blog Server||Johnson|
|JSR 277, 291 and OSGi, Oh My! - OSGi and Java Modularity||Hall|
|Apache Synapse - A Web Services ESB||Fremantle, Perera|
|Panel: Inside Apache||Eilebrecht|
|New (and Old) Trends in Web Application Security||Wenz|
|The Truth about XSS||Shiflett|
|Apache Woden WSDL 2.0 Processor||Kaputin|
|REST in peace with WebServices||Chinthaka, Abeysinghe|
|Simplifying SOA Applications with Apache Tuscany||Boynes|
|Reliable web services with Apache Sandesha2||Jayalath|
|Subversion Best Practices||Fitzpatrick|
|Building High Performance Scalable TCP/IP Servers with Apache MINA||Royal|
|Integrating database legacy and JMS transactions with XMLBeans||Nevado|
|The Future of OSGi and Felix at Apache||Hall|
|Using Apache Felix: OSGi best practices||Offermans|
|Apache 2.2 and mod_proxy_balancer||Weinstein|
|Slicing and dicing REST with Apache Cocoon||Rabellino|
This presentation will give you everything
you always wanted to know about the Apache
Software Foundation (ASF), but were afraid to ask.
It will show you that there is more than just
the Apache webserver, and provide you with
information on how the ASF works. It will show you the difference
between membership and committership, point out who
decides what, how elections take place, the
technical infrastructure, project management
committees, and the philosophy behind the incubator.
Come and see behind the scenes of the Apache
Software Foundation and its many projects.
This presentation will give you everything you always
wanted to know about the Apache Software Foundation
(ASF), but were afraid to ask. It will show
you that there is more than just the Apache webserver, and provide you with information on how the ASF works. The difference between
membership and committership, who decides what, how
elections take place, the technical
infrastructure, project management committees, and the
philosophy behind the incubator will all be dealt with. Come and see
behind the scenes of the Apache Software
Foundation and its many projects.
The lead developer of the Kerberos protocol provider for the Apache Directory will discuss the use of Apache Directory as a "realm controller" for Linux and Windows machines. This talk will provide an overview of the Kerberos and Change Password protocol workflow. Significant time will be spent on the configuration of trust relationships and the configuration of both Linux and Windows machines to use Apache Directory as a Key Distribution Center (KDC). Prior experience with Kerberos is recommended.
This presentation reviews the concepts of digital certificates and certificate authorities, covers the creation and maintenance of a private certificate authority using Apache, mod_ssl and OpenSSL, and how a private certificate authority can be used to secure access to an organization’s Intranet or Extranet. Aspects of implementing a private certificate authority which will be discussed include: creating root-certificate for private certificate authority, creating digital certificates for clients and servers, installing digital certificates and certificate revocation lists.
Roller is the open source Java blog server that drives the popular Sun's employee blogs at www.blogs.sun.com, IBM developerWorks blogs, www.JRoller.com and numerous other blog sites. Currently making its way through the Apache incubation process, Roller is built on a host of Apache technologies including Struts, Velocity, Lucene, Jakarta Commons, XML-RPC and more. This overview, a primer for Roller users and contributors, covers the Roller feature set, architecture, lessons learned, project status and future plans.
OSGi technology for Java was originally envisioned as a dynamic service platform for home gateways, but has spread to all forms of Java development, as witnessed by Eclipse adoption and the Apache Felix incubator project. OSGi technology fills a void in the Java platform as a dynamic modularity and component layer. Recently, the JCP has introduced two different JSRs (277 and 291) that are intimately related to OSGi. This presentation will provide an overview of OSGi, introduce the Apache Felix incubator project, and discuss the relationship and issues surrounding JSRs 277 and 291.
The Enterprise Service Bus - or ESB - is an approach for integrating
different systems across a network. This session will cover the Apache
Synapse project, which is building a pure open source ESB based on Web
Services, XML and SOAP. It will deal with how to achieve the three major aspects
of an ESB: connectivity, mediation, and management making use of Apache Synapse. The session will explore how Synapse uses Apache projects such as Axis2, AXIOM,
Sandesha and WSS4J as the core of a high-performance, lightweight integration
framework. The session will cover how to integrate disparate systems; how
to mediate messages, including the use of XSLT, XPath, scripting, and Java; how
to manage and monitor ESBs; how to support security, reliability, and
transactions; and how to create an ESB using the Synapse codebase.
A panel discussion among various officers and directors of the Apache Software Foundation.
Topics discussed will include the current status of the Apache Software Foundation as well as recent news about the ASF and its many projects.
The panel will start with a short presentation by the chairman of the Apache Software Foundation.
Bored of lame demos on web application security that make you wonder if this is really dangerous and whether you should care about security or not? Then come to this session. New and upcoming attacks, old attacks in a new or surprising form, lots of war stories and, of course, countermeasures.
Cross-Site Scripting (XSS) persists as one of the most common web application security vulnerabilities, yet many web developers still don't appreciate the danger. This talk focuses on why you should care - you'll see demonstrations of real-world XSS attacks, including some that use Ajax technologies to deliver devastating blows to your security. You'll also learn how to apply simple techniques and practices that can eliminate XSS from your list of worries.
The Woden project has developed a WSDL 2.0 processor which will also support WSDL 1.1 applications and convert WSDL 1.1 to WSDL 2.0. This session will introduce the Woden project and describe how to use the Woden processor.
* Overview of WSDL 2.0 and how it differs from WSDL 1.1
* The Woden API and how it differs from WSDL4J.
* WSDL 2.0 extensions
* WSDL 2.0 validation
* WSDL 1.1 to 2.0 conversion issues
* Extending Woden to support user-specific requirements such as error handling or XML parser choice.
* Runtime and tooling user roles and how Woden supports them.
REST (REpresentational State Transfer) is becoming an alternative for Web Services in accessing remote services. There is an ongoing battle on deciding which one to use.
But recent efforts, including WSDL 2.0, have tried to put REST and WebServices together with special bindings enabled in the WSDL itself.
This talk will first concentrate on how REST is married to WebService in WSDL 2.0 and how that is being implemented in the Apache WebServices project.
Amid all the arm waving around Service Oriented Architecture, basic questions like "how do I actually develop an application using this?" are often overlooked. This talk provides an introduction to developing service oriented applications using Apache Tuscany and shows how easy it can be to integrate web services into multi-language applications written in PHP, Java and C++.
Using simple code samples and a demo of reliable messaging, this session will give a detailed intro to building reliable Web services and messaging with the Apache Sandesha2 project.
Sandesha2 implements the WSRM specs (the existing and the new OASIS spec) and provides many useful features to support reliable web services. Key features of Sandesha2 include in-order exactly-once delivery assurance, policy support, durability through Apache Derby and sequence status reports. Sandesha2 has successfully interoperated with many other WSRM systems, including Microsoft WCF and IBM WebSphere.
You've been to the Subversion tutorial session, or maybe you're already using Subversion. Enough of the basics. Instead of learning the mechanics of usage, come and learn about best practices for deploying Subversion as a central tool in your open source project. Should you have one big repository or many small ones? How should you lay out your repository? What should your branching and release policies be?
Who should be able to commit where? What should log messages look like? How should your team configure commit emails? How should you deal with file-locking and backups? These questions and others will be discussed in detail.
This session will provide an introduction to Apache MINA (Multipurpose Infrastructure for Network Applications). After a brief overview of MINA, attendees will be walked through the process of converting a blocking-IO based Java server application in one using non-blocking IO utilizing MINA. Attendees will learn how to use MINA’s facilities to create custom protocols, unit-test the protocols for correctness, utilize MINA’s IoFilter mechanism for adding logging, traffic shaping, compression and SSL-based encryption.
Recently I was working in a mission critical platform for one of the most important Spanish logistic operators.
The architecture problem was to integrate legacy data base transactions with new JMS transactions into a XA setting. The preexisting architecture was based on Java2EE 1.3 (Struts actions, SessionEJB, service managers, dao's and vo's). Two requirements of the client were to avoid reflection and to guarantee that all the application outbound messages should be in XML format.
The session is dedicated to show how we used XMLBeans in the development of the final solution.
Apache Felix has focused more attention on OSGi technology within Apache. Interest started in projects that needed the dynamic modularity and component mechanisms which OSGi provides, for example, Apache Directory. The use of OSGi/Felix has been discussed in other Apache projects like Harmony and Cocoon. This raises interesting questions: Where in Apache can OSGi technology be useful? How should it be used? What are the limitations for Apache? This session is a panel discussion composed of several key individuals from the OSGi Alliance and Apache community to debate these and related issues.
With over four years of experience of using OSGi in complex applications, we have learned a few lessons that we would like to share. This session will elaborate on some OSGi best practices and our experiences with the Apache Felix OSGi implementation that will cover areas like:
* partitioning a software design into bundles;
* dependency management at compile- and run-time;
* unit and integration testing;
* remote management;
* using SOAP to provide connectivity;
* how to use standard OSGi services to speed up development;
* embedding OSGi in other environments.
This presentation reviews the concepts of web proxies and load balancing, covers the creation and maintenance of a reverse web proxy using Apache and mod_proxy, and how the new proxy_balancer module for Apache 2.2 can be used to provide a basic load balancing solution to an organization's Intranet or Extranet. Aspects of implementing a reverse proxy and load balancer will be discussed included; configuring mod_proxy for reverse proxy, configuring mod_proxy_balancer for one or more backend web servers and touch on other options and limitations of using Apache, mod_proxy and mod_proxy_balancer.
REST is becoming more and more important as the down-to-earth web services alternative that "just works". The REST world is generally built upon web based infrastructures that produce and consume XML, and Cocoon is a top notch web application leveraging all the latest and greatest in XML technologies. As a result, REST and Cocoon fit like hand in glove. This talk will guide the audience through theory and practice in using REST technology, including a number of real life examples showing how powerful the Cocoon/REST combination can be.