All posts by rbowen

Nithya Ruff: Keynote at ApacheCon Miami

Nithya Ruff, who is heads up the open source program at Comcast, will be keynoting at ApacheCon in Miami in two weeks. She’ll be speaking about how so many companies are transitioning to technology companies, regardless of their industry, and about the ubiquity of Apache software at Comcast.

I spoke with her last week about what she’ll be talking about, and related topics.

You can still register for ApacheCon at apachecon.com. See you in Miami!

 

 

Shawn McKinney, ApacheCon North America 2017, and Java Security

At ApacheCon Miami, Shawn McKinney will give a talk on the anatomy of web application security.

In this interview, he talks about what he’ll be presenting, and who should attend.

Register today for ApacheCon, and save $200 on your admission cost.

ApacheCon Seville 2016 – How to Generate a Deployable REST CXF3 Application from a Swagger-Contract – Johannes Fiala

How to Generate a Deployable REST CXF3 Application from a Swagger-Contract – Johannes Fiala

This talk will show how you can use Swagger-Codegen to generate a complete REST application using Apache CXF3 based on a Swagger contract and deploy it to application servers.

Features in the generated server stub include:

* Bean-Validation

* Logging

* Automatic operation validation using @Valid

* Using transparent gzipping of requests

First I’ll demo how to generate the applications & how they work in the container (Tomcat + Jboss EAP), showing how the features work there.

The talk will continue how this is done using Mustache-templates in Swagger-Codegen and how additional features can be added to the generator (e.g. adding forced Gzip-support, enhancing test cases, add additional configuration files, etc.).

Additionally the Swagger toolchain will be shown during the talk (Swagger UI, Swagger Editor, Swagger2Markup to generate PDFs).

More about this session

ApacheCon Seville 2016 – A Deep Text Analysis System Based on OpenNLP – Boris Galitsky

A Deep Text Analysis System Based on OpenNLP – Boris Galitsky

Although current big data systems for text processing can handle vast amount of textual data, they mostly perform keyword level or compositional semantic – level analyses, which limits their functionality and applications. We present an OpenNLP-based system leveraging a broad range of linguistic technologies for search, recommendation, content generation, sentiment, chat bots and social data analysis. We will learn how to leverage linguistic analysis features such as parts-of-speech, parse trees, parse tree-based relevance, discourse analysis, learning of discourse trees and tree kernel learning. We explore how to combine the best of both worlds: big data performance and linguistic style depth of analysis.

More about this session

ApacheCon Seville 2016 – Apache Commons Crypto: Another Wheel of Apache Commons – Xianda Ke

Apache Commons Crypto: Another Wheel of Apache Commons – Xianda Ke

Apache Commons Crypto is a cross-platform cryptographic library optimized with AES-NI and hardware random number generator. With the benefits of hardware acceleration and the optimized native implementation, this library outperformed JCE by an order of magnitude. Java developers can use this handy library to get strong and high performance AES encryption/decryption. This presentation will introduce the origin of Apache Commons CRYPTO, the recent improvements in commons crypto community, how CRYPTO accelerates data encryption, and the future plan of Apache Commons Crypto.

More about this session

ApacheCon Seville 2016 – Object Lessons: Deserialization After Apache Commons Collections – Tim Jarrett

Object Lessons: Deserialization After Apache Commons Collections – Tim Jarrett

ItÛªs the biggest vulnerability of 2015 that didnÛªt get a brand name. The deserialization vulnerability in the Apache Commons Collections library also impacted the build server that powers most software developers and a half dozen other key pieces of the shared Java software infrastructure. But Java deserialization vulnerabilities are more widespread than you might guess.

This presentation reviews data from over 200,000 application security scans to help defenders better understand the risk of Java deserialization vulnerabilities. We look at vulnerability prevalence both overall and by industry vertical and the probability that your application has a similar vulnerability (hint: higher than youÛªd think). WeÛªll also look at real world guidance for setting security policies and coordinating with developers to get issues fixed across large numbers of applications.

More about this session