Conference Program

Please note:
On this page you will only see the English-language presentations of the conference. You can find all conference sessions, including the German speaking ones, here.

The times given in the conference program of OOP 2023 Digital correspond to Central European Time (CET).

By clicking on "VORTRAG MERKEN" within the lecture descriptions you can arrange your own schedule. You can view your schedule at any time using the icon in the upper right corner.

Thema: Security

Nach Tracks filtern
Nach Themen filtern
Alle ausklappen
  • Montag
    06.02.
  • Dienstag
    07.02.
, (Montag, 06.Februar 2023)
10:00 - 17:00
Mo 4
Software Architecture 101 with Spring Boot
Software Architecture 101 with Spring Boot

This highly interactive workshop is all about software architecture - with Spring Boot, the Java microservice framework. Using an example application, we will discuss and try out the following topics in code:

  • REST API design
  • Hexagonal architecture
  • Bean validation
  • Single sign-on with Keycloak
  • Role-based security
  • Optimistic locking with ETags
  • OWASP dependency check
  • Structured JSON Logging
  • Error handling
  • Integration tests with Cucumber
  • Architecture tests with ArchUnit
  • Local deployment with Docker
  • Reverse proxy with NGINX

Please install the following software before the workshop (if not already available):

  • Java 17+
  • Gradle 7.3+
  • Docker 19+
  • git
  • an IDE of your choice (like IntelliJ IDEA)

On Windows, we also highly recommend you install the Windows Subsystem for Linux 2+.

Target Audience: Software Architects, Software Engineers, Java Developers
Prerequisites: Basic knowledge in Java, Interest in software architecture
Level: Advanced

Extended Abstract:
Prerequisites:
This workshop is highly interactive. You will benefit greatly from trying it out for yourself as well.
Please install the following software before the workshop (if not already available):

  • Java 17+
  • Gradle 7.3+
  • Docker 19+
  • git
  • an IDE of your choice (like IntelliJ IDEA)

On Windows, we also highly recommend you install the Windows Subsystem for Linux 2+.

The example application "Chameleon" that will be used in this workshop has been designed as an educational example project for learning the basics of the Spring Boot ecosystem. But project "Chameleon" tries to be more than just a simple "hello world". It has all the needed parts in place to be as close to a "real world" production-ready software as possible.

Project "Chameleon" currently contains the following features:

General

  • Backend with Spring Boot
  • Yaml configuration file
  • Hexagonal architecture
  • Build with Gradle
  • Local deployment with Docker
  • Reverse proxy with NGINX

REST API

  • Definition of RestController with GET, POST, DELETE and PATCH
  • Description of REST API with OpenAPI
  • Swagger UI
  • Dtos
  • Model mapper
  • Bean validation
  • Global error handler
  • Local error handler
  • Request ids
  • Optimistic locking with ETags

Database

  • Storage in relational database with PostgreSQL
  • JPA, JpaRepository (Spring Data)
  • Database migration with Flyway

Security

  • Integration of SSO (single sign-on) with Keycloak
  • Role-based security (JSR250)
  • OWASP dependency check

Logging

  • JSON logging
  • Structured logging
  • Logging of request ids
  • Logging of user and roles

Testing

  • Unit tests with JUnit 5
  • Assertions with Google Truth
  • Architectural unit tests with ArchUnit
  • Coverage report of unit tests with JaCoCo
  • Integration tests with Cucumber
Christoph Ehlers
Christoph Ehlers

Dr. Christoph Ehlers is the Head of Software Engineering at ConSol. As a project lead, agile coach and software architect, he ensures the successful completion of IT projects. After studying computer science at the University of Passau, where he also earned his doctorate, Christoph Ehlers found his way to ConSol more than seven years ago. He is particularly interested in software architecture and databases. Caution: His enthusiasm for technology is contagious!

Christoph Ehlers
Christoph Ehlers
flag VORTRAG MERKEN

Vortrag Teilen

, (Dienstag, 07.Februar 2023)
14:00 - 14:45
Di 3.2
Zero Trust for APIs: Patterns and Practices
Zero Trust for APIs: Patterns and Practices

Zero Trust Architecture has become the norm for how to modernize IT security in an age of growing network complexity and fewer ways to define hard network boundaries. Today, APIs are a standard way of how organizations expose both technical and business capabilities. But what does it mean for an API to be "Zero Trust Ready"?

In this presentation we look at some of the general patterns that APIs need to follow for Zero Trust readiness. We also look at some concrete practices for how to follow those patterns in your own APIs and API landscape.

Target Audience: Architects, Developers, API Designers, API Program/Platform Managers, Security Leads
Prerequisites: Basic knowledge of API terminology
Level: Advanced

Erik Wilde
Erik Wilde

Erik Wilde works in the Catalyst team at Axway. The team's mission is to help customers do the right things in the API and digital transformation space. Erik has been working in a variety of software companies, always focusing on questions of architecture and strategy. Erik's background is in computer science and he holds a Ph.D. from ETH Zurich, but over the course of his career it has become increasingly clear to him that technology rarely is the factor holding back organizations. So now he is helping organizations with their strategy to make sure that they are successful on their journeys.

Erik Wilde
Erik Wilde
flag VORTRAG MERKEN

Vortrag Teilen

Zurück