Sergey Nivens - Fotolia

Manico and Grimstad bring Java tech to life at JavaOne 2017

Listen to this podcast

Engaging speakers like Jim Manico or Ivar Grimstad can make all the difference when choosing a session at a conference like JavaOne 2017 than the session syllabus.

It's a challenge trying to figure out how to fill up your JavaOne 2017 session scheduler.

The first temptation is to select the seminars that touch on all of the shiny and new Java tech topics that are on the tip of every software developer's tongue. At JavaOne 2017, that means attending sessions on reactive design, Docker-based microservices and new Java 9 features like Project Jigsaw. But selecting a session based largely on the topic is a rookie mistake. If I've learned one thing in my years as a journalist covering software conferences like Oracle OpenWorld and JavaOne 2017, it's that you'll learn more by attending an under-hyped session delivered by an energetic and engaging speaker than you will be by going to an over-hyped session where the speaker uses a death-by-PowerPoint mode of content delivery.

Learning from top talent at JavaOne 2017

Two speakers at JavaOne 2017, whose personal light outshines the Java tech topics on which they speak, are Manicode Security's founder Jim Manico and Java Champion Ivar Grimstad. Both are speaking on the topic of security, which should be given special dispensation given the fact that JSR-375, the Java EE Security API was recently ratified. Grimstad also speaks on the topic of JSR-371, the MVC 1.0 API, another extremely important and recently ratified Java EE API. Unfortunately, MVC 1.0 and the Java EE Security API are often overshadowed by the drama surrounding Project Jigsaw and the high-profile releases of Java EE 8 and Java 9. But they are topics that are severely under-hyped, and their presenters rank high on the engaging list, so attendance is highly recommended.

I think it will be used a lot in enterprises and in-house applications. But it's not a sexy topic that draws in big audiences at conferences.
Ivar GrimstadJava Champion

"We had a lot of attention around MVC a couple of years ago when the spec was part of the EE platform, and there was some noise about it when Oracle left it out. And while it may be in the back stream of cool technologies right now, I still think it is something that will be used" Grimstad said. "I think it will be used a lot in enterprises and in-house applications. But it's not a sexy topic that draws in big audiences at conferences."

Jim Manico is also speaking on the topic of security, but his Java tech talk picks up from the point where Grimstad's session leaves off, as Manico focuses more on peripheral security threats that are dealt with largely outside of the code. "I'm going to focus on Java 9 security, go over some of the security controls built into Java 9, and talk about some of the design decisions in Java 9 like Project Jigsaw and modularity and how that impacts security," Manico said. "I'm also going to take a look at some of the new controls in Java 9 like JEP-273 (DRBG-Based SecureRandom Implementations), JEP-290 (Filtering of Incoming Serialization Data), the new unlimited JCE (Java Cryptography Extension) policy and other topics that really try to make Java 9 that much more of a secure platform from a LangSec, or raw language point of view."

Java security, inside and out

If you're on the fence about attending Manico's session, I'd recommend taking a look at some of the training sessions he posts on YouTube. You'll realize quickly that he's an energetic and engaging speaker, and will leave you both enlightened and entertained at the end of his session.

If you're at JavaOne and you're interested at all in security, which every self-respecting software engineer should be, attending Ivar Grimstad's session on the new Java EE Security API will give you a great look at how to secure your applications from the inside, while Manico's session will round that knowledge out by elucidating you on all of the security controls Java 9 makes available to you on the outside. And if you can't make it out to JavaOne, do the next best thing, and listen to the accompanying podcast in which TheServerSide's Cameron McKenzie chats with Jim Manico about his JavaOne "LangSec" session.

Next Steps

JavaOne 2017 is finally brought into the Oracle OpenWorld fold

Here's what's hot at JavaOne 2017

How to make the most out of a conference like JavaOne 2017