Sheraton Premier Hotel
8661 Leesburg Pike
Vienna, VA 22182
Map »

Download PDF

David Chandler

JSF evangelist and Senior Engineer with Intuit

At Intuit, David has focused on writing secure JSF applications for the
Internet banking industry. An electrical engineer by trade, David got
hooked on developing dynamic Web applications in the days of NCSA
Mosaic and hasn't looked back since. He has written Web applications
professionally in a variety of languages, including C, perl, ksh,
ColdFusion, Java, and a domain-specific language built with lex and
yacc. He has tried to forget everything except JSF. David has
presented at ApacheCon and OWASP conferences as well as local user
groups, and is the author of one of the first books on Web
development, Running a Perfect Web Site (Que, 1995).

David holds a Bachelor of Science degree in Electrical Engineering
from the University of Kansas and a patent on a method of organizing
hierachical data in a relational database. He lives in Atlanta with
the wife of his youth and helps homeschool their five children. In his
copious spare time, David teaches classes through learnjsf.com and
works on RememberOneAnother.com, a prayer organizer and church
networking Web site built with JSF, Spring, and Hibernate.

Presentations

Securing JSF applications against the OWASP top ten

In this section, we explore how JSF protects against these attacks and move on to explore JSF extensions you can deploy to provide complete protection against the OWASP Top Ten, including forced browsing, information leakage in select boxes, and unauthorized method execution.

The JavaServer Faces (JSF) API is an excellent foundation for building secure Web applications because of its component-oriented nature, carefulness surrounding data validation, and numerous extension points. The leading JSF implementations build on this strength by providing components which offer built-in protection against many of the OWASP Top Ten attacks including form parameter tampering and cross-site scripting. Specifically, we?ll look at centralized approaches to ensuring that every field and form is properly validated, a phase listener and view handler to prevent forced browsing and assist with detection of session hijacking, and a customer converter and component to hide sensitive information such as IDs in menu options.

Featured Sessions

Building JSF components with the Ajax4jsf CDK

by Dan Allen
This talk introduces the Ajax4jsf CDK, demonstrating how to setup a new JSF component project, how to author the component using the CDK descriptors,

Stacking the deck by integrating Spring beans and Seam

by Dan Allen
By attending this talk, developers can suppress their anxiety about the coexistence of the two frameworks, open their eyes to the potential that each

Integrating Spring and JavaServerFaces

by Keith Donald
In this session, Keith will demonstrate how developers typically use JSF and Spring together in practice, as well as explore the latest integration en

Spring's JSF Integration Architecture

by Keith Donald
Spring's approach to integrating JavaServerFaces technology is novel and innovative; an approach that lets you maximize your investment in Spring whil

Intro to Seam

by David Geary
Have you ever stopped to think that you need to learn two frameworks to develop a non-trivial, database-backed, web application? Struts and iBatis; JS

Using Ajax4jsf

by David Geary
Ajax4jsf makes it very easy to add Ajax to your JSF applications. Come to this presentation to see how.

Agile web development with Spring Faces

by Jeremy Grelle
Traditional JSF development has gained a reputation for being overly complex and cumbersome. Spring Faces introduces a host of features that improve

JBoss RichFaces

by Max Katz
The session will introduce RichFaces and demonstrate how next-generation Web applications can be built using JSF and RichFaces without any direct Jav

JSF 2-style component development in a JSF 1.2 world

by Jason Lee
One of the improvements coming in JSF 2 is the vast simplification of component development, but JSF 2 is months away, and you want that functionality

Scripting JavaServer Faces

by Kito Mann
With increased emphasis on scripting technologies, the Java platform is evolving to accommodate dynamic languages at all levels. While JavaServer Face

JSF 2.0 Preview

by Kito Mann
JavaServer Faces, the standard Java web development framework, has gained quite a few fans and detractors over the past few years. Regardless of the c

Featured Speakers

Ed Burns

Spec Lead for JSF; author of JSF 2.0: The Complete Reference

Ed Burns is currently a Senior Staff Engineer at Sun Microsystems, Inc. At Sun, Ed leads a team of web experts from across the industry in developing JavaServer™ Faces Technology through the Java Community Process and in open source. His areas of professional interests include web application frameworks, AJAX, reducing complexity, test driven development, requirements gathering, and computer supported collaborative w.. More »

Scott O'Bryan

Principal Software Engineer for Oracle

Scott O'Bryan is a Principal Software Engineer for Oracle and has twelve years of industry development experience. He's been working on the Oracle ADF Faces Renderkit for around four years and prior to his work with JSF, he had over six years of experience architecting enterprise portal systems and designing portlet-based software applications. His unique background makes him an expert on portlet-based JSF Architect.. More »

Kito Mann

Editor-in-chief of JSF Central and the author of JSF in Action

Kito D. Mann is editor-in-chief of JSF Central and the author of JavaServer Faces in Action (Manning). He is a member of several Java Community Process expert groups (including JSF and Portlets), and an internationally recognized speaker. Kito is also the Principal Consultant at Virtua specializing in enterprise application architecture, trai.. More »

Ted Goddard

Senior Architect at ICEsoft

Ted Goddard is a Senior Software Architect at ICEsoft Technologies and is the technical lead for the JavaServer Faces Ajax framework, ICEfaces. Following a PhD in Mathematics from Emory University that answered open problems in complexity theory and infinite colorings for ordered sets, he proceeded with post-doctoral research in component and web-based collaborative technologies. He has held positions at Sun Microsy.. More »

David Geary

Author of Graphic Java, co-author of Core JSF, member of the JSF Expert Group

David Geary is the president of Clarity Training, Inc. (corewebdevelopment.com), where he teaches developers to implement web applications using JavaServer Faces (JSF) and the Google Web Toolkit (GWT). A prominent author, speaker, and consultant, David holds a unique qualification as a Java expert: He wrote the best-selling books on both Java component frameworks: Swing and JavaServer Faces. David's Graphic Java S.. More »

Registration Fees

Register now and save $400

All Access Pass $1650

Register 4, receive 1 pass free

Note: Space is limited. Registration is accepted on first-come, first-served basis. Register early to guarantee your attendance.

Location

Sheraton Premier Hotel
8661 Leesburg Pike
Vienna, VA 22182
View Map

Stay Informed

Not ready to register yet? Enter your email here to receive update notifications about this event.

Name:
Email: