March 9-11, 2011
Montreal, Canada
Top 20 sessions
One of my favourite things about meeting up with other developers to hack on
a project is that they'll see how I'm doing things and chime in "hey, did
you know that you could use ($someTool) to do that better?" I've been doing
this web thing for a long time, and thus have built up a significant bag of
tricks, such as Screen, OpenVPN, RRDTool, SSH tunnels, and git hooks to deploy code on push. In this talk, I'll share as many of these tips, tricks and tools as
I can, as quickly as possible. The goal: leave with new ideas.
a project is that they'll see how I'm doing things and chime in "hey, did
you know that you could use ($someTool) to do that better?" I've been doing
this web thing for a long time, and thus have built up a significant bag of
tricks, such as Screen, OpenVPN, RRDTool, SSH tunnels, and git hooks to deploy code on push. In this talk, I'll share as many of these tips, tricks and tools as
I can, as quickly as possible. The goal: leave with new ideas.
Front-end
Increasing amounts of Linked Data are being created, especially by governments, life sciences, social networks, and media organisations. This presentation will address design principles for Linked Data, how to make statements about the relationship between the things in our world and gather useful information from various sources, and why it might play an important role in creating a Web of things. This presentation is intended for directors, programmers, journalists, analysts, and user experience designers.
Security
As web applications become the norm for application delivery mechanisms,
there is more and more demand for managing access control at the
application framework level. As is immediately obvious, managing this
access control becomes an overwhelming overhead for the actual
application, and should be handled by the underlying framework used for
application delivery.
In this presentation I will discuss how the OpenAM authN and AuthZ
layers can be simply and easily integrated into an enterprise
application, allowing fine grained access control to be enforced at the
application layer, while allowing the administration and management of
the policies to be handled by the service provider.
there is more and more demand for managing access control at the
application framework level. As is immediately obvious, managing this
access control becomes an overwhelming overhead for the actual
application, and should be handled by the underlying framework used for
application delivery.
In this presentation I will discuss how the OpenAM authN and AuthZ
layers can be simply and easily integrated into an enterprise
application, allowing fine grained access control to be enforced at the
application layer, while allowing the administration and management of
the policies to be handled by the service provider.
Front-end
HTML5 is here and we should use it right now. It is fun and interesting to look at cool CSS3, Canvas and Video demos but our main goal should be to make our day-to-day life easier by using the cool things browsers offer us right now. Learn about local storage, simplifying interfaces and using HTML5 right now!
FrameworksPHP
Bring along your laptop, hack up in a live session with one of the CakePHP core team, and build an app live.
We'll take a short period of time to define the project, design the database, and then jump in and build the project through to completion.
This session is great for new and old CakePHP users, and a great opportunity to get an insight into CakePHP if you have never had the opportunity, or have not been able to find the time.
Code resulting from this talk will be made available under the MIT license, and freely available for users to take and use, extend and build on as they like.
We'll take a short period of time to define the project, design the database, and then jump in and build the project through to completion.
This session is great for new and old CakePHP users, and a great opportunity to get an insight into CakePHP if you have never had the opportunity, or have not been able to find the time.
Code resulting from this talk will be made available under the MIT license, and freely available for users to take and use, extend and build on as they like.
Javascript
More and more PHP developers are writing JavaScript - everyone's favorite love/hate language. In this session we'll explore what is very similar and what very different between the two languages, including:
- objects
- classes
- inheritance
- patterns
- arrays
- strings
- objects
- classes
- inheritance
- patterns
- arrays
- strings
Web Services
Although browser apps replace more and more desktop application, a tight integration of both is often desirable, not only when it comes to data manegement. The HTTP based WebDAV protocol allows you to integrate your web applications with users favorized desktop environment. This talk gives you an introduction to WebDAV, its beauty & pitfalls and shows you how to integrate it easily into your applications.
Java
Le développement Web Java a subit une forte évolution depuis les 6 dernières année. On retrouve dans ce langage énormément de framework Web, qui ont tous leurs contraintes et leurs avantages, mais dont le but commun est d'essayer de faciliter et accélérer le développement en fournissant un certain cadre.
Mais avec l'arrivée de nouveaux concepts comme Cometd (push Ajax), l'événementiel, les architectures Web distribuées telles que Amazon, Linked'In, Facebook, Twitter et avec les nouveau besoins en expérience utilisateur, un écart se creuse avec le monde des frameworks Web.
Nous allons voir à travers une expérience vécue sur une architecture Web de haute disponibilité les contraintes que nous avons eues et pourquoi nous avons choisi d'écrire notre propre framewok.
Mais avec l'arrivée de nouveaux concepts comme Cometd (push Ajax), l'événementiel, les architectures Web distribuées telles que Amazon, Linked'In, Facebook, Twitter et avec les nouveau besoins en expérience utilisateur, un écart se creuse avec le monde des frameworks Web.
Nous allons voir à travers une expérience vécue sur une architecture Web de haute disponibilité les contraintes que nous avons eues et pourquoi nous avons choisi d'écrire notre propre framewok.
Python
FormAlchemy est une librairie de génération de formulaire bas niveau.
FormAlchemy déduis des formulaire depuis les données et permets ainsi
d'éviter la duplication de description de schémas de données et un
développement rapide.
FormAlchemy est dors et déjà compatible avec Pyramid, le futur Pylons
2 et peut être utilisé avec n'importe quel framework web.
FormAlchemy permet de générer des interfaces CRUD basiques pour pylons
et pyramid.
Dans un futur proche, FormAlchemy devrait supporter le html5,
permettre d'utiliser des templates chameleon et fournir un squelette
d'application pyramid.
FormAlchemy déduis des formulaire depuis les données et permets ainsi
d'éviter la duplication de description de schémas de données et un
développement rapide.
FormAlchemy est dors et déjà compatible avec Pyramid, le futur Pylons
2 et peut être utilisé avec n'importe quel framework web.
FormAlchemy permet de générer des interfaces CRUD basiques pour pylons
et pyramid.
Dans un futur proche, FormAlchemy devrait supporter le html5,
permettre d'utiliser des templates chameleon et fournir un squelette
d'application pyramid.
Web ServicesFront-endJavascript
If your app provides or consumes and API, you need a smart tool for handling
HTTP. We built Webshell for just that. Sure, cURL is available everywhere,
but you need something better, faster, stronger. Webshell speaks your
language (JavaScript) and will change the way you debug HTTP. This talk will
give you an overview, and show you some specific examples of how Webshell
saves me hours of frustration every week.
See: http://github.com/fictivekin/webshell
HTTP. We built Webshell for just that. Sure, cURL is available everywhere,
but you need something better, faster, stronger. Webshell speaks your
language (JavaScript) and will change the way you debug HTTP. This talk will
give you an overview, and show you some specific examples of how Webshell
saves me hours of frustration every week.
See: http://github.com/fictivekin/webshell
Web ServicesData Persistance
ElasticSearch is the new kid on the search block. Built on top of Lucene and adhering to the best concepts of so-called NoSQL movement, ElastcSearch is a distributed, highly available, fast RESTful search engine, ready to be plugged into Web applications. Come to this session and learn how to set up, index, search, and tune ElasticSearch in less time than it takes to order a latte [disclaimer: at sufficiently busy central Starbucks locations. Side effects may include euphoria, stuff getting done, and extra time to spend with girlfriend.]
Scaling / Performance
As a web developer, you probably care deeply about the performance, security, accessibility and internationalisation aspects of your site. You do a lot of testing during development to make sure your web site follows best practices. Tools like YSlow and PageSpeed help you identify and fix performance problems during development, but it's still hard to tell how your site performs from your end user's point of view.
Are your users on dial-up, wireless or broadband? Do they have fast computers, are they on a shared network, what else do they have installed that can slow down their browsing experience? It's almost impossible to simulate all conditions that a user will experience your site through, but it is possible to measure what they experience.
This talk will show you how to use the Boomerang library to test your site's performance from your user's point of view. At the end of this talk, attendees will be able to measure the perceived performance of their sites.
Are your users on dial-up, wireless or broadband? Do they have fast computers, are they on a shared network, what else do they have installed that can slow down their browsing experience? It's almost impossible to simulate all conditions that a user will experience your site through, but it is possible to measure what they experience.
This talk will show you how to use the Boomerang library to test your site's performance from your user's point of view. At the end of this talk, attendees will be able to measure the perceived performance of their sites.
PHPScaling / Performance
When it comes to making things faster, nothing beats caching. This presentation will provide you with an overview of the best caching tools when it comes to PHP, Memcache PHP. The talk will cover through examples the applications of each extension and demonstrate which situations lend themselves better for each caching solution. For the memcache portion of the talk, the new & improved Memcached interface will be covered.
Security
The OWASP foundation recently published the 2010 version of its reference document describing the top 10 web application security risks.
During this talk, ten intrusion techniques will be shown to the audience, to have a better understanding of the risks described in the OWASP Top 10 2010 document.
Agenda:
- Basic theory on risks, threats and software vulnerabilities
- Presentation of the 10 intrusion techniques
- Best practices when working with the OWASP Top 10 2010
- Discussion, questions
Note: due to the reduced time available, the talk will focus on explaining the intrusion techniques on web applications. Developers interested in working on the defensive coding aspects should also participate in the secure development training.
During this talk, ten intrusion techniques will be shown to the audience, to have a better understanding of the risks described in the OWASP Top 10 2010 document.
Agenda:
- Basic theory on risks, threats and software vulnerabilities
- Presentation of the 10 intrusion techniques
- Best practices when working with the OWASP Top 10 2010
- Discussion, questions
Note: due to the reduced time available, the talk will focus on explaining the intrusion techniques on web applications. Developers interested in working on the defensive coding aspects should also participate in the secure development training.
Front-end
jQuery is one of the global players in the world of JavaScript frameworks. It's
small. It's fast. It's concise. It changes the way you write JavaScript. But
how does this library accomplish all this?
Its developers concentrate on the main aspects of any JavaScript application:
Document traversing, document manipulation, event handling, animation and AJAX
interactions. Only these components are part of the core library. Everything
else needs to be added using so called plugins.
Whole applications can be built creating and combining plugins to bring into
being a fully featured user experience.
In this session I will give a short overview about the different possible plugin
types, before presenting the most common ones in detail. During the talk a reusable
base structure will be created which can be easily adapted to any personal
developmental needs. This skeleton will allow you to start writing your own
jQuery extensions in no time.
small. It's fast. It's concise. It changes the way you write JavaScript. But
how does this library accomplish all this?
Its developers concentrate on the main aspects of any JavaScript application:
Document traversing, document manipulation, event handling, animation and AJAX
interactions. Only these components are part of the core library. Everything
else needs to be added using so called plugins.
Whole applications can be built creating and combining plugins to bring into
being a fully featured user experience.
In this session I will give a short overview about the different possible plugin
types, before presenting the most common ones in detail. During the talk a reusable
base structure will be created which can be easily adapted to any personal
developmental needs. This skeleton will allow you to start writing your own
jQuery extensions in no time.
Web Services
A lot of Web Services today claim to be RESTful APIs. But are they really? Do the URLs accurately identify resources? Are the powers of HTTP leveraged properly? What is "hypermedia", what is the Uniform Interface, and what is the secret behind the HATEOAS acronym that is so essential to the REST architectural style? This talk gives answers and guidelines using real-life examples.
Mobile
Qt was recently bought by Nokia, since then there was a significant effort put forth to simplify development on multiple platforms, including MeeGo, the joint venture between Nokia & Intel. From this effort Qt QUICK was born, and the QML (Qt Markup Language) has become an efficient way to rapidly develop proofs of concept that will run on multiple platforms. QML Is simple, elegant and efficient; in fact HTML should be jealous. In this talk I will introduce you to the basics of QML, the Qt Creator Development environment and show you a few things you can do with it. If the first Nokia MeeGo phone is released to the public by then I will demonstrate how to run your QML projects on the phone.
Social NetworkingStartups
StatusNet (http://status.net/) is the Open Source microblogging server. This LAMP software has an extensible plugin architecture, so you can develop other tools that use the "microcasting" metaphor: distributing social activities to an opted-in group. In this session, I'll give an overview of the StatusNet plugin architecture, describe the key classes needed to build a plugin, and make an example plugin for photo sharing.
Startups
Ben Yoskovitz discusses his most recent startup experience, founding and selling Standout Jobs. The company started in 2007 and raised $1.8 million in venture and angel capital. The company was sold in 2010 (although it was not a financial success story.)
Ben discusses his 3 years at Standout Jobs, along with past experience and more recent experience founding Year One Labs, an early stage seed accelerator that helps startups get started in the first critical year of existence.
During the talk, Ben will give the audience an inside look into the roller coaster ride of startups. Topics covered include: fundraising, hiring, product/market fit, product management, board management, marketing, and more.
Although a great deal of Ben's experience was challenging, his goal is to encourage people (technical people especially!) to start companies. It's essential that more engineers and programmers launch startups. Consider this presentation a motivational speech (based in reality)!
Ben discusses his 3 years at Standout Jobs, along with past experience and more recent experience founding Year One Labs, an early stage seed accelerator that helps startups get started in the first critical year of existence.
During the talk, Ben will give the audience an inside look into the roller coaster ride of startups. Topics covered include: fundraising, hiring, product/market fit, product management, board management, marketing, and more.
Although a great deal of Ben's experience was challenging, his goal is to encourage people (technical people especially!) to start companies. It's essential that more engineers and programmers launch startups. Consider this presentation a motivational speech (based in reality)!
PHPSecurity
OWASP Enterprise Security API Toolkits help software developers guard against security-related design and implementation flaws. Because it's an API, it can be easely be add to applications and services to protect themselves from attackers. In this talk, I'll present the project, it's PHP implantation and how to add it to your projects.
Montreal 2011
sponsored by
Copyright © 2010-2024 ConFoo. All rights reserved. Code of Conduct