This Blog Is Not Updated Any More.

Check out my new blog on Medium:

Topics: Identity and Access Management, Blockchain, Ethereum, Bitcoin, Security, PSD2, GDPR

Saturday, March 24, 2012

The Java Colombo Lanuch

The first meetup of the Colombo Java User Group [JUG] was held on 15th March @ WSO2 #58 office...

It was a huge success - we were able to get more than 70 to attend the event while around 180 registered for the Colombo JUG just with a one month notice...

I was in a panel discussion which talked about secure coding with Java - with Hiranya, Srinath and Amila..

Some key areas I would like to highlight here from what we focused during the panel discussion..
  • Security concerns in application development - authentication, authorization, integrity, no-repudiation, confidentiality - best practices to follow while designing a login method -  exception shielding pattern.
  • How does Java security architecture address the above concerns -  JAAS, JGSS, Java Security Manager.
  • What are the security concerns in a distributed environment? 
  • What are the common types of attacks? and solutions - attacks like, Cross-site Scripting, Session Hijacking, SQL Injection, Log Injection were demonstrated during the session...
  • What are the security testing best practices?  - OWASP
After the panel - the brain storming session on 'Future of Java - Would Oracle kill Java ?" started...

It was quite interesting and was nicely moderated by Senaka.

Some key points highlighted during this session...
  • Oracle may not kill Java - but will look in to more commercial side of it by giving patches only for paying customers.
  • Oracle's response time so far for critical Java security bugs is highly satisfactory.
  • People were afraid when Oracle acquired MySQL and they had all reasons to kill MySQL but they did not. Further Oracle has contributed to improve the performance of MySQL.
  • What will happen to the J2ME? Most probably Android will kill J2ME.
  • Java7 adaptation is still slow.
  • No room for Java on iPad [iOS].
All-in-all it was nice couple of hours with Java enthusiasts...

Need to Thank everyone who contributed to the success of this event - specially WSO2, Dr. Sanjiva Weerawarana, Harindu, Hiranya and all other colleagues at WSO2.

Looking forward for the next Colombo JUG event sometime around late April...