Loews Portofino Hotel @ Universal Orlando
5601 Universal Boulevard
Orlando, FL 32819
Map »

Download PDF

Enterprise Security API library from OWASP

When it comes to cross cutting software concerns, we expect to have or build a common framework or utility to solve this problem. This concept is represented well in the Java world with the loj4j framework, which abstracts the concern of logging, where it logs and the management of logging. The one cross cutting software concern which seems for most applications to be piecemeal is that of security. Security concerns include certification generation, SSL, protection from SQL Injection, protection from XSS, user authorization and authentication. Each of these separate concerns tend to have there own standards and libraries and leaves it as an exercise for the development team to cobble together a solution which includes multiple needs.... until now... Enterprise Security API library from OWASP.

This session will look at a number of security concerns and how the ESAPI library provides a unified solution for security. This includes authorization, authentication of services, encoding, encrypting, and validation. This session will discuss a number of issues which can be solved through standardizing on the open source Enterprise Security API.

About Ken Sipe

Ken Sipe is a Technology Director with Perficient, Inc. (PRFT), IBM's largest service partner, where he leads multiple teams in the development of solutions in the SOA, Web 2.0 and portal domains, on both the Java and .Net platforms.

Ken was the founder of CodeMentor, where he was the Chief Architect and Mentor, leading clients in the execution of RUP and Agile methodologies in the delivery of software solutions.
Ken has a deep need to be highly diversified. Ken often works with IT executives on high-level strategic roadmaps, currently geared around service oriented architectures (SOA). Ken also likes to keep his hands "dirty" in the code, which has him on a regular basis, pairing or otherwise producing code. Ken is regularly requested by clients that know him to "rescue" projects, either through the streamlining of processes or the rapid production of code.

More About Ken »

Featured Sessions

CSS for Developers

by Molly Holzschlag
While CSS might be the Web's Lingua Franca of presentation and design, it's the Front End Developer who finds that he or she has to optimize CSS docum

HTML5 Killed XHTML2 (and the Mysterious Future of Markup)

by Molly Holzschlag
It's late 2009. A deep silence runs through the hallowed halls of the W3C. I slip into a stairwell and watch through the window as the well-formed cor

Web Standards for Web Applications: Half Day Seminar

by Molly Holzschlag
For many years the web standards movement focused its energies on best practices for web sites. Few of us, if any, could have foreseen the rapid emerg

Designing for Interesting Moments

by Bill Scott
Did you know that there are at least 16 different moments of interaction during drag and drop? And that there are at least a half-dozen elements on th

Web 2.0 Checklist: Deconstructing Modern Websites

by Scott Davis
"The challenge of modernity is to live without illusions and without becoming disillusioned." (Antonio Gramsci) There are plenty of sarcastic "Web 2.

GWT fu, Part 2

by David Geary
Learn to do amazing stuff with GWT.

An Introduction to MooTools 2.0

by Aaron Newton
MooTools is a fully featured JavaScript Development Framework. This session is a high-level introduction for users who are curious about the framework

Programming to Patterns

by Aaron Newton and Dylan Schiemann
The JavaScript frameworks make it increasingly easy to write highly expressive and concise functionality that enhances an HTML component, but the powe

Building SOFEA Applications with Grails and GWT

by Matt Raible
In early 2009, Matt participated in a major enhancement of a high-traffic well-known internet site. The company wanted to quickly re-architect their s

The Present and Future of Web App Design

by Torrey Rice
The sudden rise of Ajax kicked off the Web 2.0 revolution, catching a lot of people by surprise and leaving companies scrambling to catch up. Designer

Large-Scale Ajax Application Architectures

by Dylan Schiemann
When your web application goes beyond the simple inclusion of a few lines of script and becomes a full-fledged application, there are a variety of str

Featured Speakers

Keith Donald

SpringSource Principal & Founding Partner

Keith Donald is a principal and founding partner at SpringSource, the company behind Spring and a division of VMware. At SpringSource, Keith is a full-time member of the Spring development team focusing on web application development productivity. He is also the architect behind SpringSource's state-of-the-art training curriculum, which has provided practical Spring training to over 10,000 students worldwide. Ov.. More »

Dylan Schiemann

Co-founder of the DoJo Toolkit

Dylan Schiemann is CEO of SitePen and co-founder of the Dojo Toolkit, an open source JavaScript toolkit for rapidly building web sites and applications, and is an expert in the technologies and opportunities of the Open Web. Under his guidance, SitePen has grown from a small development firm to a leading provider of inventive tools, skilled software engineers, knowledgeable consulting services, and top-notch training.. More »

Mike Wilcox

Software Engineer at SitePen Inc.

Mike Wilcox is a software engineer for of one of the top AJAX companies in the United States, SitePen Inc., which is comprised of the original contributors of the Dojo Toolkit and other open source technologies. As co-founder of the JavaScript user group in Dallas, Club AJAX, Mike is a regular speaker with presentations that include "The JavaScript Programming Primer" and "'That's not Flash?' Native Browser Vector Gr.. More »

Bill Scott

Director of User Interface Engineering @ Netflix

Bill Scott is the Director of User Interface Engineering at Netflix, the world's largest online movie rental service. At Netflix Bill is guiding the UI Engineering team's efforts to continue Netflix's excellence in user experience, improve client performance and refactor the presentation tier to use the latest best practices for both the DHTML layer as well as the Java tier. Bill is the co-author of the O'Reilly b.. More »

Nathaniel Schutta

Author, speaker, software engineer focused on user interface design.

Nathaniel T. Schutta is a senior software engineer focussed on making usable applications. A proponent of polyglot programming, Nate has written two books on Ajax and speaks regularly at various worldwide conferences, No Fluff Just Stuff symposia, universities, and Java user groups. In addition to his day job, Nate is an adjunct professor at the University of Minnesota where he teaches students to embrace dynamic lan.. More »

Blogs

Location

Loews Portofino Hotel @ Universal Orlando
5601 Universal Boulevard
Orlando, FL 32819
View Map

Stay Informed

Not ready to register yet? Enter your email here to receive update notifications about this event.

Name:
Email: