This course covers Java 9 tools JShell and JMH, designed to restore a Java engineer's flow by making it easy to explore your code base, experiment with solutions at a small scale, and roll the results into long-lasting applications with confidence.
Historically, Java engineers have been loathe to do small scale experiments during their coding because of the high ceremony of the Java language. There is so much overhead when all an engineer wants to write is a little one-line experiment that its often avoided. At the core, the JVM is so good at code optimization that experiments in the performance family are still more time consuming because of the immense number of false positives and noisy evidence that result. In this course, Micro-experimentation Tools in Java 9, you'll learn how to use JShell and JMH. First, you'll learn how to do more in-depth experimenting. Next, you’ll discover more about exploratory coding. Finally, you’ll explore how to find if your feedback loop is too slow for significant processes. When you’re finished with this course, you'll have a foundational knowledge of JShell and JMH that will help you as you move forward in restoring flow while using Java 9 micro-experimentation tools.
Like many software craftsmen, Josh eats, sleeps, and dreams in code. He codes for fun, and his kids code for fun! Right now, Josh works as a full-time committer on Spring Security and loves every minute.
Course Overview Hi, my name is Josh Cummings, and welcome to my course, Securing Java Web Applications. I work at a principal software engineer at Workfront and have developed in Java for over 15 years. It is both fascinating and sobering what an intrepid hacker can do to a system that appears to have no security flaws. Did you hear about the one where you could possible steal someone's Twitter sessions by submitting Chinese characters in the URL? In this course, we're going to take a look at that vulnerability and many others, and equip you with the knowledge that you need to code Java applications more securely, specifically focusing on input validation. Some of the major topics that we'll cover include cross-site scripting, log injection, SQL injection, and yes, NoSQL injection, cross-site request forgery, and malicious file upload. By the end of this course, you'll be able to think more like a hacker while you are coding, and you will have the undeniable itch to go review your own code for holes and flaws, and the best part is that you will have the tools and knowledge to make your code more secure. Before beginning this course, you should be familiar with at least the basics in Java, though a solid understanding of Java Web Applications will also be a big help. The demos are based in Java 8. Also, some of the demos are a bit more powerful with Docker, so take the time to familiarize yourself with that if you want to take full advantage of the code download. I hope you'll join me on this journey to learn secure coding in Java with the Securing Java Web Applications course at Pluralsight.