OO-Design and UML Training by Allen Holub
The best in-house Object-Oriented-Design and Java training available.
www.holub.com

Course Notes and Slides by Allen Holub

Here are course notes for recently-held public presentations by Allen.
An Introduction to the Google Web Toolkit (GWT)
A brief introduction to the Google Web Toolkit, the best way that I know to build Ajax applications. Most-recently presented at the 2011 JAX conference in San Jose, CA.
Implementing Secure Login in AJAX Applications
Covers the issues surrounding implementing secure login in an AJAX application (where you want to redraw the page on log in, but not bring an entirely new page down from the server). Most-recently presented at JAX 2011 in San Jose, CA.

These slides discuss two protocols for doing secure login: They describe a standard HTTPS-based protocol where the login is done via a small window in the corner of the main screen, and they discuss a technique called "Direct Login," that doesn't require any HTTPS or SSL, but is useful only for protecting passwords that control customer-specific look-and-feel on an insecure page.

Everything You Know is Wrong!
These slides were first presented at the 2004 Software-Development conference (and have subsequently been updated several times since them). (This is the 2008 version.) They discuss two significant problems of OO systems: fragile base classes and the inappropriate use of accessor and mutator (getter/setter) methods. The slides describe how overuse of implementation inheritance (extends in Java) can get you into trouble, and how getter/setter methods can make your code unmaintainable. They also discuss solutions to both problems (interface-based replacements for implementation inheritance and the Builder design pattern).
Security 101
These slides are an introduction to software security from a presentation given at Software-Development conference in 2008 and 2009. The focus is on what makes an application secure (or not) and how to go about writing secure software. The slides don't focus on any specific technology (such as cryptography), but talk more about what security actually is and how to achieve security in your own software.
Web 2.0/Ajax Security
These slides are an introduction to securing Web 2.0/Ajax applications, from a presentation given at Software-Development conference in 2008. The slides examine the most prevalent JavaScript attacks on Web 2.0 applications and shows you how to protect yourself from them. In particular, they talk about data leaks, man-in-the-middle attacks and efficient HTTPS communication, cross-site scripting, cross-site request forging, and JSON vulnerabilities. SQL injection is also discussed.
Cryptography 101
These slides are an introduction to cryptography from a presentation given several times at the Software-Development conference. (This is the 2008 version.) The focus here is on how both secret-key and public/private key cryptography work and how to use this technology get do practical things (like digital signing). The slides are program-language agnostic, but approach the subject from a programmer's (as compared to mathemetician's) point of view.
Java Cryptography (and related) APIs
These slides are an introduction to Java's cryptography APIs. This particular talk was given at the Software-Development conference in 2008 and 2009. The slides discuss Providers and how to install them, class loaders and permissions, the cryptography APIs themselves (showing you how to do both symetric and asymetric encryption and digital signing), and keystore management (both with keytool and programmatically within your Java application.
Java "Tiger" Release
These slides sumarize the new features that will appear in Java 1.5 ("Tiger"). These include:
  • Generics (sort-of like C++ templates).
  • Static Imports (let's you access public statics without a class name).
  • Autoboxing (automatically wraps int with Integer, etc.).
  • Variable-length arrays (let's you implement printf() in Java
  • Foreach syntax (vastly simplifes iterator usage).
  • Constrained enumerated types (like a C/C++ enum, but better).
  • Metadata (taged attributes on declarations).
Object-Oriented Design
I use these slides (either in full or in part) to teach OO-design process and concepts. They give you an overview of what OO-design is and why you may want to do it, cover several processes that lend themselves to OO development (SEI/CMM, [R]UP, Extreme Programming), present the process that I use in depth, and also provide a glossary of OO terminology. Combined with the Bank-of-Allen Project, they provide a good introduction to object-oriented design.
Taming Java Threads
These slides started out as the very popular presentation that Allen gave at two of Sun's JavaOne conferences. The slides supplied here are considerably expanded from the originals: Allen uses them as the basis of a full-day lecture on Java threading.
Design Patterns in the Real World
Two UML diagrams that I use in my Design Patterns in the Real World talk, presented at the Software-Development conference in 2008 and 2009.
Allen I. Holub & Associates     Berkeley, California     510.528.3620     
©2011 Allen I. Holub (www.holub.com). All Rights Reserved.