Course Notes and Slides by Allen Holub

Here are course notes for recently-held public presentations by Allen.
Agile Architecture
In an Agile world, code has to be structured in a way that acomodates the rigors of the process. These slides introduce a few of the basic architectural principals that underly good OO archictecture in Agile systems. In particular, they discuss the SOLID principles, fragile base clases, and problems that surround the overuse of get/set methods. They also discuss solutions to both problems (interface-based replacements for implementation inheritance and the Builder design pattern).
An Introduction to the Google Web Toolkit (GWT)
A brief introduction to the Google Web Toolkit, the best way that I know to build Ajax applications. Most-recently presented at the 2011 JAX conference in San Jose, CA.
Implementing Secure Login in AJAX Applications
Covers the issues surrounding implementing secure login in an AJAX application (where you want to redraw the page on log in, but not bring an entirely new page down from the server). Most-recently presented at JAX 2011 in San Jose, CA.

These slides discuss two protocols for doing secure login: They describe a standard HTTPS-based protocol where the login is done via a small window in the corner of the main screen, and they discuss a technique called "Direct Login," that doesn't require any HTTPS or SSL, but is useful only for protecting passwords that control customer-specific look-and-feel on an insecure page.

Security 101
These slides are an introduction to software security from a presentation given at Software-Development conference in 2008 and 2009. The focus is on what makes an application secure (or not) and how to go about writing secure software. The slides don't focus on any specific technology (such as cryptography), but talk more about what security actually is and how to achieve security in your own software.
Web 2.0/Ajax Security
These slides are an introduction to securing Web 2.0/Ajax applications, from a presentation given at Software-Development conference in 2008. The slides examine the most prevalent JavaScript attacks on Web 2.0 applications and shows you how to protect yourself from them. In particular, they talk about data leaks, man-in-the-middle attacks and efficient HTTPS communication, cross-site scripting, cross-site request forging, and JSON vulnerabilities. SQL injection is also discussed.
Cryptography 101
These slides are an introduction to cryptography from a presentation given several times at the Software-Development conference. (This is the 2008 version.) The focus here is on how both secret-key and public/private key cryptography work and how to use this technology get do practical things (like digital signing). The slides are program-language agnostic, but approach the subject from a programmer's (as compared to mathemetician's) point of view.
Java Cryptography (and related) APIs
These slides are an introduction to Java's cryptography APIs. This particular talk was given at the Software-Development conference in 2008 and 2009. The slides discuss Providers and how to install them, class loaders and permissions, the cryptography APIs themselves (showing you how to do both symetric and asymetric encryption and digital signing), and keystore management (both with keytool and programmatically within your Java application.
Java "Tiger" Release
These slides sumarize the new features that will appear in Java 1.5 ("Tiger"). These include:
  • Generics (sort-of like C++ templates).
  • Static Imports (let's you access public statics without a class name).
  • Autoboxing (automatically wraps int with Integer, etc.).
  • Variable-length arrays (let's you implement printf() in Java
  • Foreach syntax (vastly simplifes iterator usage).
  • Constrained enumerated types (like a C/C++ enum, but better).
  • Metadata (taged attributes on declarations).
Object-Oriented Design
I use these slides (either in full or in part) to teach OO-design process and concepts. They give you an overview of what OO-design is and why you may want to do it, cover several processes that lend themselves to OO development (SEI/CMM, [R]UP, Extreme Programming), present the process that I use in depth, and also provide a glossary of OO terminology. Combined with the Bank-of-Allen Project, they provide a good introduction to object-oriented design.
Taming Java Threads
These slides started out as the very popular presentation that Allen gave at two of Sun's JavaOne conferences. The slides supplied here are considerably expanded from the originals: Allen uses them as the basis of a full-day lecture on Java threading.
Design Patterns in the Real World
Two UML diagrams that I use in my Design Patterns in the Real World talk, presented at the Software-Development conference in 2008 and 2009.