Confessions of a Middle-Aged Coder Turned Gravel Grinder

Slides from my ApacheCon talk yesterday:


Some words about Gerrit Gorter… writer, professional, musician, husband, father and friend.

I just learned his treatment (for a disease I shall not grace by naming) has been discontinued.  He has listened to my stories, encouraged the continued pursuit (of silly things like riding gravel), and to never lose the childlike curiosity to try new things.  This talk was for him.

Why ApacheCon

It’s the middle of the night, just hours before my return flight home, and can’t sleep.  The tape recorder inside my mind continues to play and won’t stop.  And so, much like my first Apachecon, I choose to write rather than toss and turn.

The theme of this week’s entry is ‘Why ApacheCon’.  I mean, after seven trips, on both sides of the pond, one might expect to grow weary of the routine.  I’m not saying that I don’t like traveling.  It’s just that, well, after almost thirty years as a professional software developer, I’ve had my fair share.

But here’s the deal, it’s not the trip that makes it worthwhile although I’ll admit the venues are always nice.  Certainly Montreal in September is not a bad gig.

It’s the people, and their stories, that make this event special.

A perfect example is Cliff Schmidt, founder of Amplio, who left a lucrative technology career, to pursue a new mission — saving lives in Africa through education via starting a non-profit that supplies battery operated listening devices, i.e. ‘talking books’, to poor rural farmers in Ghana.


Cliff Schmidt

Another example of Apache members doing good is Myrle Krantz who’s mission is building an open source system for core banking as a platform.  The reason?  To provide a reliable and affordable solution for the world’s 2 billion unbanked, via Apache Fineract.

There’s also Justin McClean, who’s working on an incubating project to provide a real-time operating system featuring a robust and reliable platform to run embedded systems, a.k.a IoT.  The project is Apache Mynewt.  With Mynewt the playing field has been leveled, opening the dedicated hardware market to anyone with a good idea and access to a cheap embedded processor.


Justin McClean

And Christopher Dutz who’s striving to break Siemens’ stranglehold on the programmable logic controller market, to offer cost-effective options to gather their data, for small to medium-sized manufacturing facilities.  His incubating project is Apache PLX4J.  This affords small business’ the same capabilities of command and control of their equipment, enabling them to compete with giant corporations

Dn_nTU8XkAEBvxs.jpg large

Christopher Dutz

Or how about Daniel Ruggeri, who’s taken it upon himself to create (and teach) a college-level course on how to introduce a successful open source practice into the enterprise.  This brings more talent in, enabling innovation, across a broader spectrum of companies.

DoBc3i2UwAEkK1C.jpg large

Daniel Ruggeri

What do these people have in common?  Bringing about positive change in the world, via open source projects.

This is why I come to ApacheCon.  It’s not the beautiful venues.  It’s not the education and learning.  It’s not the fun gatherings.  (Although these things are good too of course.)

It’s so that I may be inspired by stories such as these.

Why I love LDAPCon

This post is loosely based on a lightning talk last week in Brussels.  We had a few minutes to fill and I felt compelled to spill my guts, despite having nothing prepared.

For those that have never heard about LDAPCon, it’s a biennial event, first held in ’07, with rotating venues, always in interesting places.  The talks are a 50/50 split between technology providers and usages.

You can check out this year’s talks, along with sides — here.

It’s not a ‘big’ conference — attendance hovers between 70 and 80.  It doesn’t last very long — about two days.  There’s very little glitz or glory.  You won’t find the big vendors with their entourages of executives and marketing reps in the expo.  Nor are there giveaways, flashy parties or big name entertainers.  For the most part the media and analysts ignore it; participants don’t get much exposure to the outside world.  Everyone just sits in a single, large conference room for the duration and listens to every talk (gasp).

So what is it about this modest little gathering that I love so much?

Not my first rodeo.  The end of my career is much closer than its beginning, and I’ve been to dozens of conferences over the decades.  Large, small and everything in between.  For example, I’ve attended JavaOne twelve times and been to half a dozen IBM mega conferences.

Let’s start with relevance.  Contrary to what you may think LDAP is not going away.  It’s not sexy or exciting.  Depending on your role in technology you may not even have heard of it (although I can guarantee that your information is housed within its walls).  But it’s useful.  If you’re interested in security you better understand LDAP.  If you choose not to use it you better have good reasons.  Ignore at your peril.

I’ve been working with LDAP technology (as a user) for almost twenty years.  When I first started, back in the late ’90’s there was a fair amount of hype behind it.  Over the years that hype has faded of course.  As it faded, I found myself alone in the tech centers.  In other words, I was the only one who understood how it worked, and why it was needed.  As the years passed, I found my knowledge growing stale.  Without others to bounce ideas there’s little chance for learning. You might say I was thirsting for knowledge.

My first LDAPCon was Heidelberg in ’11.  It was as if I had found an oasis after stumbling about in the desert alone for years.  AH — at last others who understand and from whom I can learn and work with.

Many conferences are rather impersonal.  This is understandable of course, because the communities aren’t well established or are so large that it would be impossible to know everyone, or even a significant minority.

The leaders of these large technology communities are more like rock stars than ordinary people.  Often (not always) with oversized egos fed by the adoration of their ‘fans’.  This is great if you are seeking an autograph or inspiration, but not so much if you’re wanting help or validation of ideas.

Not the case at LDAPCon.  You’ll still find the leaders and architects, but not the egos.  Rather, they understand the importance of helping others find their way and encourage interaction and collaboration.

Sprinkle in with these leaders earnest newcomers.  Much like when I arrived in Heidelberg the pattern repeats.  These newcomers bring energy and passion that fuels the ecosystem and helps to stave off obsolescence.  There is a continuous stream of ideas coming forth ensuring the products and protocols remain relevant.

The newcomers are welcomed with open arms and not ignored.  This creates a warm atmosphere for collaboration.  New ideas are cherished not shunned.  Newcomers are elevated not marginalized.

Not a marketing conference.  You won’t find booths (like at a carnival) where passersby are cajoled and enticed by shiny lights and glitzy demos.  Where on the last day they warily pack up their rides and go to the next stop on the circuit.

Not a competitive atmosphere, rather collaborative.  Here is where server vendors like Forgerock, Redhat, Microsoft, Symas, and others meet to work together on common goals, improving conditions for the community.  They don’t all show up to every one, but are certainly welcome when they do.

Here, on the last day, there is some sadness.  We go and have some beer together, share war stories (one last time) and make plans for the future.

The next LDAPCon will probably again be held in Europe.  Perhaps Berlin or Brno.

I can hardly wait.


Secure Web Apps with JavaEE and Apache Fortress

ApacheCon is just a couple months away — coming up May 16-18 in Miami. We asked Shawn McKinney, Software Architect at Symas Corporation,  to share some details about his talk at ApacheCon. His presentation — “The Anatomy of a Secure Web Application Using Java EE, Spring Security, and Apache Fortress” will focus on an end-to-end application security architecture for an Apache Wicket Web app running in Tomcat. McKinney explains more in this interview.

Source: Secure Web Apps with JavaEE and Apache Fortress

Project Link: Apache Fortress Demo Project

LDAP is dead. Long Live LDAP!

David Goodman’s keynote, LDAP 2020 Paradise Lost or Regained?, provides a retrospective for us to contemplate. In it, he describes LDAP’s roots (X.500), where it’s been (U of Mich, Netscape, Sun, Symas, Microsoft, ForgeRock, etc.), and offered insights of what needs to change.

Bottom line, it’s healthy to continually ask the question – Is LDAP dead?  For the answer, we’ll only slightly alter Mark Twain’s famous quotation:

Reports of LDAP’s death have been greatly exaggerated.

Why is that?  For starters, because of conferences like LDAPCon. More than its in-depth technical analysis and tutorials, is what happens in the spaces between the talks.

These spaces nurture the protocol by allowing free discussions on the flaws, and room to create plans for corresponding fixes/enhancements.

Just what are these fixes and enhancements?  Have a look at the program and slides.  Subscribe to the LDAPExt mailing list, share in best practices, and above all, keep attending LDAPCon!

See you at LDAPCon 2017!!

JavaOne Survival Guide

With next week being my 12th time at JavaOne, here’s some wisdom for those who’ve never been.

  1. Use the schedule builder.  Many sessions fill up early and if you didn’t reserve your seat you’ll be stuck in overflow.

  2. Don’t miss the Oracle Appreciation Event.  It’s one of the hottest attractions in San Francisco.  Event bracelets are highly sought after and traded by the locals on the free market.  I recommend leaving well in advance of the encores to avoid the long queues that gather for the return bus trip.

  3. Enjoy a brew at the Thirsty Bear a block from the Moscone center.  You’ll be glad you did.  And don’t skip the tapas.

  4. Attend the BOFS.  More casual (and fun) than the event keynotes or technical sessions.  BOFs are a great way to meet the leading minds working with Java.  The relaxed format encourages audience participation and are a way for your voice to be heard.
  5. Trouble reserving a room within your price range nearby?  Try renting an Airbnb apartment.  Often times apartments may be rented for a fraction of the cost you would otherwise pay for a hotel room.
  6. Take the BART.  No need to rent that car or pay $40 in cab fare.  BART has terminals at both local airports, is fast, easy and cheap.
  7. Get out and walk a bit.  Market Street (shopping), Union Square (more shopping), and China Town (eating and sightseeing)  is walking distance from the conference hotels.  Better yet, stop by the Embarcadero for a ride on one of the ferries shuttling commuters across the bay.

    If you’re lucky you might snag a bar seat at the Slanted Door which is one of the best restaurants in town.

    Need a laugh?  Check out Pier 39’s Sea Lions at the Wharf.

  8. Stay until Friday.  Avoid the mad rush to the airport on Thursday afternoon.  The conference pace slows to a crawl which is nice after all the earlier hustle and bustle.  There’s usually plenty of free beer left as Oracle tries to drain the last of the kegs.

JavaOne Open Source IAM Expert Panel

Once again we’ll be meeting in San Francisco for a Birds-of-Feather.

Open Source IAM Expert Panel Part 4

There is a growing need in the market today to provide open source identity and access management (IAM) solutions that are both comprehensive and easy to use. Despite this growing need, the track record for open source solution providers in this space has been mixed. This session provides an opportunity for dialogue between those that need such products and those that create them. The goal of the session is to provide the attendees with information for better exploiting the products available today and to answer any questions they may have. At the same time, they get an open forum in which to provide ideas on what needs to change going forward.

Igor Farinic, Senior Software Engineer, Cofounder, Evolveum
Les Hazlewood, Cofounder and CTO, Stormpath
Misagh Moayyed, Software Engineer, Unicon, Inc
Bill Thompson, Director, Digital Infrastructure, Lafayette College

Shawn McKinney, Systems Architect, Symas

October 26, 7:00 pm – 7:45 pm | Hilton—Plaza Room A
BOF (Birds-of-a-Feather) Session

Slides from previous events

  1. Part I – October 1, 2012
  2. Part II – September 23, 2013
  3. Part III – September 30, 2014
  4. Part IV – October 26, 2015