Why ApacheCon

It’s the middle of the night, just hours before my return flight home, and can’t sleep.  The tape recorder inside my mind continues to play and won’t stop.  And so, much like my first Apachecon, I choose to write rather than toss and turn.

The theme of this week’s entry is ‘Why ApacheCon’.  I mean, after seven trips, on both sides of the pond, one might expect to grow weary of the routine.  I’m not saying that I don’t like traveling.  It’s just that, well, after almost thirty years as a professional software developer, I’ve had my fair share.

But here’s the deal, it’s not the trip that makes it worthwhile although I’ll admit the venues are always nice.  Certainly Montreal in September is not a bad gig.

It’s the people, and their stories, that make this event special.

A perfect example is Cliff Schmidt, founder of Amplio, who left a lucrative technology career, to pursue a new mission — saving lives in Africa through education via starting a non-profit that supplies battery operated listening devices, i.e. ‘talking books’, to poor rural farmers in Ghana.

DoBbhPxVsAA6wK-

Cliff Schmidt

Another example of Apache members doing good is Myrle Krantz who’s mission is building an open source system for core banking as a platform.  The reason?  To provide a reliable and affordable solution for the world’s 2 billion unbanked, via Apache Fineract.

There’s also Justin McClean, who’s working on an incubating project to provide a real-time operating system featuring a robust and reliable platform to run embedded systems, a.k.a IoT.  The project is Apache Mynewt.  With Mynewt the playing field has been leveled, opening the dedicated hardware market to anyone with a good idea and access to a cheap embedded processor.

Dn_m2T-WkAU8UTS

Justin McClean

And Christopher Dutz who’s striving to break Siemens’ stranglehold on the programmable logic controller market, to offer cost-effective options to gather their data, for small to medium-sized manufacturing facilities.  His incubating project is Apache PLX4J.  This affords small business’ the same capabilities of command and control of their equipment, enabling them to compete with giant corporations

Dn_nTU8XkAEBvxs.jpg large

Christopher Dutz

Or how about Daniel Ruggeri, who’s taken it upon himself to create (and teach) a college-level course on how to introduce a successful open source practice into the enterprise.  This brings more talent in, enabling innovation, across a broader spectrum of companies.

DoBc3i2UwAEkK1C.jpg large

Daniel Ruggeri

What do these people have in common?  Bringing about positive change in the world, via open source projects.

This is why I come to ApacheCon.  It’s not the beautiful venues.  It’s not the education and learning.  It’s not the fun gatherings.  (Although these things are good too of course.)

It’s so that I may be inspired by stories such as these.

Why I love LDAPCon

This post is loosely based on a lightning talk last week in Brussels.  We had a few minutes to fill and I felt compelled to spill my guts, despite having nothing prepared.

For those that have never heard about LDAPCon, it’s a biennial event, first held in ’07, with rotating venues, always in interesting places.  The talks are a 50/50 split between technology providers and usages.

You can check out this year’s talks, along with sides — here.

It’s not a ‘big’ conference — attendance hovers between 70 and 80.  It doesn’t last very long — about two days.  There’s very little glitz or glory.  You won’t find the big vendors with their entourages of executives and marketing reps, wearing fancy suits, sporting fast talk and empty promises.  Nor are there giveaways, flashy parties or big name entertainers.  For the most part the media and analysts ignore it; participants don’t get much exposure to the outside world.  Everyone just sits in a single, large conference room for the duration and listens to every talk (gasp).

So what is it about this modest little gathering that I love so much?

Not my first rodeo.  The end of my career is much closer than its beginning, and I’ve been to dozens of conferences over the decades.  Large, small and everything in between.  For example, I’ve attended JavaOne twelve times and been to half a dozen IBM mega conferences.

Let’s start with relevance.  Contrary to what you may think LDAP is not going away.  It’s not sexy or exciting.  Depending on your role in technology you may not even have heard of it (although I can guarantee that your information is housed within its walls).  But it’s useful.  If you’re interested in security you better understand LDAP.  If you choose not to use it you better have good reasons.  Ignore at your peril.

I’ve been working with LDAP technology (as a user) for almost twenty years.  When I first started, back in the late ’90’s there was a fair amount of hype behind it.  Over the years that hype has faded of course.  As it faded, I found myself alone in the tech centers.  In other words, I was the only one who understood how it worked, and why it was needed.  As the years passed, I found my knowledge growing stale.  Without others to bounce ideas there’s little chance for learning. You might say I was thirsting for knowledge.

My first LDAPCon was Heidelberg in ’11.  It was as if I had found an oasis after stumbling about in the desert alone for years.  AH — at last others who understand and from whom I can learn and work with.

Many conferences are rather impersonal.  This is understandable of course, because the communities aren’t well established or are so large that it would be impossible to know everyone, or even a significant minority.

The leaders of these large technology communities are more like rock stars than ordinary people.  Often (not always) with oversized egos fed by the adoration of their ‘fans’.  This is great if you are seeking an autograph or inspiration, but not so much if you’re wanting help or validation of ideas.

Not the case at LDAPCon.  You’ll still find the leaders and architects, but not the egos.  Rather, they understand the importance of helping others find their way and encourage interaction and collaboration.

Sprinkle in with these leaders earnest newcomers.  Much like when I arrived in Heidelberg the pattern repeats.  These newcomers bring energy and passion that fuels the ecosystem and helps to stave off obsolescence.  There is a continuous stream of ideas coming forth ensuring the products and protocols remain relevant.

The newcomers are welcomed with open arms and not ignored.  This creates a warm atmosphere for collaboration.  New ideas are cherished not shunned.  Newcomers are elevated not marginalized.

Not a marketing conference.  You won’t find booths (like at a carnival) where passersby are cajoled and enticed by shiny lights and glitzy demos.  Where on the last day they warily pack up their rides and go to the next stop on the circuit.

Not a competitive atmosphere, rather collaborative.  Here is where server vendors like Forgerock, Redhat, Microsoft, Symas, and others meet to work together on common goals, improving conditions for the community.  They don’t all show up to every one, but are certainly welcome when they do.

Here, on the last day, there is some sadness.  We go and have some beer together, share war stories (one last time) and make plans for the future.

The next LDAPCon will probably again be held in Europe.  Perhaps Berlin or Brno.

I can hardly wait.

20171021_155827

Secure Web Apps with JavaEE and Apache Fortress

ApacheCon is just a couple months away — coming up May 16-18 in Miami. We asked Shawn McKinney, Software Architect at Symas Corporation,  to share some details about his talk at ApacheCon. His presentation — “The Anatomy of a Secure Web Application Using Java EE, Spring Security, and Apache Fortress” will focus on an end-to-end application security architecture for an Apache Wicket Web app running in Tomcat. McKinney explains more in this interview.

Source: Secure Web Apps with JavaEE and Apache Fortress

Project Link: Apache Fortress Demo Project

LDAP is dead. Long Live LDAP!

David Goodman’s keynote, LDAP 2020 Paradise Lost or Regained?, provides a retrospective for us to contemplate. In it, he describes LDAP’s roots (X.500), where it’s been (U of Mich, Netscape, Sun, Symas, Microsoft, ForgeRock, etc.), and offered insights of what needs to change.

Bottom line, it’s healthy to continually ask the question – Is LDAP dead?  For the answer, we’ll only slightly alter Mark Twain’s famous quotation:

Reports of LDAP’s death have been greatly exaggerated.

Why is that?  For starters, because of conferences like LDAPCon. More than its in-depth technical analysis and tutorials, is what happens in the spaces between the talks.

These spaces nurture the protocol by allowing free discussions on the flaws, and room to create plans for corresponding fixes/enhancements.

Just what are these fixes and enhancements?  Have a look at the program and slides.  Subscribe to the LDAPExt mailing list, share in best practices, and above all, keep attending LDAPCon!

See you at LDAPCon 2017!!