Patrycja Wegrzynowicz is a software visionary and expert specialized in automated software engineering and Java technologies. She is the founder and CTO of Yonita, Inc., a California-based start-up focused on automated detection and refactoring of software defects, including security vulnerabilities, performance and concurrency anti-patterns, and database issues.
Patrycja is a regular speaker at major academic as well as industrial conferences, including JavaOne, Devoxx, JavaZone, OOPSLA, ASE, and others. She has been named as one of Top 10 Women in Tech in Poland 2016 by Girls in Tech.
Patrycja’s interests focus on patterns and anti-patterns in software along with automated software engineering, particularly static and dynamic analysis techniques to support program verification, comprehension, and optimization.
Broken authentication and session management is among the most prominent security vulnerabilities according to The Open Web Application Security Project Foundation (the OWASP Top 10). Many developers assume that it works out of the box in Java EE. Unfortunately that’s not the case. Even though Java EE provides support for secure authentication and session management, it’s still developers’ responsibility to use it correctly.
In live demos, you’ll learn how to hijack a session by exploiting common security vulnerabilities on the client-side, on the server-side, and in transport. You’ll also find out about common mistakes and omissions related to authentication and session management along with the ways to protect your applications using Java EE mechanisms.
This talk explains common mistakes or omissions related to mappings of complex structures. The focus is on efficient retrieval of collections and their sub-objects along with fetching strategies and efficient queries. The presented real code examples illustrate how the anti-patterns can decrease performance and how to implement the mappings to speed up execution times.
The Java Persistence API provides a powerful interface for object-relational mapping, yet there are use cases, such as legacy systems and high-volume low-latency environments, where object-relational mapping is not sufficient. However, JPA still can help in the rightful programming of such cases. This session discusses native-query support in JPA along with stored procedures and result set mappings in JPA 2.1. The presented code samples illustrate the details of the API, highlighting their strengths and weaknesses. Our analysis reveals applicable use cases and most popular approaches. The summary provides guidelines on how and when to utilize native queries.
Java Persistence API provides a straightforward and easy-to-use interface for object-relational mapping. However, its simplicity often becomes mischievous to developers and leads to serious performance issues in JPA applications, while caching is one of the key factors to better performance.
This talk discusses a second-level cache, its applicability and impact on performance. It explains the concept of a second-level cache along with its configuration settings and modes in JPA. The presented code samples illustrate applicable use cases and help in forming the caching guidelines, while the execution times prove the performance gain from caching. In addition, the discussion of the second-level cache configuration in Hibernate and EclipseLink will aid in better understanding of cache capabilities.