Are All Web Applications Broken?

Many developers believe that web frameworks “take care of” the details of concurrency, but this is only because most web applications make limited use of state. Stateful web applications also need to be careful about hazards like races. This talk will use the Java Memory Model to analyze common patterns of state management in web applications.

This talk builds on the concepts developed in The Java Memory Model to explore concurrency pitfalls in typical web and desktop Java applications. We'll see how common patterns for maintaining state in Java applications expose subtle vulnerabilities, and explore design techniques for building more robust applications as well as techniques for auditing typical server-side code for potential concurrency hazards.

About Brian Goetz

Brian Goetz has been a professional software developer for 20 years. He is the author of over 75 articles on software development, and his book, Java Concurrency In Practice, was published in May 2006 by Addison-Wesley. He serves on the JCP Expert Groups for JSRs 166 (concurrency utilities), 107 (caching), and 305 (annotations for safety analysis). He is a frequent presenter at JavaOne, OOPSLA, JavaPolis, SDWest, and the No Fluff Just Stuff Software Symposium Tour. Brian is a Sr. Staff Engineer at Sun Microsystems.

More About Brian »