Speakers


Fred Anderson
Charlie Arehart
Laura Arguello
John Paul Ashenfelter
Simeon Bateman
Peter Bell
Steve Blades
Barney Boisvert
Rob Brooks-Bilson
Thomas Burleson
Raymond Camden
Emily Christiansen
Sean Corfield
Jeff Coughlin
Jason Dean
Steven Erat
Marc Esher
Peter Farrell
Simon Free
Mike Henke
Shannon Hicks
Doug Hughes
Brian Kotek
Jamie Krug
Luis Majano
Mark Mandel
John Mason
Andy Matthews
Justin Mclean
Brian Meloche
Dan Nelson
Ezra Parker
Chris Peterson
Jim Priest
Rob Rusher
Terry Ryan (Adobe)
Sean Schroeder
Bob Silverberg
Dan Skaggs
Jeff Tapper
Dan Vega
Kurt Wiersma
Dan Wilson
Aaron Wolfe
Matt Woodward

Sponsors





Badges

Help us promote the conference by placing a promotional badge on your site!

What people are saying

"The content exceeded my expectations. I've been to Adobe Max, CFUnited and Flash Forward, many of these sessions at these conferences are full of fluff. I found the majority of cf.Objective's sessions to contain useful info. Thank you!"
James Eisenlohr - NASA

"Good, diverse topics. There was never a session slot where I couldn't find anything that I wanted to attend."
Jay Springer - Mounds Park Academy

"I'd only heard good things about cf.Objective(), so as a first-timer, I was very excited to see the venue and experience the content first-hand. I have not been disappointed!"
Lynn Doogs - Jack Henry Associates, Inc.

cf.Objective() 2010:
The Only Enterprise ColdFusion Conference...

Integration and Tools Track

ColdFusion as a Service (CFaaS) - Terry Ryan - Adobe

ColdFusion is about making hard thing easy, and easy things trivial. This session will show off several features of ColdFusion designed to make working with Flex and AIR with ColdFusion even easier then it is today.

CFML Portlets - Adam Haskell

JBoss Portal provides a framework for centralized and secure access to applications and information, which fosters collaboration, streamlines business processes, and reduces costs. CFML can be a great option to rapidly develop and deploy portlets to Jboss Portal. We'll explore how to implement and deploy a Jboss portlet using a CFML engine.

Approaches to Automated Security Testing - Bill Shelton

You've performed code reviews and have taken measures to harden your application. You're ready to deploy, yet you have doubts. You know your changes didn't break functionality, but how can you be sure your hardening did what you intended it to do? This session will explore some methods for discovering and fixing vulnerabilities in your code using static analysis, automated testing, and sound design principals with security in mind. You will walk away with a better understanding of how you can build and test secure software.

Move over MySQL, Make room for PostgreSQL - Brian Ghidinelli

ColdFusion and MySQL have been best friends since MX and many developers use it as their day-to-day database. Brian made the leap to PostgreSQL in 2004 and never looked back: it has everything MySQL has plus most of the enterprise features found in Oracle, SQL Server and DB2 wrapped in an open source package with a great community and support. Come learn how these packages are more similar than different and why your next project should be backed by Postgres.

Using the Salesforce AppExchange API from ColdFusion - Dave Watts

Authorization: Attacks and Defenses - Dean Saxe

Authorization is one of the key concepts developers must understand when writing applications to ensure the security of users' data and the system as a whole. In today's environment where high security standards must be achieved for applications due to corporate, legal or industry specific requirements, it is imperative for developers to understand how to design, build and implement authorization systems that will withstand attack. In this session, we'll explore the basics of authorization with practical examples of how to create secure authorization systems for web applications and Rich Internet Applications. Attendees will learn about Discretionary Access Control, Role Based Access Control and how to properly store authorization information and authorize a user's request. By reviewing examples of insecure authorization systems taken from real world examples attendees will learn where authorization systems can fail and how to prevent such attacks from succeeding against their applications.

Payment Processing Paradigm - Gail "Montreal" Shoffey Keeler

This session investigates merchant account configurations, examines connectivity to the merchant's Application Programming Interface (API), and assesses compliance with Payment Card Industry Data Security Standard (PCI DSS). Successful e-commerce developers integrate payment processing modules into their applications for seamless real-time transaction settlements. The first step is learning how to set up a merchant account. The second step is programming to the merchant's API. Integrating the merchant's set of methods or functions into your application means the client will never have to leave the organization's website to fill out a third-party or merchant form. The third step is to secure all transaction data. The PCI DSS provides a set principles and accompanying requirements in order to secure your business and certify compliancy. Integrating payment processing into your application will provide the user with an uncomplicated and seamless purchasing experience; increase sales opportunities; and create and maintain satisfying customer relationships.

GlassFish and ColdFusion - Jared Rypka-Hauer

This session will cover integration of ColdFusion with GlassFish, if the audience desires to observe the installation and integration of Glassfish and ColdFusion, and ways to exploit some of the unique GlassFish features such as clustering, security domains, multiserver management and monitoring, all using container-level GlassFish features.

ColdFusion Application Security: The Next Step - Jason Dean

We've all parameterized our SQL queries to prevent SQL injection attacks, right? So what's next? Are our applications safe now? No, they are not. SQL injection is only the tip of the vulnerability iceberg. There are many other security topics that need to be addressed in our applications. Threats and vulnerabilities are everywhere, and it is likely that your applications contain some of them. In this presentation we will discuss what threatens web applications and how to create countermeasures to address these vulnerabilities.

PDF Documents and Forms in ColdFusion 8 - Jeff Coughlin

Working with PDFs in ColdFusion couldn't be easier in ColdFusion 8. In this session we'll learn about many of CF8's new PDF functionalities like manipulating and merging data, as well as searching metadata information within PDFs. We'll also discover how ColdFusion 8 allows us to populate forms as well as capture data from PDF forms for processing. We'll wrap up with server-side printing of our finalized PDF manipulation and show how it can be used for things like printing packaging slips.

Using Open-Source Logging and Caching Packages to Make Your Applications Faster and Easier to Debug/Monitor - Peter J. Farrell

Use the powerful Mach-II logging and caching packages in your non-Mach-II applications. These Mach-II packages are completely independent from the MVC part of framework by design so they can easily be leveraged by non-Mach-II applications. Check out how to plugin caching at different layers of your application to speed up performance with a unified API and bundled caching strategies. Log messages to ease your debugging nightmares by utilizing the logging package. Don't repeatedly roll your own solutions when enterprise packages are at your finger tips!

Indiana Jones and the Server of Doom - Mike Brunt

When a server goes down, or starts to misbehave there is a lot more at risk that just the availability of the service you are providing. The reputation of your business, and indeed it's survival are also put under the microscope. Whilst it's impossible to guarantee the 100% uptime of a server, there are tools available to us to help help monitor, troubleshoot and pro-actively fix issues at the first sign of trouble. In this session we're going to examine what affects our server configuration, discuss optimization techniques and go hands on with the tools available to us to prevent degradation and ultimately crashes of our servers. So bring your server troubles to the session and see how they can be solved. Fedora and whip are optional.

Hardening Your ColdFusion Server - Pete Freitag

Do you know which settings in the ColdFusion Administrator make your ColdFusion server more vulnerable to attack? Do you know how to hide which version of ColdFusion you are using? In this session we will discuss a number of ways to harden your ColdFusion server by choosing configuration options wisely and digging deep into configuration files.

Behavior-Driven Development with cfSpec - Sean Corfield

The natural way to develop software is to start with requirements - the expected behavior - of the system. We work our way down the line through design to implementation and somewhere in there we do some testing. Unit testing focuses on implementation, even if you write the tests first. Behavior-Driven Development is intended to let you write the expected behavior - the requirements - in a testable format so that you can develop software top-down, in a natural manner. cfSpec is a great new framework that supports BDD for ColdFusion. Find out how it can help you develop testable, high-quality software in a natural way.

ColdFusion and Adobe LiveCycle ES - Steve Drucker

During this session you will learn about the Adobe LiveCycle Enterprise Suite and how you can leverage your ColdFusion development skills to enhance its capabilities. LiveCycle ES provides a broad range of deployable services including workflow, dynamic pdf generation, and enterprise-class security using a slew of different input mechanisms including html/pdf forms, Flex forms, email-based input, and a directory watcher. Learn how to take the stress out of changing requirements by modifying your workflow processes and form design through drag and drop!