I have several ideas for the next SUG talk, I think they are all really exciting, but I will welcome your comments. The choices are:
- Securing Spring web and WS applications.
- Introduction to OSGi with Spring Dynamic Modules and dm Server
- Spring on the server side, Ruby on the client
Securing Spring web and WS applications
In this talk, we will take an existing, well-written Spring web application and crack it. We will use Mallory’s services and show script and XHTML injection, cookie stealing, the “other four” HTTP methods and — Mallory’s favourite — SQL injection.
Next, we will take another Eastern European, Eve, and we’ll show how we can snoop on WS messages, we will demonstrate how Mallory can modify the message. We will also show how we can cut Eve out and how we will detect that Mallory is making changes to our messages.
You’ll experience our Eastern European team at its dark, foreign and generally menacing best 
OSGi, Spring DM and dm Server
We have done quite a bit of development using the dm Server and OSGi. We can show how to make most of OSGi in your new applications. We will show the usual tricks of updating dependencies at runtime, we will also show OSGi fragments and dynamically extensible web applications.
You will see web applications deploy and update in seconds!
Spring on the server side, Ruby on the client
This should please all of you out there who think that Java web applications with servlet, JSPs, taglibs, and all that are just too complicated for the task. In this talk, we’ll show how to have a complex (and easily load-balanced) services tier in Java and Spring and how to make the most of the agility of Ruby on the client. You’ll see loads of JSON and REST.
If time permits, we may sprinkle it with memcached magic dust.
Please comment
So, please help me decide which talk would go down the best. I look forward to your comments either in this blog or on my e-mail.