Simple Things That Are Actually Hard: User Authentication
You build a system. User authentication is the component that is always there, regardless of the functionality of the system. And by now it should be simple to implement itContinue reading
Obtaining TLS Client Certificates In Spring Integration
Spring Integration is a very powerful and extensible framework for, well, integrations. But sometimes it’s not trivial how to get some information that yo need. In my case – aContinue reading
Every Serialization Framework Should Have Its Own Transient Annotation
We’ve all used dozens of serialization frameworks – for JSON, XML, binary, and ORMs (which are effectively serialization frameworks for relational databases). And there’s always the moment when you needContinue reading
List of Open Source Security Tools
As a founder of a security company, I’m constantly looking for open source tools to either incorporate in our offering, or get inspiration from, or provide integration with. And thereContinue reading
Always Name Your Thread Pools
Our software tends to use a lot of thread pools – mostly through java.util.concurrent.ExecutorService implementations (Created via Executors.new…. We create these for various async use-cases, and they can be seenContinue reading
Connecting to Kibana Within an AWS VPC
When you use the managed Elasticsearch service on AWS, you usually choose an encrypted connection (via KMS-managed keys), which means you can’t use just any tool to connect to yourContinue reading
Elasticsearch – Scalability and Multitenancy [slides]
Last week I gave a talk in a local tech group about my experience with Elasticsearch at LogSentinel, and how we achieve multitenancy and scalability. Obviously, the topic of scalabilityContinue reading
Content-Security-Policy Nonce with Spring Security
Content-Security-Policy is important for web security. Yet, it’s not mainstream yet, it’s syntax is hard, it’s rather prohibitive and tools rarely have flexible support for it. While Spring Security doesContinue reading
Releasing Often Helps With Analyzing Performance Issues
Releasing often is a good thing. It’s cool, and helps us deliver new functionality quickly, but I want to share one positive side-effect – it helps with analyzing production performanceContinue reading
Syntactic Sugar Is Not Always Good
This write-up is partly inspired by a recent post by Vlad Mihalcea on LinkedIn about the recently introduced text blocks in Java. More about them can be read here. Now,Continue reading