The Culture of Code



Customizing REST API Error Response in Spring Boot / Spring-Security-OAuth2

Defining error format is important part of REST API design.

Spring-Boot and Spring Security provide pretty nice error handling for RESTful APIs out of the box. Although it has to be documented, especially when contract-first approach to API design is used.

It is good idea to follow some common format for error responses. But OAuth2 specification and Spring Boot format may not satisfy those requirements.

Monitoring your application locally with NewReclic

The New Relic Digital Intelligence Platform provides actionable insights to drive digital business results. You can monitor your application and infrastructure performance so you can quickly resolve issues and improve digital customer experiences.

Following instruction should help you to connect your application to NewRelic platform and customize application events sent to the platform.


Secure Java Coding Best Practices

Making your web application flawless against security attacks is a challenge for every java developer. In this article I will briefly describe common practical development techniques that can help you to achieve it.

Secure Java Logging with Logback

Deploying application into secure environment adds some restrictions on logging and log management. OWASP community gives some useful recommendations.

Implementing Automatic Reconnection for Netty Client

One of the first requirement of Netty ISO8588 client connector was the support for automatic reconnect.

One of the first receipts I came across was Thomas Termin’s one. He suggests adding a ChannelHandler which will schedule the calling of client’s connect() method once a Channel becomes inactive. Plus adding ChannelFutureListener which will re-create a bootstrap and re-connect if initial connection was failed.

Although this is a working solution, I had a feeling that something is not optimal. Namely, the new Bootstrap is being created on every connection attempt.

So, I created a FutureListener which should be registered once a Channel is closed.

Java Application Development Tutorial

I’ve been meaning to write a small tutorial for building web applications. Now it’s time! Let’s define the steps and choose some solutions for developing back-end java web application.

I will give my design recommendations and list a technologies I would use. You may have your own opinion and you may share it in comment. Over time, this post may change since my favourites are also changing over time.

API Authentication: Generating HMAC digest in PHP and Java

User authentication is an important part of the web service API design. One of the common approach is the Hash-based Message Authentication Code – HMAC. Used together with transport level security it provides reliable mechanizm of user authentication and message integrity validation.

Booting Spring Webapp

Spring Boot is an excellent tool to bootstrap java application. Most of the references mention how to create a standalone java application, optionally with embedded web server (tomcat or jetty). But Spring Boot supports also creating web applications intended to run within servlet container.

Base64 Variants in Java 8

You most likely used Base64 encoding. It’s about encoding any sequence of data as a printable string (digits, lower case and upper case letters). But Base64 has variations. E.g., not every Base64 variant allows safe transfer of any data as URL parameters. For that purpose there is a special dialect of Base64: Url-safe encoding.


Conditional Java Configurations in Spring Framework

Spring Framework offers very flexible means for binding application components. Externalizable properties, composite configuration, nested application contexts and profiles.

Sometimes, it is necessary to control whether particular beans or @Configuration will be loaded or not. Spring Framework v.4.1.x does not provide that feature out of the box. But, hopefully, Spring allows conditional bean initialization (see @Profile implementation and @Configurable). So, I created the annotation @Enabled which allows me to control bean instantiation via properties.

@Enabled indicates that a component is eligible for registration when evaluated expression is true. This annotation should be used in conjunction with Configuration and Bean annotations.