Linters are static analysis tools that analyze source code and report problems. The term goes all the way back to Bell Labs in 1978 but the concept is still very important today. In my opinion, linters are a key ingredient of a successful DevSecOps implementation, and yet not enough people are aware of linters, how … Continue reading Linters: Keys To Secure, Maintainable, Quality DevSecOps
Tag: java
Securing and Rotating WordPress Database Credentials with AWS Secrets Manager
AWS Secrets Manager is a simple and powerful way to handle secrets (such as database username/password credentials). It provides support for storing, retrieving, managing, and rotating credentials at an affordable cost (currently $0.40 per secret per month). However, it’s not terribly easy to use with WordPress. I have not been able to find any documentation … Continue reading Securing and Rotating WordPress Database Credentials with AWS Secrets Manager
Change the Spring Session JDBC Serialization Method to Improve Performance
Spring Session JDBC is a great way to allow an application to be stateless. By storing the session in the database, a request can be routed to any application server. This approach provides significant advantages such as automatic horizontal scaling, seamless failover, and no need for session affinity. By using JDBC, the database the application … Continue reading Change the Spring Session JDBC Serialization Method to Improve Performance
MaybeGZIPInputStream
I’m currently working on an application that persists Java serialized data (using ObjectOutputStream) in a database. Java’s serialization format compresses very well – so why not compress the data when storing it then decompress it while reading for a quick win? The problem is that there will still be legacy, uncompressed data, which the application … Continue reading MaybeGZIPInputStream
SQS JMS Resource Adapter
The recently released SQS JMS Resource Adapter allows JEE applications (running on any JEE application server, including Glassfish, Payara, JBoss, IBM Liberty, etc) to easily use AWS SQS as a JMS implementation. This resource adapter can be helpful in many situations, such as: Migrating an existing JEE application from another JMS implementation (such as RabbitMQ, … Continue reading SQS JMS Resource Adapter
Log4jdbc Spring Boot Starter
Logging SQL as it’s executed is a fairly common desire when developing applications. Perhaps an ORM (such as Hibernate) is being used, and you want to see the actual SQL being executed. Or maybe you’re tracking down a performance problem and need to know if it’s in the application or the database, so step #1 … Continue reading Log4jdbc Spring Boot Starter
Working around HHH-9663: Orphan removal does not work for OneToOne relations
HHH-9663 means that orphan removal doesn’t work for OneToOne relationships. For example, given File and FileContent as below (taken from the bug report): package pl.comit.orm.model; import javax.persistence.Entity;import javax.persistence.FetchType;import javax.persistence.Id;import javax.persistence.OneToOne; @Entitypublic class File { private int id; private FileContent content; @Id public int getId() { return id; } public void setId(int id) { this.id = id; } … Continue reading Working around HHH-9663: Orphan removal does not work for OneToOne relations
Spring Boot, HTTPS required, and Elastic Beanstalk health checks
Spring Boot can be very easily configured to require HTTPS for all requests. In application.properties, simply set security.require-ssl=true And that works great – until you’re running the Spring Boot application on AWS Elastic Beanstalk with both HTTP and HTTPS listeners: In that case, Elastic Beanstalk’s health check is always done over HTTP. The configuration page … Continue reading Spring Boot, HTTPS required, and Elastic Beanstalk health checks
Spring Cache Abstraction as a Hibernate Cache Provider
Many of the projects I’ve worked on over my career have leveraged a Spring/Hibernate stack. Over that time, the Spring/Hibernate integration has greatly improved making the once tedious and repetitive chore of setting up a new project (and maintaining an existing one through upgrades, expansion, and refactoring) far simpler. Now it’s as simple as going … Continue reading Spring Cache Abstraction as a Hibernate Cache Provider
Spring ID to Entity Conversion
When using Spring with Hibernate or JPA, it can be very convenient to use objects as method parameters and automatically convert primary keys to those objects. For example: @RequestMapping(value = "/person/{personId}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)@ResponseBodypublic PersonDto getById(@PathVariable Person person) { return person;} instead of: @RequestMapping(value = "/person/{personId}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)@ResponseBodypublic … Continue reading Spring ID to Entity Conversion