What can Spring do to help me secure my application? — Audience This article is aimed at developers with a solid understanding of the basics of Spring and web security. It marries up the two concepts, concluding with a worked example of using Spring Security with Spring Boot. Argument Spring Security is centred round two core concepts: Authentication: Verifying you are who you…

An introduction to caching principles — Audience This article is aimed at developers with a reasonable understanding of how the internet functions, contemporary application architectures and AWS. It will cover what caching is in a more general sense, the motivation behind using it, and then deep dive into specific implementations. Argument A cache stores previously used or computed…

An introduction to Kinesis using Apache Camel and Spring Cloud Stream — Audience This article is aimed at developers with a reasonable understanding of Java and Spring, but no experience whatsoever with AWS Kinesis, Apache Camel or Spring Cloud Stream. It will explain the role of message brokers, introduce Kinesis and conclude with a worked example based on Twitter data. Argument Message Brokers Message brokers act…

Creating an amazing space for audience participation! — At the BBC, we put audiences at the heart of everything we do, so it’s important they feel they have a safe space to interact with all of our online products. …

Data Warehouse Project — Audience This article is aimed at engineers looking to gain an understanding of Google’s BigQuery technology, their managed data warehouse solution. It will help to have a surface level understanding of Google Cloud Platform (covered in my article here). …

There will be no sequel — Audience This article is aimed at engineers with a reasonable understanding of cloud computing, specifically Google Cloud Platform. For a refresher you can use my article here. You will also need a base understanding of NoSQL and its use cases, which you can pick up from another one of my pieces…

A guide to one of the smaller OAuth2.0 RFCs — Audience This article is aimed at developers with a good understanding of the role of access tokens in OAuth2.0. You can get that from my article here, with more details in my follow up article here. You will also require an appreciation of how JWT tokens work. …

It’s as exciting as it sounds — Audience This article assumes you have a solid understanding of OAuth2.0, HTTP and JWT tokens, and are looking to get an overview of RFC7521. We will be covering how to use assertions (defined shortly) to authenticate clients and/ or procure access tokens. We will be demonstrating using an example from RFC7523…

That’s right, it’s something to do with OAuth2.0! — Audience In this article we will explain the usage of the Authorization: Bearer xxx-yyy-zzz style header. I feel it’s one of those things that you might use a fair bit without perhaps fully understanding the implications. This article is a crash course in understanding where it comes from, how it works…