This article is aimed at developers with a reasonable understanding of Java and Spring, but no experience whatsoever with AWS Kinesis, Apache Camel or Spring Cloud Stream. It will explain the role of message brokers, introduce Kinesis and conclude with a worked example based on Twitter data.
Message brokers act as an intermediate between a data producer and a data consumer, responsible for routing, validating and transforming their input.
The benefits of using a message broker are decoupling the producer and consumer, maintaining a queue, providing reliable storage, managing the transactions and guaranteeing the message delivery.
An introduction to caching principles
This article is aimed at developers with a reasonable understanding of how the internet functions, contemporary application architectures and AWS.
It will cover what caching is in a more general sense, the motivation behind using it, and then deep dive into specific implementations.
A cache stores previously used or computed data in a high-speed data store to make it more rapidly available than in the main storage layer. Generally we would use hardware such as RAM.
For example, we may have a preferred takeaway saved as a favourite on a delivery app. Rather than search…
What can Spring do to help me secure my application?
This article is aimed at developers with a solid understanding of the basics of Spring and web security. It marries up the two concepts, concluding with a worked example of using Spring Security with Spring Boot.
Spring Security is centred round two core concepts:
Authentication is handled by the AuthenticationManager
interface:
public interface AuthenticationManager { Authentication authenticate(Authentication authentication)
throws AuthenticationException;
}
This can be implemented differently depending on…
Give me a quick overview of identifying client browsers please!
In this article we will be referring exclusively to HTTP cookies, and so all references to ‘cookie’ will be within this context.
This article is aimed at developers with a minimal understanding of HTTP. It looks to clarify some basic questions surrounding cookies, sessions and JWT, finishing with a worked example using Express.js.
Within this article we will explore the definition of a cookie, what they contain and how they are related to sessions and JWT tokens. We will then work through these concepts using an example.
Cookies are simply…
What is CQRS, and why and how do we use it?
This article is aimed towards anyone with a basic understanding of application architectures. It requires some knowledge of how applications and data stores fit together, as well as a superficial knowledge of AWS.
It looks to address the following points:
All of these points will be covered in the context of adding a…
As an engineer, how can I practice my secure coding?
This article is aimed at developers who would like to improve their security skills. It assumes a basic knowledge of at least one programming language and a reasonable understanding of web applications.
Security is an important area of expertise for a developer. However, it is often difficult to know where to begin your learning. In this article we aim to cover a number of tools which can be used to start your journey.
We will cover two main resources for learning about security:
We…
So, what have I missed?
This article is aimed at developers with a basic understanding of Java but who are looking to brush up on the changes from version 8 onwards. It isn’t intended as an in-depth guide, but more as a summary to remind you of the more exciting new features.
We will start with the changes to the Java release cycle, then move on to the key additions to each new version.
Previously Java would leave years between versions, finessing all of the features it hoped to introduce before doing a big bang release. Since Java 8, this…
I understand certificates, or at least I think I do…
This article is for developers who are currently using certificates and want to concrete their practical knowledge. We won’t dive deeply into details, but will give a pragmatic overview of the different areas required for their understanding.
Please note, this article does assume you have a basic understanding of public and private key infrastructure!
We aim to answer the below questions:
I’m a developer, I deploy to a VPC, but what’s going on in there…
This article is aimed at developers using AWS looking to understand how VPCs work. In many companies the complex infrastructure provisioning is separated from the development process. You may be deploying into a VPC, but not really know where your code is going.
Here we will explain at a very high level how a VPC functions. We will assume a small amount of networking knowledge, but the idea is to make the explanation as clear and practical as possible.
My AWS Step Function is exhausting my Lambda pool and keeps falling over!
The audience for this article is anyone using AWS Step Functions directly calling AWS Lambdas. An issue with particularly high traffic systems involves exhausting the Lambda pool, which in turn causes the Step Function to fail. The article expects a reasonable familiarity with both components.
At the time of writing the maximum open Step Function executions per account is 1,000,000. However, the default number of concurrent Lambda executions you may have per account is 1,000. …
Senior Software Engineer at the BBC