What can Spring do to help me secure my application?

Adding a security layer to Spring projects

Audience

This article is aimed at developers with a solid understanding of the basics of Spring and web security. It marries up the two concepts, concluding with a worked example of using Spring Security with Spring Boot.

Argument

Spring Security is centred round two core concepts:

  1. Authentication: Verifying you are who you say you are.
  2. Authorisation: Once we know who you are, what are you allowed to do?

Authentication

Authentication is handled by the AuthenticationManager interface:

public interface AuthenticationManager {  Authentication authenticate(Authentication authentication)
throws AuthenticationException;
}

This can be implemented differently depending on…


An introduction to caching principles

Increasing application speed using caches

Audience

This article is aimed at developers with a reasonable understanding of how the internet functions, contemporary application architectures and AWS.

It will cover what caching is in a more general sense, the motivation behind using it, and then deep dive into specific implementations.

Argument

A cache stores previously used or computed data in a high-speed data store to make it more rapidly available than in the main storage layer. Generally we would use hardware such as RAM.

For example, we may have a preferred takeaway saved as a favourite on a delivery app. Rather than search…


Streaming and its integration with Spring

Audience

This article is aimed at developers with a reasonable understanding of Java and Spring, but no experience whatsoever with AWS Kinesis, Apache Camel or Spring Cloud Stream. It will explain the role of message brokers, introduce Kinesis and conclude with a worked example based on Twitter data.

Argument

Message Brokers

Message brokers act as an intermediate between a data producer and a data consumer, responsible for routing, validating and transforming their input.

The benefits of using a message broker are decoupling the producer and consumer, maintaining a queue, providing reliable storage, managing the transactions and guaranteeing the message delivery.


Automated container deployment, scaling, and management

Containers for the masses

Audience

This article is aimed at developers with a basic knowledge of Java and Docker looking to understand how Kubernetes fits into contemporary software development.

We will aim to cover containerisation, container management and the basics of Kubernetes, finishing off with a worked example using AWS’ Elastic Kubernetes Service (EKS).

Argument

In Software Engineering we have code and we need somewhere to run it. Sometimes this will be on our local machines, sometimes a server, perhaps somewhere else. However, we need to make sure wherever we run it, it runs in the same way. …


Creating an amazing space for audience participation!

An introduction to moderation at the BBC

At the BBC, we put audiences at the heart of everything we do, so it’s important they feel they have a safe space to interact with all of our online products. Whether it’s a child uploading a picture for their favourite CBBC show, or an avid fan of current affairs sharing their thoughts on the latest breaking news story, the BBC is built to give a voice to everybody.

At the core of this is moderation. As text, pictures, videos and audio are submitted by the public to the BBC, we need to…


A System Design Demonstration

Audience

This is another article aimed at engineers interested in looking at how another developer may approach system design. It is not at all a definitive method, more a way of generating an approximate first draft architecture.

I would thoroughly recommend reading the initial article in this series here. It explores designing a URL Shortener, and we will recycle some of the ideas in this article.

We assume you have a reasonable grasp of architecture, and in later stages AWS. However, even without those you should be able to get the gist.

Argument

Initially, let’s look at our…


Creating accounts, authentication and authorisation

Audience

This article is aimed at engineers with at least a rudimentary understanding of HTML, HTTP, client/ server interactions, and a bit of Nodejs. It is a high level introduction to a website login, when using a laptop. The mechanics can change depending on the type of device you’re using (think verification codes on a phone), but those are a bit much to cover here.

Argument

We will split the article between creating an account and logging in.

Creating an Account

Let’s say we have a form for creating a new user.


Demonstrating an approach to system design

Audience

This article is aimed at engineers interested in looking at how another developer may approach system design. It is not at all a definitive method, more a way of generating an approximate first draft architecture.

We will be borrowing the example problem from educative.io, and following a reasonably similar technique to generate our design.

It assumes you have a reasonable grasp of architecture, and in later stages AWS. However, even without those you should be able to get the gist.

Argument

Initially, let’s look at our problem statement.

The System to Design

We own a website, shorturl.co.uk, which provides…


A Simple Guide to Complexity

Charting relative complexities

Aim

This article acts as an introduction to complexities for engineers. However, it will be most useful to developers who already have a rough grasp of the area, and are looking for more of a refresher on some of the core techniques and terminology.

Argument

‘Big O’ is a measurement of how time relates to input variables. To explain, let’s take an example. We have an algorithm that walks through an array, printing each element. If n is the size of the array, then we will take n steps. Therefore our complexity is O(n).

Let’s take another…


How are they related?

Heap of Logs!

Audience

This article is aimed at developers looking to be introduced to the heap data structure. We will begin by defining a heap, then exploring priority queues and the two structures’ relationship.

It will help if you are familiar with trees and queues, as they will underpin our heap representation. For a quick refresher try my tree article here, and my queue article here.

Argument

A heap is binary tree with two extra sets of constraints:

  1. Shape: All levels of the tree must be filled, except for the last one. …

James Collerton

Senior Software Engineer at the BBC

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store