What can Spring do to help me secure my application?


This article is aimed at developers with a solid understanding of the basics of Spring and web security. It marries up the two concepts, concluding with a worked example of using Spring Security with Spring Boot.


Spring Security is centred round two core concepts:

  1. Authentication: Verifying you are who you say you are.
  2. Authorisation: Once we know who you are, what are you allowed to do?


Authentication is handled by the AuthenticationManager interface:

public interface AuthenticationManager {  Authentication authenticate(Authentication authentication)
throws AuthenticationException;

This can be implemented differently depending on…

An introduction to caching principles


This article is aimed at developers with a reasonable understanding of how the internet functions, contemporary application architectures and AWS.

It will cover what caching is in a more general sense, the motivation behind using it, and then deep dive into specific implementations.


A cache stores previously used or computed data in a high-speed data store to make it more rapidly available than in the main storage layer. Generally we would use hardware such as RAM.

For example, we may have a preferred takeaway saved as a favourite on a delivery app. Rather than search…

An introduction to Kinesis using Apache Camel and Spring Cloud Stream


This article is aimed at developers with a reasonable understanding of Java and Spring, but no experience whatsoever with AWS Kinesis, Apache Camel or Spring Cloud Stream. It will explain the role of message brokers, introduce Kinesis and conclude with a worked example based on Twitter data.


Message Brokers

Message brokers act as an intermediate between a data producer and a data consumer, responsible for routing, validating and transforming their input.

The benefits of using a message broker are decoupling the producer and consumer, maintaining a queue, providing reliable storage, managing the transactions and guaranteeing the message delivery.

Automated container deployment, scaling, and management


This article is aimed at developers with a basic knowledge of Java and Docker looking to understand how Kubernetes fits into contemporary software development.

We will aim to cover containerisation, container management and the basics of Kubernetes, finishing off with a worked example using AWS’ Elastic Kubernetes Service (EKS).


In Software Engineering we have code and we need somewhere to run it. Sometimes this will be on our local machines, sometimes a server, perhaps somewhere else. However, we need to make sure wherever we run it, it runs in the same way. …

Creating an amazing space for audience participation!

At the BBC, we put audiences at the heart of everything we do, so it’s important they feel they have a safe space to interact with all of our online products. Whether it’s a child uploading a picture for their favourite CBBC show, or an avid fan of current affairs sharing their thoughts on the latest breaking news story, the BBC is built to give a voice to everybody.

At the core of this is moderation. As text, pictures, videos and audio are submitted by the public to the BBC, we need to…

API Gateways in Spring


This article is aimed at developers wanting to learn more about Spring Cloud Gateway. Specifically we will be using it to extract and transform data from API request headers, but the overall techniques are recyclable for a number of purposes.

It will assume a small amount of knowledge of HTTP, JWT tokens and Spring, but the overall gist should be accessible to most.


Before we begin in earnest, what is an API Gateway?

API Gateways and Spring Gateway

Typically an API Gateway acts as a reverse proxy, sitting between a client and a set of services, offering cross-cutting concerns. This may…

Deploying to ECS with the AWS Cloud Development Kit, CodeBuild and CodePipeline


This article is aimed at engineers looking to understand a little bit more about the DevOps offerings from AWS. It assumes a small amount of familiarity with CI/CD, AWS, Docker, containerisation frameworks, Infrastructure as Code (IaC), and React. It isn’t necessary to have actually employed them, only to conceptually understand how they are used.

In this post we will be creating a small React application that we will build and deploy using AWS CodeBuild and AWS CodePipeline, hosting it on an ECS cluster. Some of the more simple…

Representing complex architectures simply


This article is aimed at engineers or developers looking to gain a deeper understanding of C4 modelling, and how to employ it. We will also be exploring the PlantUML tool to create our diagrams.

We will begin with the motivation behind C4 modelling, before using a worked example to explore the details of the technique. Our demonstration will be based around a URL shortener, which is covered in a previous article here.

A later section will rely on a small amount of knowledge of STRIDE Threat Modelling. …

A system design demonstration


This article is the next in my series of how I would design popular applications. It is recommended (although not entirely necessary) to read the previous posts here and here. We will expect a basic familiarity with architecture principals and AWS, but hopefully this post is approachable for most engineers.


Initially, let’s look at our problem statement.

The System to Design

We are recreating the popular social media service, Instagram. I’d be very impressed if you’d got this far on the internet without encountering it, but in case you’ve pulled it off, here’s a quick overview.

Instagram is a social…

A System Design Demonstration


This is another article aimed at engineers interested in looking at how another developer may approach system design. It is not at all a definitive method, more a way of generating an approximate first draft architecture.

I would thoroughly recommend reading the initial article in this series here. It explores designing a URL Shortener, and we will recycle some of the ideas in this article.

We assume you have a reasonable grasp of architecture, and in later stages AWS. However, even without those you should be able to get the gist.


Initially, let’s look at our…

James Collerton

Principal Software Engineer at the BBC

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store