Auto-encrypting Serializable Classes

A crazy idea came up during the post-mortem discussions in the Coursera security capstone project. Can a class encrypt itself during serialization? This is mostly an academic “what if” exercise. It is hard to think of a situation where we would want to rely on an object self-encrypting instead of using an explicit encryption mechanism during persistence. I’ve only been ...

Read More »

Build your own robot arm – assembly

I have written a few posts about software development, coding and Java related topics. This time I decided to share with you a more fun project I did. I am a fan of Arduinos, Pis and other platforms for home automation as well as just pure fun with electronics and mechanics. In my pursuit of better understanding of the ways ...

Read More »

The “Done” Fallacy

One of the earliest ideas you learn as an agile practitioner is “Done, Done, Done”. There’s a lot of thinking behind it, but for me it boils down to trust. When you don’t know what “done” means, the next person who gets you’re deliverable might be surprised. As a rule, we don’t like surprises. So regardless of when it’s going to ...

Read More »

Infer: A Look Into Facebook’s New Java Static Analysis Tool

How can you improve your Java development workflow with Facebook’s Infer? If you keep in the loop with tech buzz (which I’m assuming you do if you’re reading this blog), you’ve likely heard about the new tool Facebook just released to the public: Infer. Since it came from Facebook, people are naturally curious, so I wanted to take a look at ...

Read More »

Blue-Green Deployment With a Single Database

A blue-green deployment is a way to have incremental updates to your production stack without downtime and without any complexity for properly handling rolling updates (including the rollback functionality) I don’t need to repeat this wonderful explanation or Martin Fowler’s original piece. But I’ll extend on them. A blue-green deployment is one where there is an “active” and a “spare” ...

Read More »

Run java web apps in embedded containers with Maven, Jetty and Tomcat

java-interview-questions-answers

While developing java web applications is very practical to have quick feedback from a “real” environment. In this post I’ll explore how to run a java web application with Maven in an embedded container be it Jetty or Tomcat.  I’ll show how I have configured them for the development of podcastpedia project backing the Podcastpedia.org website. Prerequisites You should have Maven ...

Read More »

Top 10 Lists for Designing and Writing Secure and Safe Software

If you care about writing secure code, should know all about these Top 10 lists: OWASP Top 10 The OWASP Top 10 is a community-built list of the 10 most common and most dangerous security problems in online (especially web) applications. Injection flaws, broken authentication and session management, XSS and other nasty security bugs. These are problems that you need ...

Read More »

Java REST JAX-RS 2.0 – How To Handle Date, Time and Timestamp Data Types

java-interview-questions-answers

Be it X-Form-Urlencoded or JSON HTTP post to a REST resource end-point, there is no specific “data type” for date or time related data. Most developers will have these data posted as “String” or just simply convert them to Unix timestamp value (e.g. 1435061152). But, as developers implement more and more end-point methods, codes to parse of date, time and ...

Read More »