DevSecOps for Authorization

1. Overview What is DevSecOps? DevSecOps refers to the strategy of development, security, and operations teams working hand-in-hand on their projects, rather than working in isolation. Each component of DevSecOps – development, security, and operations – is meant to be integrated into the processes of its fellow components. For example, in terms of security, DevOps […]

Grails with Spring Security

1. Overview of Spring Security Integration with Grails Spring Security touts a number of authentication, authorization, instance-based, and various other features that make it so attractive to secure applications with. With this in mind, due to Grails use of Spring’s Inversion of Control Framework and MVC setup, developers sought to use Spring Security to secure […]

Software Engineer Salary

1. Overview A concern for many – if not all – software engineers when considering employment is: what is a competitive software engineer salary? Whether you are an aspiring software engineer or a seasoned one, we will be reviewing various software engineer salaries including different locations.  2. Google Software Engineer This is really more or […]

Expression-Based Access Control

1. Overview Today, we’ll be reviewing the differences between Expression-Based Access Control (EBAC), Role Based Access Control (RBAC), and Attribute Based Access Control (ABAC), with a deeper focus on EBAC. 2. What is Expression-Based Access Control? Simply put, Expression-Based Access Control is the use of expressions to write authorization. The phrase Expression-Based Access Control (EBAC) […]

Resource and Dependency Injection in Java EE 7

1. Overview Contexts and Dependency Injection (CDI) is a feature of Java EE that helps meld the web tier and transactional tier of its platform that is included in Java EE 6 and higher. From a technical perspective, what this means is that CDI offers a dependency injection framework and also manages the dependencies’ lifecycle. […]

Authorizing Resources Based On Who Created Them

A colleague of mine pointed me to an interesting question on StackOverflow and suggested it may be a good one for me to answer because of my experience with Spring. The question was, “How to authorize specific resources based on users who created those in REST, using annotations.” The gist of it is this: What […]

Converting HTML to RichTextString for Apache POI

1. Overview In this tutorial, we will be building an application that takes HTML as an input and creates a Microsoft Excel Workbook with a RichText representation of the HTML that was provided. To generate the Microsoft Excel Workbook, we will be using Apache POI. To analyze the HTML, we will be using Jericho. The […]

Intro to Spring Cloud Config Server

1. Overview In this tutorial, we will review the basics of Spring Cloud Config Server. We will setup a Config Server and then build a client application that consumes the configuration on startup and then refreshes the configuration without restarting. The application we are building is the same “Hello World” application discussed in the Centralized Configuration Getting […]