Mockito & Co!

It’s been a while I didn’t post anything… Today I’m back with Mockito 🙂 I played with it on my project and I learn some stuff… Ok, it’s mainly because I had some errors in my tests but still… It’s always good to share even if I am the only one who use this samples!… Continue reading Mockito & Co!

Implementing CSRF protection with Angular-js

After 2 articles on the security, I continue with the set up of the CSRF protection using Spring security. The main idea behind is to prevent some one else to create (forge) a request without our authorization. Imagine that a page uses JavaScript to send something like https://my.bank.com/pay/15000/cayman_account, if you are connected to your bank… Continue reading Implementing CSRF protection with Angular-js

Angular-js and Restful web services access

Following my previous article about the integration of Spring Security with web services, I will now explain how I integrate it with an Angular-js project. For that purpose, I am a little bit lazy and I use a project I already written instead of building a completely new one. The project is a “funny” pet-store… Continue reading Angular-js and Restful web services access

Securing Restful web services using Spring-Security

After several months of silent, I woke up… With some security interests! The security is a common requirement on many web projects, and fortunately, Spring helps us to implement it. The most common way to do it is just defining a set of rules and letting Spring manage the login and so on. In this… Continue reading Securing Restful web services using Spring-Security

Oracle proxy user with Spring

The standard solution to manage the database connections in a web application is to let the server manage it, and use Spring to inject it wherever it is needed. By doing so, we can let also the transaction management to be done by a third party API, Spring fits perfectly this need. But this option… Continue reading Oracle proxy user with Spring

Multithreading and Spring Security

I manage a Spring project where I need to create a new thread to launch an asynchronous task. This project uses Spring Security and an Oracle proxy user (I will describe it in a future post), which means that, for each starting transaction, a call is made to the security context to get the current… Continue reading Multithreading and Spring Security

Define Restful web services using Spring

In one of my project, I had the difficult decision to switch to another technology: I replaced JSF with Angular-JS. Our goal was to speed up the development by removing the painful part implied with JSF, as a lot of server requests to manage, some view state issues, the refresh management, the need to implement… Continue reading Define Restful web services using Spring

Define configuration file outside of the classpath

Here I describe the way I use to configure my applications. The main idea is to define a property file outside of the application, doing this, it is possible to deploy the same application in several environments (dev/test/prod) without any changes. First of all, the property file: net.classnotfound.app.jdbc.server=db-server net.classnotfound.app.jdbc.port=1521 net.classnotfound.app.jdbc.sid=xe net.classnotfound.app.jdbc.user=scott net.classnotfound.app.jdbc.password=koala The tips is… Continue reading Define configuration file outside of the classpath

Spring MyBatis configuration

Here I describe the project configuration to use MyBatis as ORM and benefit of the transactions management provided by Spring. For that, we have to add the MyBatis-Spring library to the basic MyBatis. First, the Maven POM is like: <dependency> <groupId>org.mybatis</groupId> <artifactId>mybatis</artifactId> <version>3.2.3</version> </dependency> <dependency> <groupId>org.mybatis</groupId> <artifactId>mybatis-spring</artifactId> <version>1.2.1</version> </dependency> And now, the Spring configuration file… Continue reading Spring MyBatis configuration

ThreadLocal usage

The ThreadLocal is very helpful to keep some information available from anywhere in the application but it is very important to release it when the process ends, otherwise, the resource will never be free and can cause a memory leak. Here is an example of using TheadLocal to store data in a web application. I… Continue reading ThreadLocal usage