I just released the Master Class of "Learn Spring Security":
At the very beginning of last year, I decided to track my reading habits and share the best stuff here, on Baeldung. Haven’t missed a review since.
Here we go…
1. Spring and Java
>> Oracle Unveils Plan to Revamp Java EE 8 for the Cloud [infoq.com]
The plans Oracle has for the Java EE ecosystem – an important read but definitely not a positive one.
>> Managing your Database Secrets with Vault [spring.io]
This trend of finally getting solid, well-supported management of credentials and sensitive information – is quite helpful to the security of most systems out there.
>> Reactive log stream processing with RxJava – Part I [balamaci.ro]
>> Reactive log stream processing with RxJava – Part II [balamaci.ro]
A good way to get your feed wet with the upcoming paradigm of reactive programming before Spring 5 comes out.
>> JPA providers market share in 2016 [vladmihalcea.com]
Market data is so often overlooked but so very important for understanding an industry.
That’s why I run my yearly survey, that’s why I enjoy reading the RebelLabs reports and that’s why this dataset is significant as well.
Also worth reading:
-
>> JUnit 5 – An Early Test Drive – Part 2 [infoq.com]
-
>> How to use Java 8’s Optional with Hibernate [thoughts-on-java.org]
-
>> Java NullPointerException: The One Tiny Thing That’s Killing Your Chances of Solving It [takipi.com]
Webinars and presentations:
-
>> Escaping the Bikeshed with JSON-API [infoq.com]
Time to upgrade:
-
>> Spring Security 4.1.2 Released [spring.io]
-
>> Spring for Apache Kafka 1.0.3 available now [spring.io]
-
>> Hibernate ORM 5.1.1.Final [relation.to]
-
>> API Mocking Tool WireMock v2 Released with Improved Request Matching and Stub Management [infoq.com]
2. Technical
>> Starting with Cucumber for end-to-end testing [frankel.ch]
An interesting and reluctant adoption of Cucumber with some Spring goodness in there for good measure.
>> Website enumeration insanity: how our personal data is leaked [troyhunt.com]
A good read about enumeration attacks, all in stories. Funny stories about companies acting silly with their security.
>> The Basics of Web Application Security [martinfowler.com]
A solid look at the basics.
>> StatsD vs collectd vs fluentd and Other Daemons You Should Know [takipi.com]
A good, high level overview of the options we have for daemons, when collecting data off a production box.
I’ve personally been using collecd for years – and it gets the job done, but I’ll certainly be looking fluentd after reading this piece.
>> DDD Decoded – Bounded Contexts Explained [sapiensworks.com]
>> DDD Decoded – Domain Services Explained [sapiensworks.com]
I’m thoroughly enjoying this series on the basics of DDD.
Also worth reading:
-
>> New – AWS Application Load Balancer [aws.amazon.com]
-
>> Now Available – IPv6 Support for Amazon S3 [aws.amazon.com]
-
>> Serializability, linearizability, and locality [aphyr.com]
3. Musings
>> Static Analysis and The Other Kind of False Positives [daedtech.com]
Wrangling a large codebase with static analysis tools often comes down to the art of tuning the tool to keep enthusiasm up – for both you and your team. To many warnings and the problem looks to large. To few and you’re not seeing enough.
Of course, with a bit of discipline and experience, you can get to more manageable codebase if you keep at it.
>> All Libraries Should Follow a Zero-Dependency Policy [jooq.org]
A very good point, event though it’s sometimes easier said than done.
>> Can’t you make the team work harder? [dandreamsofcoding.com]
A balanced and thoughtful approach to management – lots to learn from here, whichever side of the table you happen to sit.
Also worth reading:
-
>> Code Reviews At Disy – Where We Were and What We Wanted [codefx.org]
-
>> Continuous Delivery and user interface-driven test automation: does that compute? [ontestautomation.com]
4. Comics
And my favorite Dilberts of the week: