my blog. for you.

Let’s talk digital.

I’m an independent IT consultant and entrepreneur in the Internet and software business. I’m interested in design, enterprise applications, web apps and SaaS products. I design and develop business solutions and applications. I help companies in terms of software quality and knowledge transfer, e.g. with Angular and Spring Boot.

endoflife.date – Dataset with End-of-life Dates for Products

Recently, I came across endoflife.date, which is a quite useful database of product end-of-life dates. While it also includes hardware products (e.g., various iPhone models), its current main focus is software products, in particular those used in (enterprise) software development, such as Java, Spring, or Angular, or infrastructure and runtime environments like Docker or the Apache HTTP Server. A comprehensive, searchable collection of lifetimes for library and framework versions can come in handy when assessing - and potentially improving - the future ...

Clearing the Spring Security Context During Unit Testing

Last week I wrote about a minimal Spring Security Context setup for unit testing. I'd like to add just a tiny, yet depending on your use case perhaps quite important, tidbit to that: In case you need to reset a SecurityContext setup, e.g., a mocked user authentication, because, for instance, other test methods from the same unit test class verify behaviour for an unauthenticated application state and hence expect an anonymous user, you can clear the SecurityContext (for example, in your ...

Sunday February 27th, 2022 by Bjoern in Enterprise Software, Software

Minimal Spring Security Context Setup for Unit Testing

Creating a minimal Spring Security setup for JUnit unit tests can be a tedious as well as somewhat daunting task. With its Authentication, Principal, GrantedAuthority, and UserDetails classes Spring Security is extremely flexible and configurable and probably accommodates pretty much every authentication and authorization use case under the sun. However, in software architecture such flexibility often comes at price, the trade-off in this case being that simple use cases can require more implementation effort than one would expect. One such use case ...

Sunday February 20th, 2022 by Bjoern in Enterprise Software, Software

Optimising Docker Image Sizes: “Self-extracting” Node.js Applications

As a follow-up on last week's article on tools for inspecting Docker images, and Docker image sizes in particular, today I'd like to introduce another - more custom - approach for reducing the size of Docker images for production deployments. As a means of shaving off an additional 50 MB from the packaged application in question I came up with an idea somewhat reminiscent of the self-extracting archives of yore (of the WinRAR and 7-Zip flavours, for instance) for reducing the size ...

Sunday February 13th, 2022 by Bjoern in Enterprise Software, Software, Web Applications

Tools for Inspecting Docker Images

Recently, I needed to inspect a Docker image in order to optimize its size for distribution and deployment on an ARM-based industrial microcontroller with rather tight bandwidth constraints. Once deployed at customer sites, these controllers typically don't have an Internet connection but still need to be updated occasionally, via the local network in that case. Since there's no guaranteed minimum network speed in this type of environment, yet software updates still have to complete within a relatively short period of time, optimizing ...

Sunday February 6th, 2022 by Bjoern in Enterprise Software, Software

Stratospheric – 1.4 Released: Migration to AWS CDK v2 🏗

On Tuesday this week, we released another update of Stratospheric - From Zero to Production with Spring Boot and AWS, which includes these changes and updates: The AWS CDK (Cloud Development Kit) project, which we use to manage and deploy our AWS infrastructure, moves fast. Last year in December, AWS announced that the CDK v2 is now generally available. As one of our main goals for Stratospheric is to stay up-to-date with the latest tools and frameworks, we took the effort to update ...

Sunday January 23rd, 2022 by Bjoern in Enterprise Software, Software, Web Applications

Revisiting More Popular Posts: Angular Development Environments & Analysing the Complexity of Angular Apps

Just a few weeks ago, I revisited two of the most popular posts on this blog. Continuing my blog housekeeping efforts, this time around I'd like to point you to two more blog posts that have been quite popular in recent years. If you're working on at least moderately complex Angular applications, these articles might be of interest to you: Running A Local Angular Development Environment Behind A Spring Cloud Gateway Service Analysing the Complexity of Angular Apps

Sunday January 16th, 2022 by Bjoern in Enterprise Software, Software

A Major Update for MailTrigger – A Simple HTTP-based Email Notification Service

A few days ago, I've made major updates to MailTrigger - a tool that allows you to asynchronously send emails using an HTTP API. I originally described MailTrigger and the rationale behind that tool in this article: MailTrigger: A Simple HTTP-based Email Notification Service To summarise: While there's no shortage of libraries, APIs and services that help with one or more aspects of this requirement there's no simple yet comprehensive solution that covers everything from triggering an email event, managing the content of different ...

Sunday December 26th, 2021 by Bjoern in Enterprise Software, Software

The Recent Log4j2 Vulnerability and How to Address it in Spring Boot Applications

By now, you probably will have heard about the Log4Shell 0-day exploit in Log4j 2 already. Since this is relevant to every Java developer and potentially every Java and hence - by extension - every Spring Boot application out there, I'd like to address this issue and how to mitigate it in Spring Boot applications. When using the default settings without any other dependencies, Spring Boot applications in general won't be vulnerable because Spring Boot uses Logback in its starter dependencies. However, if your ...

Sunday December 19th, 2021 by Bjoern in Enterprise Software, Software, Web Applications

Aaron Parecki – Why Do We Really Need OAuth Anyway? @ beyond tellerrand Düsseldorf 2021

At this year's beyond tellerrand Düsseldorf IndieWebCamp co-founder and OAuth consultant Aaron Parecki gave a talk about OAuth, why we need it, and how we can use it to simplify authentication and authorization in web applications: Aaron Parecki - Why Do We Really Need OAuth Anyway? - beyond tellerrand Düseldorf 2021 from beyond tellerrand on Vimeo. Aaron also provides a guide to building an OAuth 2.0 server and a video course titled "The Nuts and Bolts of OAuth 2.0".

Sunday December 5th, 2021 by Bjoern in Enterprise Software, Software, Web Applications

Björn Wilmsmann

my blog. for you.

Let’s talk digital.