Skip to main content

Posts

ANSI-92 SQL Syntax - aka "JOIN" me in software progress!

 I've run into several projects lately that don't use and/or refuse to use the JOIN keyword/syntax.  I've had conversations in these projects to help people understand that, but I wonder why this is not more common across SQL database projects.  This standard is not new, and it more easily defines the join section vs the WHERE/filter section, so it has good benefits.  So far, the only reason I have heard to not use it is "we just don't tend to do that here."  This makes me sad. I hope to continue evangelizing small changes like this in my projects, be it JOIN, use of functional programming, listening to IDE feedback (great static analysis checking... available before you ever even push!), etc.  There are so many small things that help make software easier for everyone, I think.
Recent posts

Generating JKS Keystore for SSL/TLS

I have done this and forgotten how to do this too many times... so here are some quick references for myself.  https://stackoverflow.com/questions/11952274/how-can-i-create-keystore-from-an-existing-certificate-abc-crt-and-abc-key-fil or... this: openssl pkcs12 -export -in <CRT_FILE>.crt -inkey <KEY_FILE>.key -out <OUTPUT_P12_FILE>.p12   keytool -importkeystore -srckeystore <OUTPUT_P12_FILE_FROM_ABOVE>.p12 -srcstoretype PKCS12 -destkeystore <KEYSTORE_FILE_NAME>.jks -deststoretype JKS

Functional and Idiomatic Kotlin

I've been programming in Kotlin for many months now, and there are a couple things I have noticed when working with others in a Kotlin-based project:  I greatly prefer Kotlin to Java.  Kotlin can quickly turn back into Java when people are not careful.  I do not claim to be a Kotlin expert. I do know that Kotlin was designed to be both more functional and idiomatic than Java out of the box. Because of this, I've decided to spend some time reviewing the Kotlin documentation again. Now that I have spent a good amount of time working in Kotlin, I think the documentation can help me become better about writing idiomatic Kotlin in particular. I've already spent enough time becoming familiar with functional programming; I am comfortable with mapping, various kinds of reducing, etc. Kotlin's scope functions , however, remind me that functional is not just about basic tools; it is also about expression, keeping code ever more DRY, and idioms that help other developers unde

Gmail internal application, Two-Legged OAuth2, Server to Server authentication, and Google API versions

I am working on a little tool at home in my free time to put some skills into practice.  The general idea (nothing novel) is this: I have some financial alerts sent to a new email address I have spun up on my domain.  I am creating an AWS Lambda that will wake up on an hourly schedule, read those emails, and publish SNS messages with parsed financial transaction information.  I then will have an SQS queue listen to the SNS message topic that is consumed by a Step Function.  The Step Function will: store the financial transaction information into a database send an SMS to me if the transaction is above a certain threshold. I could later extend this to do some aggregation reporting, etc if I wanted, too.  This will only work for my own financial transactions, and the data being gathered/stored will be sufficiently vague, so I am not really concerned about financial security for this project. The biggest hurdle I have run into so far is connecting to Gmail securely.  I was ab

Spring Security - Authority vs Role

I have spent a lot of time recently trying to understand the difference between Authority and Role in Spring Security.  This is a brief review of what I found. When creating a UserDetailsService or overriding configure(AuthenticationManagerBuilder auth) in the security config class that extends WebSecurityConfigurerAdapter, I basically get complete control over what I populate inside of the UserDetails that is used/returned.  This is important because the UserDetails interface really only cares about how to return one thing: Collection<? extends GrantedAuthority> getAuthorities(); A GrantedAuthority just seems like a glorified String wrapper that names some thing.  The question is... what is that thing? This is where the subtle difference between Authority and Role comes into play. I think that Role is an older thought/construct that automatically gets plugged into Authority if we just create a user with a Role.  But completely forget about the code and classes for a mi

Spring Security 5 Updates

I've got a bit of time between projects, so I've decided to brush up on Spring Security, as it has been a while since I've tried to follow updates. The first thing I noticed is that when playing around, Spring 5 really doesn't want you to deal with plain text passwords.  This is completely understandable; plain text passwords are BAD and cause bad things to happen in the real world.  Unfortunately, if I'm just trying to play around with the security framework, this can make things a bit clunky.  I've learned there are two ways to work around 1. Do simple inMemoryAuthentication after explicitly calling User.withDefaultPasswordEncoder() to allow plain text passwords while just playing around. 2. Roll a simple/custom UserDetailsService for configure() to use that knows the password doesn't get encryption by prefixing "{noop}" to the password text. (Thanks to ever helpful mkyong for this.)

React - First Impressions

I've been using React for a personal project, and I am delighted to say that I overall enjoy using it!  While I don't think I'll ever be a strong front end developer (I am much stronger in and really prefer backend development), it is nice to know that I have some front end chops that won't leave me unhappy. Working with React feels very natural to me.  Creating stateful components that are then composed with props and JSX is very similar to creating stateful objects in java, and the main thing to know is that we are extending a Component, and we are overriding render() and other related methods in order to show components the way we want to show them.  The other lifecycle methods get a little tricky here and there, but everything seems to be well documented, and there is tons of community support for problems. I haven't quite built something so sophisticated that it needs a separate state management module yet (read: redux).  I don't think I will go that di