Encrypting your passwords in Java

Q: What are things that you need to use but should not be visible?

A: Air? Sure. And passwords!

Jasypt is a handy library to handle the encryption and decryption for you.

It has great integration with Spring and works well transparently with properties files via EncryptablePropertyPlaceholder.

Advertisements

Caching web content in Spring MVC Annotation Config

I support hosting static web resources (css/js/img/fonts/etc) outside of your web application, in a simple CDN (content distribution network) with a simple application server like nginx.

However, if your infrastructure does not exist, using these configs in your Spring MVC app would help greatly. This WebConfig class is the equivalent to web.xml.

@Configuration
@EnableWebMvc
public class WebConfig extends WebMvcConfigurerAdapter
{
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry)
    {
        registry.addResourceHandler("/resources/**").addResourceLocations("/resources/").setCachePeriod(2592000);  // 30 days for internal
        registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/").setCacheControl(CacheControl.maxAge(365, TimeUnit.DAYS).cachePublic());  // 1 year for external
    }

WebJars is something we are trying out. It packages web resources into JARs and you can use them with maven / gradle as dependencies. I would still prefer CDN, but again, if you don’t have the infrastructure already setup, this seems like a good option.

tested with

Spring 4.2.5-RELEASE

Delaying message with Dead-Letter Exchange in RabbitMQ

You have a message that you tried processing, but say your dependencies aren’t available, and you would like to retry at a later time. So you N-ACK the message with requeue. A N-ACK by default requeue the message to the FRONT of the queue. So it would result in an immediate retry, which is not helpful. RabbitMQ does not provide out-of-the-box delaying mechanism.

To make the delay happen, you can make use of the dead-letter exchange. See the hack in following post:

http://blog.james-carr.org/2012/03/30/rabbitmq-sending-a-message-to-be-consumed-later/