Category: Code

For all that is related to development

Expressing intent using fluent code

Book with its story items coming alive

As professional developers, we constantly try to make our code readable for all to understand. We use the term “fluent code” to describe that line of thought. But beginners may find that a bit of an abstract notion… In this post I propose you to examine a concrete case I have recently encountered, and one solution for turning that bit of code into something I am proud(er) of.

Strong random number generation hangs on Linux machines

Dices making a random number

You’re working on a new project, which uses a framework requiring strong random number generation. Typically, this could be Spring Security’s BCryptPasswordEncoder. You run your application on a Linux machine: your local Linux Mint for development or some Ubuntu Server instance, for example. And then… nothing happens. The application seems to be hanging! What gives?

OpenPGP: no, it’s not broken yet

A picture of a digital lock

You may have noticed: encryption has received some bad rap lately. I’m talking about Efail and SigSpoof of course, two flaws that impacted OpenPGP-based applications such as GnuPG, Enigmail, etc. Does it mean that OpenPGP is broken?

From stateful to stateless RESTful security using Spring and JWTs – Part 4 (JWT-based authentication)

Previously we have managed to finally get rid of that Session object and transform our RESTful API security to leverage a stateless authentication solution. We replaced our beloved JSESSIONID with a simple string of text, a token, that allowed us to identify a user. But the solution we used is not secure at all. We still need to find a token with the right characteristics to be safe enough in this world of leaks and breaches. Enter JWTs…