Basic authentication in Spring Boot

Today we want to present you a very simple mechanism to secure your API using an authentication mechanism known as basic authentication, described in this RFC. The implementation is very simple: a servlet filter that intercept calls and reads the authentication header, decodes it and compares with value set in the properties file. As always, […]

Load service configuration details from AWS S3

Recently, we worked on a microservice that handles many queues for retrying failed tasks, each having different configuration properties. Until we calibrate our application, we had to adjust those configuration properties almost daily and that was quite painful for us: code changes, code review, deployment and tomorrow from the beginning. In order to make our […]

What Beanstalk environment tier is the best?

Recently we were involved in a debate: if my service processes messages from a queue, is it better to create a worker environment or a web tier environment? Without pretending that there is only one correct answer, we argued that is better to create from the beginning an environment that has a web server behind. […]

Distributed locking with AWS ElastiCache

It’s been a long time since we published an article about how to integrate AWS SWF in your microservice in order to have a mechanism for distributed locking. Distributed locking is a feature necessary in certain situation when one and only one entity from a mass has to perform a given task like generate a […]

How logging could kill a microservice

The story we are going to tell is about a recent event. But is something that could have had very bad consequences and for that we want to share it with you. Recently one of our collaborators called us complaining that in a microservice he has, from time to time “one host is going crazy”. […]

Limit accepted requests using AWS ElastiCache

Let’s say you build an awesome service that exposes several APIs. We know: your service is scalable, robust and so on. But it cannot handle traffic spikes (5-10x) without being overscaled. And if it can, this is very expensive. A solution could be to reject calls that exceeds some limits, like calls from an IP […]

Get notifications when a change occurs to your Beanstalk environment

Elastic Beanstalk gives you the possibility of receiving notifications via email when a change occurs to your environment: new instances added, environment health modified or a different artifact is going to be deployed. As when we talk about security, there is never enough monitoring. 🙂 In order to enable this, the simplest setup is to […]

How to secure for free your endpoints with AWS

This post continues the series launched long time ago with the first article about microservices. Supposing you have the best microservice ever that is deployed with Elastic Beanstalk. It has one or more endpoints that by default communicates through HTTP protocol. Let’s see how to add the security layer without any cost and without too […]