Going PasswordlessJuly 28, 2022

Passwords are a hassle... they get guessed or stolen. Humans tend to reuse passwords which, on top of that, often lack security. Secure in this case means complex enough to not be easily guessed. However, complex passwords are usually hard to remember. Also, one has to remember numerous passwords already. There are password managers, but they do not really solve the issue. They merely provide tool-support for managing the ever growing number of passwords and issue warnings if the user is reusing a password all too fondly. There is an alternative, which is convenient for users and very secure. In this blog article, we will describe how we became passwordless.

Keep Reading →

SAPUI5 Web Components in AngularJuly 19, 2022

Web components are basically custom HTML tags that are defined in JavaScript code and are reusable. They offer the great advantage that they can be used in any frontend framework or technology. Angular provides support for web components and custom elements. But sometimes we wish for deeper integration with the high-level APIs that Angular can provide us. In this post, we will show how we can use Angular Directives to extend SAPUI5 Web Components to work seamlessly with Angular Forms.

Keep Reading →

Access Control with Traefik and Client CertificatesJanuary 20, 2022

Assume you have a personal Wiki which you host yourself as a Docker container. You may want to restrict access to the wiki, so that strangers cannot access it. One, very obvious way, is of course enabling username and password checking in the software itself. Another way would be to limit network access to the wiki. In this article, we will demonstrate how to set up client certificate checking in Traefik, in order to allow access only users with a valid client certificate.

Keep Reading →

Retrieving Vault Secrets Using GitLab TokensJanuary 20, 2022

One of the lesser known features of GitLab is the generation of Java Web Tokens (JWT) during job build time. These tokens are generated in the community edition of GitLab, too. They present a sufficiently secure proof of origin so they are ideal to gather and use secrets from other sources... Enter Vault!

Keep Reading →

Continuous Deployment Revisited - Making Docker Containers Accessible with Traefik 2.xFebruary 11, 2021

In earlier blog posts, we've already discussed how we can make Docker containers accessible on the web using the Traefik cloud native edge router. Since then, Traefik has leapt a major version forward. Its configuration has changed, and it has learned some new tricks. So, it is time to talk about it again. In this post, we will show how to make Docker containers available on the web including Let's Encrypt registration.

Keep Reading →

Modern Frontends - Art, Architecture and AutomationMarch 06, 2020

Frontends liegen sowohl im Fokus von Ästhetik und User Experience als auch effizienter Produktion. "Kunst oder Funktion?" fragen sich Frontendler, Backendler und Product Owner gleichermaßen. Wir gehen typischen Reibungszonen auf den Grund, zeigen, wie Frontends architektonisch organisiert werden können und zugleich gestalterische Freiheit erhalten, welche Bausteine dem Designer nützen und welche für Micro-Frontends praktisch sind, und stellen Automatisierungs-Möglichkeiten von Scaffolding über Generierung bis zum generischen Frontend vor.

Keep Reading →

Building A Simple Prometheus ExporterAugust 26, 2019

Prometheus and Grafana team up nicely to collect and visualize various monitoring data. But at times you need to monitor also entities that do not provide proper monitoring capabilities by themselves or you do only have limited access to. Quickly setting up a Prometheus exporter from those existing building blocks would come in handy. Here‘s how to do this.

Keep Reading →

Continuous Deployment Pt. 2 - Deploying Docker Containers with Ansible from GitLabAugust 20, 2019

Let us assume, you have a GitLab running somewhere and another server, you want to deploy Docker images to. There a things that need to be taken care of. Maybe you want to deploy the same software in parallel (think of test systems, for example), maybe you need to orchestrate not one but many docker images into one working system? Also, the target system is probably somewhere "remote" and you want to use a secure channel to deploy your software.

Keep Reading →

Continuous Deployment Pt. 1 - Making Docker Containers Accessible with TraefikAugust 10, 2019

Imagine you have a piece of software you want to make accessible on the internet and that the software is packed as a Docker image. Imagine further, you want to (re-) deploy the software often, under a specific sub-domain, with a Lets Encrypt certificate, and maybe you require a simple form of access control. Once you have discovered how to do all of this painlessly, you want to repeat the process not for just one piece of software, but a bunch of it. Rinse and repeat.

Keep Reading →

Pagination and sorting for REST interface with SpringJune 19, 2017

Spring Data Rest has the ability to generate a CRUD REST layer based on Spring Data Repositories and their entities. This works quite nice and also includes an approach for pagination and sorting of the results. When the automatically created interface does not fit your needs and you are not able to configure it in the way you want it might makes sense to retain the pagination approach in manual implementation.

Keep Reading →

Micro service setup with Spring Cloud NetflixJune 17, 2017

There are many many ways how to set up a micro-service based application. The following article demonstrates how the Spring Cloud Netflix libraries can be used in order to build such an infrastructure. Besides the Spring stuff Hazelcast is taken as technology for session distribution.

Keep Reading →

Using Docker in JenkinsJanuary 19, 2017

Docker can be used nicely within your CI process in order to build and test your application in a real isolated environment. Gitlab (CI) integrated this possibility natively within the build as soon as you have configured it properly. Unfortunately, Jenkins does not offer this functionality out of the box. There are some plugins available that try to provide Docker related functionality but I was not able to set them properly and I needed an immediate solution. Hence, in the following I demonstrate how to set this up by hand.

Keep Reading →

PostgreSQL, JSON and HibernateDecember 08, 2016

NoSQL databases are hip these days. But good old relational databases can also be quite nice and even nicer databases systems like PostgreSQL have super-nice features, like JSON support, effectively allowing to store documents NoSQL-like without losing the advantages of relational databases.

Keep Reading →

Serving files with JAX-RSJuly 08, 2016

Although it is a very common requirement, serving files with Jax-RS can be challenging. Especially, if you want to provide media files like MP3s or videos and you expect e.g. chrome to be able to seek through these files, then you must support range requests. Furthermore, you want to avoid to load a whole file into the memory each this file is requested. In the following it will be described how to serve files with Jax-RS. (If you do not want to use Jax-RS there is also a widely used implementation of BalusC directly implemented in a servlet.)

Keep Reading →

Process management with dockerApril 15, 2016

Docker starts one process, only. So if you want to put an application in a docker container which requires more than one process, you need to manage the processes yourself as processes may exit or crash unexpectedly. Supervisord is a toll which will help in these events. Here's how to use it.

Keep Reading →