security webapp API Gateway Apache APISIX

Secure your web apps with an API Gateway

API management solutions, also known as API gateways, are a must in the day and age of APIs. However, once you’ve set up such a gateway, you can use it for different purposes unrelated to APIs. Today, I want to show you how to improve the security of web apps. Prevent sniffing Browsers are fantastic pieces of technology that try to make the life of users as comfortable as possible. However, the balance between ease of use and security may sometimes tip on the former to the latter’

webapp Docker Spring Boot

Distributing desktop webapps via Docker

Two weeks ago, we studied how to replace desktop Java apps with Java webapps. Now is the time to think about distributing such desktop webapps. The current trend now is to use Docker. I assume readers are at least familiar with the technology. The most straightforward way is to create a WAR and deliver it inside a Tomcat image. Another option is to create a fat JAR with Tomcat embedded as per the previous post, and run it inside a image with the JRE only. One of the deciding factors is the si

kotlin polyglot webapp

Polyglot everywhere - part 2

Last week, we set up a new project using the YAML flavor of Polyglot Maven. Now is time for some server-side code! As a long time Vaadin advocate, let’s create a very simple Vaadin application. This will have the added advantage to let us hack something on the client-side as well for the last part of this series. As we are fully polyglot, we will avoid the old Java language and use something very cool instead. As I’ve have been to some conferences with its number 1 advocate, I settl

GUI webapp

Reusing front-end components in web applications

In the Java SE realm, GUI components are based on Java classes with the help of libraries such as AWT, Swing or the newer JavaFX. As such, they can be shared across projects, to be inherited and composed. Things are entirely different in the Java EE world, as GUI components are completely heterogeneous in nature: they may include static HTML pages, JavaScript files, stylesheets, images, Java Server Pages or Java Server Faces. Solutions to share these resources must be tailored to each type. Si

manifest webapp

Get the handle on the MANIFEST.MF in a webapp

Code review is part of my job, and you cannot know the crap I’ve seen. Like someone pointed out, it’s also sometimes the crap I’ve written 🙂 In all cases, however, it’s because some developers do not have deep knowledge of how things work: most learnt something (in university or from a senior developer) years ago and don’t challenge this information regularly though technology evolve. Others just google the problem at hand and copy-paste the first snippet in their