The new Certification Class of REST With Spring is out:


1. Java and Spring

>> Too Fast, Too Megamorphic: what influences method call performance in Java?

I’m starting this weeks review with a very solid analysis of various types of method invocations in Java, and the performance characteristics of each. This is an in-depth read but very much worthwhile to get a deeper understanding of the Java runtime.

>> Two-factor Security With TOTP

Two-factor authentication is getting more and more prevalent, and for good reason – it greatly improves the security of your system. It’s great to read that implementing this auth strategy is not only doable, but really not that complicated.

I’m hoping to have the chance to implement this for a client using Spring Security and the Google Auth app – it would make for a good article.

>> Java 8 Friday: Language Design is Subtle

Discussion on some of the Java 8 design decisions such as having default methods versus, for example, Scala traits. A reminder that language design is nuanced and a lot of factors play into it – overall, a great addition to the Java community.

>> Writing Clean Tests – Naming Matters

An in depth discussion about naming in tests – it can serve as a good point of reference for choosing to name your tests artifacts, even if you don’t actually follow all the conventions the article lays out.

>> SpringOne2GX 2013 Replay: inside and out

This recording is all about Project Sagan and the new (well, new-ish) website – all very meta and all built in Spring.

>> SpringOne2GX 2013 Replay: Getting Started with Spring Security 3.2

Yes, Spring Security 4 was announced recently, and yes – it looks very interesting. However, if you’re looking to get started with Spring Security, 3.2 is the way to go – this is a quick video that should get the ball rolling.

3. Technical

>> ParallelChange

API design is a beautiful thing – here’s an useful process to keep in mind whenever you’re making a backwards incompatible change in an externally published interface.

>> Goto Fail, Heartbleed, and Unit Testing Culture

This article puts forward an important premise – the latest major security issues of 2014 – the GOTO Fail and Heartbleed – could have been easily avoided if the developers were practicing unit testing. Be warned – the article is very long and in-depth – actually going over the tests themselves and showing exactly how the bugs could have been avoided.

>> Is TDD Dead? (the recording)

>> Is TDD dead? [Part II]

The initial “Is TDD Dead” hangout recording and the next one (happening today, on the 16th of May).

The first was OK and spurred a lot of discussion online about the value and practices of TDD, and testing in general, and I’m hoping that the second discussion is going to go a little more in depth.

4. Musings

>> The Low Quality of Scientific Code

If you’ve ever seen scientific code, you know how it looks, you know you don’t want to touch it and you know you couldn’t change it reliably if your life depended on it. If you’re interested in that area, of if you were ever frustrated working with a library such as Mahout – this is why.

>> Passwords Are Evil

An interesting quick read on password alternatives – which goes well with the article above discussing Two-Factor Auth. As an industry – this is definitely the direction we’re moving towards.

Go deeper into building a REST API with Spring: