Blog

Generating Certificate Fingerprint for Filebeat

For the purpose of ElasticSearch and Filebeats in particular. The documentation at Elastic does not go into much detail as to what the property ‘ca_sha256‘ is or how to generate it. The only remark they make is The pin is a base64 encoded string of the SHA-256 of the certificate. Not only is this not informative, but also misleading. So the correct way to generate this is via openssl. The correct way is described in Read more…

Session JDBC Effect on Scheduling Thread Pool

When @EnabledScheduling annotation is visible in the context, Spring Boot’s Autoconfigurers usually create two Thread Pools ThreadPoolTaskExecutor ThreadPoolTaskScheduler As their names imply, the Task Executor is used for executing tasks, while the Task Scheduler is used to run scheduled tasks – such as those annotated with @Scheduled. The size of this scheduled-pool is specified using the ‘spring.task.scheduling.pool.size’ property – set to ‘1’ by default. The scheduled pool is autoconfigured on condition that no other relevant Read more…

Controlling JDBCSession Timeout

You might have noticed that Spring Boot’s server.session.timeout does not apply if JDBCSession library is autoconfigured. Which means, the standard way to set default session timeout no longer applies. The appropriate way to set the timeout in this case is through the @EnableJdbcHttpSession annotation’s maxInactiveIntervalInSeconds like so. This is fine if you don’t mind moving the config magic values into the code, however all our properties are injected through a secrets and property management solution, Read more…

Preventing Session Timeout Extension in JdbcSession

Among other things, Sessions are an important aspect of application security and establish a realm of trust between the end user and the application. I won’t be going into the details of JSesson here, nor the background of how Spring manages sessions. More information on Spring Session can be found here. Sessions of course timeout as part of security mechanism. The timeout, specified as maxInactiveInterval attribute of HttpSession) is specified by the application or business Read more…

Photo by Matej from Pexels

No-Cost SSL in EasyWP with Let’s Encrypt

In the year 2020, having a secure connection to your website in imperative. It shows your guests that you care about their data and privacy and an ‘https’ connection with the ever-familiar ‘lock’ icon establishes a sense of safety and trust with your guests. SSL certificates, however, are still expensive. This is where Electronic Frontier Foundation’s Let’s Encrypt initiative comes to the rescue. By issuing free SSL certificates for everyone, their goal is to have Read more…