Trifork Blog

Using Spring Session for concurrent session control in a clustered environment

3 Comments

For a long time, Spring Security has provided support to limit the number of sessions a single user can have concurrently. This prevents users from being logged in from many different devices at the same time, for example to ensure that they won’t share their credentials to a paid site with their friends and family.

My former colleague Quinten Krijger has blogged about this feature beforeNote the last paragraph, which explains how this support is limited to single-node applications.

Although running on a single node may suffice for many applications, there are plenty applications running in a clustered environment that should be able to benefit from concurrent session control as well. As hinted in the aforementioned blog, this requires both implementing a custom SessionRegistry as well as ensuring that expiring a session is propagated to all nodes in the cluster.

This is exactly what I’ve done recently using Spring Session, a framework that allows you to take control over managing sessions using a shared external registry like Redis. In this post I’d like to walk you through the code, which can be found here: https://github.com/jkuipers/spring-session-concurrent-session-control

UPDATE:

Based on the code I wrote for this blog I’ve opened a pull request for Spring Session. That request is scheduled for inclusion in Spring Session 1.3, but the code works just fine with the upcoming 1.2 release and removes the limitation of not providing an expiry notification after exceeding the maximum number of sessions.

Read the rest of this entry »

Posted in: Custom Development | Spring

GOTO Amsterdam – The ideas behind the program

2 Comments

We recently had our program release party with Jim Webber, where we published our program for GOTO Amsterdam 2016. Over the last weeks we filled every missing spot and the exciting program is now complete. But we haven’t shared our thoughts on the program decisions itself.

Read the rest of this entry »

Posted in: Custom Development

GOTO Nights Amsterdam, Join & Learn!

No Comments

As an introduction to the GOTO Conference in June, we organize a monthly meetup to introduce you to the topics of the conference. These meetups are called GOTO Nights and are totally free to attend and food and drinks are included.

At the start of the GOTO season we gather together to decide which topics are interesting for developers to learn more about. For these topics we try to find the best speakers for the conference and for the GOTO Nights.

Read the rest of this entry »

Posted in: Agile | Conference | Education | General | Internet of Things | Knowledge | Spring

From The Trenches: LoRa, LoRaWAN tutorial with the LoRaBee

No Comments

Once in a while you stumble across an interesting technology which is an enabler of new solutions, and new business cases. At Trifork Eindhoven we believe LoRa / LoRaWan might be such a technology. We are currently working on several Internet of Things solutions which could directly benefit from long distance communication, with a low energy footprint.

In this document I will describe the things that I learnt while working with the LoRaBee development kit. I will also provide some basic tutorials on how to set it up, how to start a connection and how to connect it with different platforms.
The hardware that I am using:

  • SODAQ Mbili with Atmel 1284p Microcontroller x 2
  • SODAQ LoRaBee which contains the Microchip RN2483 Module x 2
  • A set of peripherals for data acquisition ( sensors, buttons, LEDs, serial interfaces… )

Quick intro into LoRa

According to Wikipedia:

LoRaWAN (Long Range Wide Area Network) is a low power wireless networking protocol designed for low-cost secure two-way communication in the Internet of Things (IoT). LoRaWANs use of sub-GHz ISM bands also means the network can penetrate the core of large structures and subsurface deployments within a range of 2 km.[1]

The technology utilized in a LoRaWAN network is designed to connect low-cost, battery-operated sensors over long distances in harsh environments that were previously too challenging or cost prohibitive to connect. With its penetration capability, a LoRa gateway deployed on a building or tower can connect to sensors more than 10 miles away or to water meters deployed underground or in basements. The LoRaWAN protocol offers unique and unequaled benefits in terms of bi-directionality, security, mobility and accurate localization that are not addressed by other LPWAN technologies. These benefits will enable the diverse use cases and business models in deployments of LPWAN IoT networks globally.”

The LoRa protocol is based on three types of devices:

  • Class A – LoRa end device, for example the RN2483 that I am using.
  • Class B – LoRa Gateway, which acts like a wireless modem, and is in control of the network and data flow
  • Class C – Network Server. Any web platform which is able to collect and process data.

In the following picture, you can see the typical LoRaWAN network:

NwusuJa2imewHTFDr_Xt-Tl72eJkfbmt4t8yenImKBVvK0kTmF0xjctABnaLJIm9

As you can see, all three classes are required for a fully working LoRaWAN network. In the tutorial, we used two Class A – LoRa devices for a P2P communication; however that is a simple radio transmit/receive between the LoRa modules and not the LoRaWAN protocol.

Read the rest of this entry »

Posted in: Custom Development | From The Trenches | Internet of Things

Spring-AMQP and payload validation: some notes from the trenches

1 Comment

It’s been a while since I’ve written one of our from-the-trenches blogs: that’s mostly because I’ve been very busy in those trenches developing systems for our customers.

This week I completed a Spring Boot-based microservice which is responsible for interacting with some 3rd party SOAP service: its own clients communicate with it by sending request message over RabbitMQ, and the service then sends back a response to a response queue after handling the SOAP response message.

Of course I used Spring-AMQP to build this service. Spring-AMQP supports a nice annotation-based listener programming model, based on Spring’s generic Message support.
That allows writing listener methods like this:

@RabbitListener(queues = REQUEST_QUEUE) 
public DeclarationResponse submitDeclaration(DeclarationRequest request) { 
  // handle the request and return a response 
}

The request parameter here is the result of converting the incoming AMQP message using a Spring-AMQP MessageConverter, after which it is considered to be the payload of the message (even when headers are used in the conversion as well).

The request messages that the clients send have some required fields: without those fields, the service can’t make the SOAP calls. While reading the RabbitListener JavaDoc I noticed that Spring-AMQP allows you to apply validation to message payload parameters by annotating it. When using this, you also have to add the @Payload annotation (which is optional without validation if your method doesn’t have any other arguments), so the result looks like this:

@RabbitListener(queues = REQUEST_QUEUE)
public DeclarationResponse submitDeclaration(@Valid @Payload DeclarationRequest request) { … }

By the way, Spring’s own @Validated (even as a meta-annotation) and in fact every annotation whose name starts with “Valid” are supported for this purpose as well.

Now we can add some JSR-303 Bean Validation annotations to the fields in our DeclarationRequest, like @NotNull, to express our validation constraints.

Read the rest of this entry »

Posted in: Custom Development | From The Trenches | Spring

Elastic{ON} 2016

No Comments

Elastic{ON} 2016 - ViewLast week a colleague and I attended Elastic{ON} in San Francisco. The venue at Pier 48 gave a nice view on (among others) the Oakland Bay Bridge. Almost 2000 Elastic fanatics converged to listen to and talk about everything in the Elastic Stack.

I have been to a lot of sessions. I think the two most important things that I will take home are “5.0” and “graphs”.

5.0

The next version of the Elastic Stack will be 5.0. This means that all main Elastic products (Elasticsearch, Logstash, Kibana and Beats) are having the same version number in all following release bonanzas. This will be easier for all customers and clients.

I mentioned the Elastic Stack. This is a little rebranding of the ELK Stack plus Beats. More rebranding is the renaming of the Elastic as a Service solution Found to Elastic Cloud. I think those are simple but good changes.

Also Elastic created the concept of packs to combine extensions. Most notably the X-Pack will all the monitoring, alerting and security (and more) goodies wrapped together.

More about 5.0 on the Elastic blog.

Graphs

Elastic{ON} 2016 - GraphThe other main take-away are the graph capabilities (Graph API) that will be added to Elasticsearch (through the X-Pack). It is still in an early phase but it looks awesome! It looks very easy to use and it is very fast. The UI is written as a Kibana plugin.

Actually there will be some more Kibana plugins. Managing users and roles via the Security API, for example.

Talks

Off course there were a lot of talks. Common subjects were security and recommendation. Graphs could play an important role there!

Some talks were cool user stories of companies that implemented (parts of) the Elastic Stack. Other talks dove deep into the different Elastic products. Some of those turned out to be a little out of my league. For example the math behind the new default BM25 scoring algorithm.

The talks will be put online in the next couple of weeks. So be sure to check them out! Maybe I will see you next year!

Posted in: Conference | Elasticsearch

Personalised city trip itinerary using integer linear programming

2 Comments

Case

As a research project I have developed an itinerary service. The idea started when I was doing a hackathon with colleagues for the city of Amsterdam (see earlier post). I wanted to recommend an itinerary to a tourist visiting the city of Amsterdam. Furthermore, I wanted to make the itinerary based on the user’s interests to recommend interesting places and activities for him in the city. If the user is interested in modern art for example, the recommendation scores for modern art museums will increase for that user.

The tool divides the duration of the tourist’s stay into separate time slots. For example, a single day could be divided in 3 time slots: morning, afternoon, evening. POIs get a different recommendation score for each time slot they can be visited. The Vondelpark for example could be less recommended on Monday morning because of expected rain or because of expected crowds. On Tuesday morning the Vondelpark could be recommended because of an interesting event or nice weather.

The itinerary tool will try to limit travel time between the recommended POIs (point of interests). In this way the tourist will not waste time on travailing. The user can also set a budget for the entire itinerary.

By taking all these considerations into account the tool should be able to aid the user in making good decisions about which places to visit and when to visit them.

Here is a screenshot of the user interface of the itinerary tool that was created as part of the research project:

image01

Read the rest of this entry »

Posted in: Java

Program Release Party for GOTO Amsterdam on January 21

No Comments

On Thursday, January 21 the GOTO Amsterdam Team hosts a free event to release the program of GOTO Amsterdam 2016.

The Amsterdam Program Committee has been working very intensively to release the schedule for this year sooner than for any other year. This new approach will be implemented for all of the GOTO conferences with the goal to have the program ready half a year before a conference takes place.

This way our participants have enough time to register early and profit from the early bird rates that we offer. This is the most honest and best way to meet our customers. Read the rest of this entry »

Posted in: Custom Development

GO AND BREAK RECORDS!

No Comments

8 days, 7 hours, 39 minutes and 30 seconds!

Go and break records copy

In crossing the Atlantic, I learned a few things that I would like to share with you. First of all, I can tell you that the ocean is really big, with plenty of space for everyone. If you believe that the world is overpopulated and you want to be alone for a while, the ocean is a good place to go. In eight days, we only saw five other ships or sailboats and only for 5-10 minutes at a time. We saw a few dolphins and were attacked by a lot of flying fish. And yes, being slapped by a flying fish is an unpleasant surprise.

Being together with 14 other guys was actually easier than you would expect. They are really great guys, and the long discussions about life and other business during our recovery time were really great.

Read the rest of this entry »

Posted in: Custom Development

Booting your Microservices Architecture with Spring and Netflix: the aftermath

No Comments

On 25 November Trifork hosted a webinar in which I gave a short overview of Spring Cloud and its support for the Netflix OSS stack, focusing on Spring Cloud Config and the support for Netflix’s Eureka, Ribbon and Hystrix.

We’ve been investigating this stack over the last couple of months and are using parts of it in production already: we have found that a lot of the common concerns that you need to tackle as you’re moving into a distributed systems architecture are nicely covered and, in many cases, even abstracted by the Spring Cloud platform. In a typical Spring fashion, this allows you as an application developer to focus more on your business logic while letting the framework handle the concerns related to things like accessing shared configuration, working with service registries, handling failing downstream services, etc.

This blog provides you with background info to accompany the webinar, which has been recorded and can be found on our YouTube channel.
The code has been published on GitHub, as well as the accompanying config repository, in case you’d like to code along with the video.

Read the rest of this entry »

Posted in: Custom Development | Spring