Security in MongoDB is relatively young in terms of features and granularity. Interestingly, they indicate that a typical use case would be to use Mongo on a trusted network “much like how one would use, say, memcached.” MongoDB does NOT run in secure mode by default. As it is, the features that are available are standard, proven and probably sufficient for most use cases. Here’s a quick summary of pros and cons. Pros Nonce-based digest for authentication Security applies across replica set nodes and shard members Cons Few recent replies on security wiki......
Continue Reading
I’ve been refactoring an application recently to move away from a proprietary and inflexible in memory datastore. The drawbacks of the proprietary datastore included the fact that the content was static. The only way to update data involved a build and replication process that took much longer than the stakeholders were willing to wait. The main selling point in favor of the in memory datastore was that it is blazing fast. And I mean blazing fast. My choice for a replacement datastore technology is MongoDB. MongoDB worked great, but the profiling and performance......
Continue Reading
The information below was delivered to one of my programmers as direction for how to implement a rather big change in an existing software product that I sell. I thought it was potentially useful to a broader audience, so I’m posting it here: …The rest of this is rather complicated to explain online. I’ll do my best. I’m going to look at this in a simplistic way and let you work through the details. First imagine that we have an Authorize.net processing class based largely on their API. class AuthnetProcessAIMPayment { protected $apiKey;......
Continue Reading
One of my applications runs on a large assortment of hosts split between various data centers. Some of these are redundant pairs and others are in load balanced clusters. They all require a set of identical files which represent static content and other data. rsync was chosen to facilitate replication of data from a source to many targets. What rsync lacked out of the box was a reporting mechanism to verify that the collection of files across target systems was consistent with the source. Existing solutions Before designing my solution, I searched for......
Continue Reading
Last week I completed three days of training and took the certification test for Scrum Master. About 70 percent of the material was rehash, but I did pick up a few new bits during the training. Lately I’ve been reading Speed of Trust and so the effect trust has on the Scrum process kept coming to mind. I can see how trust between the Product Owner and the Development Team is a strong influencer to the success of Scrum. For example, the Product Owner has to prioritize the backlog and trust that the......
Continue Reading
Several years ago I hosted with webfaction for about a year. I was drawn to them at the time because they allowed SSH access and I could run Java applications on my account. Those were not common features available under shared hosting at the time. I didn’t end up deploying any Java applications and the PHP sites I did deploy routed through webfaction’s nginx to PHP configuration which frequently failed. That meant that many visitors to my site saw nginx errors rather than my web page. When they couldn’t resolve the issue I......
Continue Reading
Today I needed to install subversion on a Linux host on which I don’t have root access. With root access the install would have been very simple. However, I couldn’t find a good tutorial showing how to go about installing the software just for the local user. This post goes through how I did that. Requirements Subversion relies on several third party libraries. Some of these may already be available on your server. Others may not be, so you’ll need more than I show here. What I provide should give you a roadmap......
Continue Reading
Recently I was debugging a REST client class in Java. The service I was calling simply returned that the request was incomplete. Without access to the service logs and without more meaningful feedback from the service, I decided to create an echo script that would allow me to see exactly what my REST client was sending. For simplicity I used a LAMP installation on Ubuntu running inside virtual box on my Windows 7 development machine. I could have installed something like WAMPServer, but I prefer to leave my machine as clean as possible.......
Continue Reading
Welcome to Boise Code Camp, 2012. This year I decided to present on MongoDB. In a previous presentation on MongoDB and some video training I cover installation and configuration and using replica sets. For the code camp this year I explore some of the differences between schema design for a relational database and schema design for MongoDB. You can copy and paste the commands below directly onto the MongoDB command line to follow along. To begin with, it’s important to know how to get help and see what databases and collections are available.......
Continue Reading
In a previous article I demonstrated one way to create a RESTful interface using a plain Java Servlet. In this article I wanted to extend that to include JSON serialization using Jackson. I found a very simple article showing a basic case mapping a POJO to JSON and back again. However, when I copied this straight over I got the following error: org.codehaus.jackson.map.JsonMappingException: No serializer found for class DataClass and no properties discovered to create BeanSerializer (to avoid exception, disable SerializationConfig.Feature.FAIL_ON_EMPTY_BEANS)org.codehaus.jackson.map.JsonMappingException: No serializer found for class DataClass and no properties discovered to create......
Continue Reading