Online ‘learning-by-doing’ courses I attended – was it worth the money?

22 10 2016

There are more and more online courses available. The ‘Learning by doing’ are in my particular interest. Here I want to:

– list the courses or sites I attended and write a short summary

– know the same from your side – feel free to add your thoughts on online courses.


Where I have been

Znalezione obrazy dla zapytania linux academy

About: Linux Academy is about the Ops part of software development. It teaches basics and advanced concepts of clouds, infrastructure automation, containers and so on.

Good? yes. Currently I am during the Ansible course and I recommend it.

Why? There are short lectures and so called ‘server lab’ where you can create up to six cloud servers and do all the exercises on them.

Why not? n/a


Code School

About: For learning web development (HTML, JS, CSS). Starting from real basics to advanced Topics.

Good? yes. I did HTML, JS and CSS (partially also git). JS starts from real basics but ends with quite important advanced topics.

Why? You have code editor online, so you do all the exercises online, have instant feedback

Why not? Maybe first you’d like to try CodeAcademy (below) which is free.


About: For web development basics

Good? yes, as a starting point. If you need more advanced topics, go to CodeSchool

Why? Its free and good. Exercises and course is held in a browser

Why not? if you need advanced topics, go to CodeSchool.


Znalezione obrazy dla zapytania industrial logic

About: Courses teaching Design Patterns, Refactorings, Code Smells detection for Object Oriented Languages. Advanced topics for practitioners.

Good? yes. The exercises you do on your IDE with their plugin installed. Plugin traces all your steps on doing the exercises and provides you with the feedback assessing not only your result but also the style you’ve reached it – I liked the feedback

Why? Practical application of refactoring techniques, Design Patterns with automated IDE refactorings / shortcuts

Why not? very expensive!


Znalezione obrazy dla zapytania coursera

About: various set of courses, not only for developers. I did only the Scala course there.

Good? yes, but probably depends on course. Scala course was well prepared, with practical exercises in your IDE

Why? free site, with a lot of courses. You can always start doing one. Coursera has schedule so encourages you to regular attendance

Why not? n/a


Where I haven’t been

Treehouse, lynda, pluralsight, edX. But are they even interactive courses or just a set of video tutorials? Let me hear from you!

Spring: Securing REST API with BasicAuth

23 07 2016

The simpliest, yet effective way to secure Spring REST API is to use Basic Auth. I’m going to show how to do it with Spring Security.


Basic Auth is stateless (no need to manage sessions) and simple to implement. However it should be used with https only if outside of a trusted network. Also be aware that there are issues with Basic Auth (

Source Code

As usual, get it from my GitHub:

1. Create a project

Use your favorite tool. I choose Spring Boot Initializr in IntelliJ. Add web and security starter poms:


Note that right after you add the security starter pom to your classpath, the auto configuration kicks in and your app is secured by default (the default password is logged on the application startup). I will override that default configuration and customize it later on.

2. Create Controller with urls to be secured

The most straight forward one as possible like mine below:

public class SecuredController {

    @RequestMapping(value = "/secured", method = GET, produces = TEXT_PLAIN_VALUE)
    public String securedGet(){
        return "You have access to secured API!";

    @RequestMapping(value = "/admin", method = GET, produces = TEXT_PLAIN_VALUE)
    public String adminGet(){
        return "Welcome, Admin";

    @RequestMapping(value = "/open", method = GET, produces = TEXT_PLAIN_VALUE)
    public String openedGet(){ return "this API does not require authentication"; }

It contains 3 endpoints. Each of them I will secure to be accessible on various levels.

3. Create Basic Auth security configuration for selected endpoints

As in one of my previous tutorials (Spring Security Tutorial: Authorization and user roles), you need to extend the WebSecurityConfigurerAdapter:

public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

and configure the HttpSecurity in there:

protected void configure(HttpSecurity http) throws Exception {

What just happened here?

  • first of all with httpBasic() you say that BasicAuth will be in use
  • then you say that want to authorizeRequests() so that:
    • url matching “/api/secured” is accessible for all authenticated users
    • url matching “/api/admin” is accessible for ADMIN users only
    • url matching “/api/open” is accessible with no authentication required
    • any other request is accessible for all authenticated() users

4. Create security configuration: usernames and passwords

Here I create two user accounts with USER and ADMIN role. That method is also in my WebsecurityConfig class. Using those accounts you can log in to the application:

protected void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {

Normaly you would use the AuthenticationProvider, probably connected with your database or LDAP. This is separate big subject not to be cevered in this article.

5. Go ahead and try it!

Run the app and:

  1. head over to url – you should access it without logging in
  2. head over – the browser will ask you for username and password: type ‘user’ and ‘easyone’. Then you should access the site
  3. head over to url – you will get 403 Forbidden, since browser cached your auth data and reused it. Only admin is permitted to access that url.
  4. To log in as another user you need to restart your browser and open the url once again. You can also use private browsing.

Spring JMX: Manage beans in runtime

19 06 2016

JMX (Java Management Extensions) allows to change the bean field values or invoke bean methods on the fly at runtime. It is in opposite to DI where you configure application when it starts, using profiles or classpath. With JMX you can tune, monitor or configure your application anytime when it is running.

At the heart of JMX are MBeans. MBean is a JavaBean that exposes certain methods that define the management interface. To make of those exposed methods you can use tool of your choice. My choice is Java Mission Control. Others are VisualVM or JConsole.

With Spring you can expose those methods with annotations. I will guide you how to do it.

Source Code

Source Code for this tutorial you can find on my GitHub at:

Demo app introduction

The simplest app to demonstrate JMX basic capabilities is app with one REST controller exposing one GET resource method:

@RequestMapping(value = "/api/my-jmx-value", method = GET)
public int getManagedAttributeValue(){
    return myJmxValue;

The return value of that method will be managed by JMX. You can run the app from my GitHub sources and access that resource at The default hardcoded value of 25 will be returned and displayed in your browser.

Exposing Bean as a MBean
First of all you need to annotate your Bean with @ManagedResource so it can expose its methods. My annotated Controller is:

@ManagedResource(objectName = "jmxDemo:name=MyController")
public class MyController { ... }

The name value indicates the name under which the MBean will be exported. jmxDemo is a domain and MyController is the name of the MBean.

Exposing Bean’s Attribute via JMX

You can expose a field via accessors methods annotated with @ManagedAttribute. Thanks to that you will be able to change the field value via JMX. Annotated attributes in my controller are:

private int myJmxValue = 25;

public void setMyJmxValue(int myJmxValue) {
    this.myJmxValue = myJmxValue;
public int getMyJmxValue(){
    return myJmxValue;

Exposing Bean’s Method via JMX

You can also expose your Bean method to be able to invoke it by JMX. This time the @ManagedOperation annotation should be used:

public void logMyJmxValue(String requester){"{} requested to log JmxManagedValue which is: {}",
            requester, myJmxValue);

Managing JMX Attributes in Java Mission Control

Java Mission Control (JMC) is a tool you can find in your jdk/bin folder under the jmc.exe name. With JMC you can monitor java process health and manage MBeans. See image below to get familiar with the tool and see how to find your MBean there:


1. run the JMC and under the list of local java processes find your app and connect to its MBean Server
2. go to MBean Browser tab and find jmxDemo domain
3. under MyController you can set the MyJmxValue attribute to any nymber you want
4. go to and test that the returned value is exactly how you set it

Managing JMX Operations in Java Mission Control

Similarly you can invoke exposed operation via JMC. Go to Operations tab, provide the operation param and execute it. In your app logs you should find message indicating that it actually ran:

[4)-] p.l.spring.controller.MyController       : Jacek requested to log JmxManagedValue which is: 99

Aspect Oriented Spring

11 06 2016

Aspect Oriented Programming is a powerful technique to separate cross-cutting concerns (aspects) in your application apart from your logic.

Where is it used?

Spring uses it widely. Popular use case is Spring Security where each controller needs to have restricted access. It would make no sense to embed the security logic in each controller method. That is where aspects are useful. Thanks to AOP you can keep your aspect  related logic (called Advice) in one place and just define the points (joint points) where that logic should be run.

What is possible with Spring AOP

Spring AOP allows you to define the joint points on a method level by a means of dynamic proxies. It means that you can define in your advice that it should run before, after or around any method of your choice.

And if I need more?

Method interception will probably be enough for majority of your needs. However if you need more (constructor or field interception) you can use another AOP implementation: AspectJ.

How to Code it?

I coded the demo for you. Go ahead and check it out on my GitHub:

1. The dependency
First of all I’m gonna use the spring-boot-starter-aop pom and include it in my dependencies:


2. The controller with advised method
I use the annotation to define the joint point. This is the annotation I created:

public @interface MyAnnotation {}

No I can create sample controller method and annotate it with MyAnnotation:

public class MyController {

    private Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());

    @RequestMapping(value = "/api/my-resource")
    public String getMyResource(){"Returning the resource");
        return "Your resource is here";

After running the app I can head over to to see that it returns the result and logs the message.

3. Define an Aspect (advice)
Time to define your aspect! Create a class annotated with @Aspect and a method that will be run before the methods annotated with @MyAnnotation. Use @Before annotation with parameter pointing to the MyAnnotation class:

public class MyResourceAdvice {

    private Logger log = LoggerFactory.getLogger(this.getClass());

    public void performImportantJob(){"Performing important job in an advice method");

@Configuration is needed for Spring to include that class in scans.

4. Check the results

After these few steps you can go to and watch that in app logs there is controller’s log and Advice log before it:

eAdvice$$EnhancerBySpringCGLIB$$9dc59d93 : Performing important job in an advice method
p.l.spring.controller.MyController       : Returning the resource

You can also note that my aspect class is logged as EnhancerBySpringCGLIB – my controller class was dynamically proxied by cglib.

Tip 1: Readable @Before
If you don’t like the long @Before annotation param you can make it more readable by extracting it as a @Pointcut like that:

    private void annotatedWithMyAnnotation() {}

    public void performImportantJob(){"Performing important job in an advice method");

By defining @Pointcut you made your @Before definition much more readable. Note that @Pointcut method name may be any of your choice.

Tip 2: Help Spring to find your joint points
Where does the Spring look for annotated methods? Everywhere on your classpath. Do you need to scan all classes? If not, then you can narrow scanned packages:

    private void searchWithinControllersOnly() {}

    private void annotatedWithMyAnnotation() {}

    @Before("annotatedWithMyAnnotation() && searchWithinControllersOnly()")
    public void performImportantJob(){"Performing important job in an advice method");

Recent ThoughtWorks Tech Radar

7 05 2016

If you were wondering whether the technology, trend or tool is worth investing your time and effort, the Tech Radar by ThoughtWorks may help you making the decision.

The analysis is based on observations and predictions. New editions come periodially and here is always the recent one:

Some highlits that interested me the most in that edition:


  • Jenkins 2.0 as deployment pipeline is on hold – still the build pipeline generation is not a first-class-citizen since it is still based on plugins. Authors says that it could be done better. I suppose that it recommendation considers only the pipeline, not the CI itself
  • Apache Kafka is on trial – although quite widely used in industry. Authors have a pragmtic approach building the report

Languages & Frameworks

  • Spring Boot to adopt – seems to be obvious choice right now, so those who bet on it few years ago were right (lucky me!)
  • React.js to adopt – as a JS framework with one-way binding, providing the loose coupling on the front side


  • Docker! Docker! Docker!


  • GitFlow on hold! That’s right. Authors noted that feature branches tend to stand away from master / develop branch for too long. That causes the merge / integration problems. So the point is to use GitFlow wisely. Feature branch and merge request that have 2 days of coding in it are far too big.

Java equals() vs. compareTo() contract

1 05 2016

The definitions

Object’s equals(Object obj) method:

Indicates whether some other object is "equal to" this one

compareTo(T t) is an abstract method from Comparable interface and it:

Compares this object with the specified object for order. 
Returns a negative integer, zero, or a positive integer 
as this object is less than, equal to, or greater than the specified object.

The contract

That being said here seems to appear the contract between those two methods: compareTo should return 0 if equals returns true. This is yet another contract that the equals() is involved (mind the hashCode()). In fact the Comparable JavaDoc says it clearly:

It is strongly recommended, but not strictly required that 
(x.compareTo(y)==0) == (x.equals(y)).

Since it is not strictly required, the JavaDoc clears out things and says:

Generally speaking, any class that implements the Comparable interface 
and violates this condition should clearly indicate this fact. 
The recommended language is: 
"Note: this class has a natural ordering that is inconsistent with equals."

Natural ordering

A class should implement Comparable interface if it is eligible to natural ordering. Natural ordering is perceived as an order where an object can be compared to another of the same type (alphabetical comparison for String, numerical for Number or any other specific to your domain).

If your class does not have a natural ordering that is consistent with equals() but you still need to sort it, you should consider using the Comparator interface instead of Comparable.

In fact the String class follows the equals() and compareTo() contract and it sorts Strings alphabetically according to ASCII characters ordering. Note that this ordering sorts lowercase letters in front of upper case.

The BigDecimal breaks the contract

The BigDecimal class violates the recommendation and its equals() is not consistent with compareTo() in  a matter of a scale. The documentation clearly states it:

according to equals(): 2.0 is not equal to 2.00
according to compareTo(): 2.0 is equal to 2.00

Why? Who knows. There are discussions that in physics for example the 2.0 definetely should not be considered as equal to 2.00 due to the precision. However in most of the domains the values can be considered as equal.

Problems when violating the contract

The problem that arises is for example putting the BigDecimal in a HashSet:

Set<BigDecimal> set = new HashSet<>();
set.add(new BigDecimal("0.20"));
if (set.contains(new BigDecimal("0.2")) { // Returns false, but should return true

Because of that the HashSet is usable with BigDecimal if you define the scale that its elements have. So if you put the number with two digits precision, you should always look for two digits precision as well.

The other solution is to use TreeSet, since it uses the compareTo() to search for elements (ignoring the scale). However the TreeSet is sorted as opposed to the HashSet. If you do not need sorting then you ahve to consider whether it hurts your performance (putting an element to the sorted set is more expensive – due to the sorting).

How to run jMeter tests on Jenkins

24 04 2016

If you monitor your system performance with Apache jMeter test suite, you can easily make it a part of your Continuous Integration and monitor the performance on a regular basis. You need to do three things:

  1. Put your Apache jMeter binary files on Jenkins machine
  2. Run jMeter tests in headless mode from Jenkins job, generating the xml test report
  3. Analyze reports with Jenkins Performance Plugin

Let’s get into details!

1. Put your jMeter binaries on Jenkins

Apache jMeter does not require installation so you can just copy the files that you currently use to the Jenkins server. Thanks to it you will have all the plugins ready to use. Then make sure that user that runs jenkins has access rights to execute jMeter.

2. Run jMeter tests from Jenkins job

Create Jenkins job and, as a Build Step, Execute Shell commands:

#remove previous reports
rm jMeter/reports/*.jtl -f

#run tests
$JMETER_PATH/jmeter -n 
     -t jMeter/suites/sampleSuite.jmx 
     -l jMeter/reports/sampleSuiteReport.jtl 
     -p jMeter/properties/


  • $JMETER_PATH is a path where you put jMeter binaries (for example /opt/apache-jmeter-2.13/bin/)
  • -n param means that jMeter will be run in headless mode
  • – t jMeter/suites/sampleSuite.jmx is a test suite that you are going to run
  • -l jMeter/reports/sampleSuiteReport.jtl is a result report file that will be generated. This file will be interpreted by Jenkins Performance Plugin
  • -p jMeter/properties/ is a properties file where you configure the report file format to XML (interpreted by default in Jenkins Performance Plugin)

By default the .jtl report file is in the csv format. Jenkins Performance Plugin can read the csv, however the default format for it is xml. By the same token I use file with one line indicating that the jtl output should be xml:

3. Analyze reports with Jenkins Performance Plugin

Install the Performance Plugin on your Jenkins instance. To use it, add the Post Build Action to your job, providing the path to .jtl report files:


Jtl files will be interpreted each time the job is executed. Moreover in the job page on Jenkins you have new option in menu: Performance Trend, where you can find (on graphs) how your performance was changing over time at each build:


%d bloggers like this: