• PostgreSQL security best practices


    Database is the “Holy Grail” in the eyes of hackers. We need to take care of it like “flowers”. This article mainly introduces the best practices of database protection. First, starting with the most commonly used open source database PostgreSQL, we will introduce several security levels you need to consider one by one: Network layer […]

  • VPC traditional HSF upgrade Pandora boot development


    Introduction:VPC traditional HSF upgrade Pandora boot development This best practice analyzes the disadvantages of traditional HSF applications and the advantages of upgrading to Pandora boot development. It will explain in detail how to upgrade traditional HSF applications to Pandora boot development in combination with HSF code and Pandora boot code. background information The disadvantage of […]

  • Enterprise RPC framework zrpc


    Recently, the popular open source project go zero is a fully functional microservice framework integrating various engineering practices, including web and RPC protocols. Today, let’s analyze the RPC part zrpc. The bottom layer of zrpc relies on grpc, with built-in modules such as service registration, load balancing and interceptor, including micro service governance schemes such […]

  • Elasticsearch integrates springboot


    Official documents 1. Find native dependencies <dependency> <groupId>org.elasticsearch.client</groupId> <artifactId>elasticsearch-rest-high-level-client</artifactId> <version>7.9.2</version> </dependency> 2. Find object 3. Analyze the methods in this class Configure basic items Problem: make sure that the dependencies we import are consistent with those we use Related source code Specific API testing 1. Create index2. Determine whether the index exists3. Delete index4. Create […]

  • Please stop using JWT for session management immediately


    introduction Recently, it has been found that many web application systems use JWT for session management. The reason is to avoid storing sessions on the server or to pursue independent control. I don’t know that there are huge security risks in using JWT for session management! HTTP session management Let’s talk about HTTP protocol first. […]

  • Flink on Zeppelin series: Yan application mode support


    Author: Zhang Jianfeng (Jian Feng) Last year, when Flink forward talked about the future of Flink on Zeppelin, we talked about the support for the application mode. Today, we have good news to tell you that the community has implemented this feature. You are welcome to download the latest version to use this feature. Application […]

  • Electron pseudo protocol parameter acquisition


    In the last issue, we introduced how to set the pseudo protocol and pull up the client through the pseudo protocol link. In fact, there are many scenarios for the pseudo protocol, such as Baidu online disk or Xunlei. Click the link on the web page to download, or click the link to pull up […]

  • Internet people’s essential knowledge cookie and session authentication


    User authentication In the early stage of the development of the Internet, the web is basically just content browsing. The server does not need to remember the status of each browsing request. In other words, the server does not need any status information. Each client request is a new request, which is also an obvious […]

  • Spark – how does the RPC of each component communicate


    Basic concepts Before we start, let’s talk about a few concepts: Rpcendpoint: an instance of RPC distributed, which is used to specify the processing of messages, such as receiving messages. Rpcendpointref: the reference of rpcendpoint, that is, it points to the rpcendpoint of the server, so rpcendpointref will have the RPC address of the server. […]

  • Web push service based on netty socket IO


    In web projects, it is a common business requirement for servers to push messages to web pages. The push technology of PC can be realized by establishing a long connection with socket. In traditional web services, the client sends a request and the server gives a response. But now the intuitive requirement is to allow […]

  • MySQL auth_ Working principle of socket verification plug-in


    auth_socketThe authentication method is: the client is enabled bySO_PEERCREDThe socket of option is connected to the MySQL server, and the server detects from the socket whether the system user name running the client is the MySQL user name to log in. If the user name is the same, log in; if it is different, refuse. […]

  • Simple websocket demo


    There are two ways to use websocket: one is to use sockjs, and the other is to use H5 standard. The use of HTML5 standard is naturally more convenient and simple, so the use method matched with H5 is recorded. pom <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-websocket</artifactId> </dependency> Create a websocket endpoint using @ serverendpointFirst, inject the serverendpointexporter. […]