Secure your API with these 16 Practices with Apache APISIX - part 1
A Java geek
by
23h ago
A couple of months ago, I stumbled upon this list of 16 practices to secure your API: Authentication ?️️ - Verifies the identity of users accessing APIs.Authorization ? - Determines permissions of authenticated users.Data Redaction ?️ - Obscures sensitive data for protection.Encryption ? - Encodes data so only authorized parties can decode it.Error Handling ❌ - Manages responses when things go wrong, avoiding revealing sensitive info.Input Validation & Data Sanitization ? - Checks input da ..read more
Visit website
Secure your API with these 16 Practices with Apache APISIX
A Java geek
by
23h ago
A couple of months ago, I stumbled upon this list of Secure your API with these 16 practices to secure your API: Authentication ?️️ - Verifies the identity of users accessing APIs.Authorization ? - Determines permissions of authenticated users.Data Redaction ?️ - Obscures sensitive data for protection.Encryption ? - Encodes data so only authorized parties can decode it.Error Handling ❌ - Manages responses when things go wrong, avoiding revealing sensitive info.Input Validation & Data Sani ..read more
Visit website
Error management in Rust, and libs that support it
A Java geek
by
1w ago
As part of learning the Rust ecosystem, I dedicated the last few days to error management. Here are my findings. Error management 101 The Rust book describes the basics of error management. The language separates between recoverable errors and unrecoverable ones. Unrecoverable errors benefit from the panic!() macro. When Rust panics, it stops the program. Recoverable errors are much more enjoyable. Rust uses the Either monad, which stems from Functional Programming. Opposite to exceptions ..read more
Visit website
Hardening Apache APISIX with the OWASP's Coraza and Core Ruleset
A Java geek
by
2w ago
The OWASP stands for Open Worldwide Application Security Project: The Open Worldwide Application Security Project is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the fields of IoT, system software and web application security. The OWASP provides free and open resources. It is led by a non-profit called The OWASP Foundation. The OWASP Top 10 - 2021 is the published result of recent research based on comprehensive data com ..read more
Visit website
Improving upon my OpenTelemetry Tracing demo
A Java geek
by
3w ago
Last year, I wrote a post on Open Telemetry Tracing to understand more about the subject. I also created a demo around it, which featured the following components: The Apache APISIX API GatewayA Kotlin/Spring Boot serviceA Python/Flask serviceAnd a Rust/Axum service I’ve recently improved the demo to deepen my understanding and want to share my learning. Using a regular database In the initial demo, I didn’t bother with a regular database. Instead: The Kotlin service used the e ..read more
Visit website
Keeping your fonts in embedded SVG
A Java geek
by
1M ago
Last year, I started to use Excalidraw as a diagram tool. However, the SVG images didn’t display the font correctly. In this post, I’d like to explain the problem and offer a solution. Let’s create a sample drawing with Excalidraw. If you open the link, it should look something like this: However, in a browser, it looks like this: The code is straightforward: <img src='/path/to/sample.svg'> The font doesn’t display correctly. The problem is that the ..read more
Visit website
Kicking the tires of Docker Scout
A Java geek
by
1M ago
I never moved away from Docker Desktop. For some time, after you use it to build an image, it prints a message: What's Next? View a summary of image vulnerabilities and recommendations → docker scout quickview I decided to give it a try. I’ll use the root commit of my OpenTelemetry tracing demo. Let’s execute the proposed command: docker scout quickview otel-catalog:1.0 Here’s the result: ✓ Image stored for indexing ✓ Indexed 272 packages Target ..read more
Visit website
Five Apache projects you probably didn't know about
A Java geek
by
2M ago
In early 2021, I started to work on the Apache APISIX project. I have to admit that I had never heard about it before. In this post, I’d like to introduce some Apache projects that are less well-known than HTTPD or Kafka. Apache APISIX APISIX is an API Gateway. It builds upon OpenResty, a Lua layer built on top of the famous nginx reverse-proxy. APISIX adds abstractions to the mix, e.g., Route, Service, Upstream, and offers a plugin-based architecture. Lots of plugins are provided ou ..read more
Visit website
Apache APISIX plugin priority, a leaky abstraction?
A Java geek
by
2M ago
Apache APISIX is an API Gateway, which builds upon the OpenResty reverse-proxy to offer a plugin-based architecture. The main benefit of such an architecture is that it brings structure to the configuration of routes. It’s a help at scale, when managing hundreds or thousands of routes. In this post, I’d like to describe how plugins, priority, and phases play together and what pitfalls you must be aware of. APISIX plugin’s priority When you configure a route with multiple p ..read more
Visit website
Canary releases with Apache APISIX
A Java geek
by
2M ago
In a few words, the idea of canary releases is to deliver a new software version to only a fraction of the users, analyze the results, and decide whether to proceed further or not. If results are not aligned with expectations, roll back; if they are, increase the number of users exposed until all users benefit from the new version. In this post, I’d like to detail this introduction briefly, explain different ways to define the fraction, and show how to execute it with Apache APISIX. Int ..read more
Visit website

Follow A Java geek on FeedSpot

Continue with Google
Continue with Apple
OR