Modular web apps

You are very right in thinking there are synergies here, we have a modular web app where the app itself is assembled automatically from independent components (OSGi bundles) where each bundle contributes its own pages, resources, css and optionally javascript. We don’t use JSF (Spring MVC here) so I can’t comment on the added complexity … Read more

How do you virus scan a file being uploaded to your java webapp as it streams? [closed]

Check out Clamv ( http://www.clamav.net/ ) It is a open source anti-virus, and you can scan a stream. So you do not need to save the file for scanning it. http://linux.die.net/man/1/clamscan Scan a data stream: cat testfile | clamscan – So it is quite easy, start the clamscan process with the – arg. write the … Read more

Initializing Log4J with Spring?

You could configure your Log4j listener in the web.xml instead of the spring-context.xml <context-param> <param-name>log4jConfigLocation</param-name> <param-value>/WEB-INF/classes/log4j.web.properties</param-value> </context-param> <listener> <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> </listener> So it is up before Spring starts.

How do some web services recognize I’m logging in from a new location?

Here are some ideas you may be interested in… As I already said to you it’s not an exact science. You should keep what’s important for security first and consider all this “optional” Plus, remember that all suggested “time durations” are subjective depending on how frenetic are accessess to your site and how strong should … Read more

Separate application pools for ASP.net applications in IIS

Reposted from ServerFault, “Why add additional application pools in IIS?” AppPools can run as different identities, so you can restrict permissions this way. You can assign a different identity to each app pool so that when you run task manager, you know which w3wp.exe is which. You can recycle/restart one app pool without affecting the … Read more

Recurring billing with Rails and ActiveMerchant: Best practices, pitfalls, gotchas?

One thing I wanted to add: keep in mind you don’t need to use the recurring billing feature that is built into the gateway. In general these systems are legacy and very difficult to deal with, we get spoiled in the rails world. You get a lot more flexibility just using them for one purpose … Read more