Skip to main content


Deploy Spring Boot app in digitalocean cloud (or any cloud as long asyou have ssh access)

First thing first. Assuming that you got an account at digitalocean, lets create a droplet. But before that add your ssh keys of your computers in Settings>Security>Add SSH Key.
1. Resolving SSH Keys
If you need to generate ssh key go here.

If you already have a ssh key then copy the content of your public key and paste it on digialocean.
2. Create Droplet
For this purpose I choose ubuntu 16.04 with 1 gigabyte if Ram. Choose it according to your need. And yes, DON'T forget to choose your pc (SSH Keys) when creating droplet. After creating droplet you'll get an IP address of your machine. If you can't find the IP, well consult your eye specialist ;)
3. Access to your droplet
If you are from mac or linux just open terminal and execute this command.
ssh [email protected]_address
If you copied your public key to digitalocean when creating the droplet you should get access at this point. If you forgot to do that you have to add your ssh key on the operating system manually.
4. Inst…
Recent posts

Flood Control (Limit Login Attempts) in Spring Security

May be sometimes you wanna limit your users login attempt for better security, to protect them from buitforce attack, so that their account isn't compromised. I'm gonna show you how you can limit login attempts and control flooding.
1. Dependency
We'll use Googles Guava for caching, so please add this dependency in your pom.xmlfile.

2. Login Attempt Service
To control login attemps determine if it's blocked we'll create a service called LoginAttemptService.
public class LoginAttemptService {
private final int MAX_ATTEMPT = 10;
private LoadingCache<String, Integer> attemptsCache;

public LoginAttemptService() {
attemptsCache = CacheBuilder.newBuilder().
expireAfterWrite(1, TimeUnit.DAYS).build(new CacheLoader<String, Integer>() {

User activity logging: Spring


In this article I'll show you how you can log user activity in your spring application. We'll use spring's HandlerInterceptorAdapter to intercept requests and thus logging activities.
1. Create Activity entity
Create an entity that represents an activity. When user sends a request to an url we'll save this object to our database (On Condition lol).
public class Activity extends BaseEntity{

private String userAgent;
private String ip;
private String expires;
private User user;
private String requestMethod;
private String url;

private Long totalVisitors;

public String getUserAgent() {
return userAgent;

public void setUserAgent(String userAgent) {
this.userAgent = userAgent;

public String getExpires() {
return expires;

public void setExpires(String expires) {
this.expires = expires;

public User getUser() {
return user;


Enable SSL in Spring Boot


In this article I'll show you how you can enble SSL using self signed certificate.

Remember this will show you a warning if you access app from the browser saying your connection is not private. Like this,

Using self signed certificate is useful in development environment but we'll see in future article how we can enable it in production environment.
1. Generate Keystore
keytool -genkey -keyalg RSA -alias keyname -keystore keystore.jks -storepass keypass -validity 360 -keysize 2048
Here we're creating a keystore named 'keystore.jks' with a password 'keypass' and an alias 'keyname'. Well not yet, after executing this command your terminal will prompt to get some informations like this

A keystore (keystore.jks) will be generated in your current directory. No you need to use this keystore to enable ssl.

2. Enable SSL
First copy kaystore.jks file in your project root directory or any directory you want. Write some configuration properties in your application…

Enable CORS globally in Spring Boot

People, I'm about to show how you can enable CORS globally in your spring boot application.
1. Configuration
Create a configuration class and annotate with @Configiration anntation. Please make sure that this class is being scanned by component scanner. If not use annotation @ComponentScan to scan your package. Subpackages will automatically be scanned.
public class AppConfig {


2. Configure CORS Filter
public class AppConfig {

public CorsFilter corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();

Using OAuth2 and web security simultaneously in Spring Security


I've been experiencing a pretty annoying trouble using both web security and OAuth2. I implemented OAuth2 first for my rest api and then when I tried form login using, it was giving an error and user wans't logged in.

So I dug a bit deeper in google and found the solution. It wan't the problem of configuration, it was a silly mistake that wasn't suppose to happen.

Anyway I'm posting both Resource Server and Web security config classed here.

Configure Resource Server
@Configuration @EnableResourceServer public class ResourceServerConfig extends ResourceServerConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception { http .antMatcher("/api/**") .authorizeRequests() .antMatchers("/", "/login**") .permitAll() .anyRequest() .authenticated() .and().logout().log…

Upload large files : Spring Boot

So guys, I was dealing with a problem recently. I was getting OutOfMemoryError when trying to upload and save large files (like 2/3 gbs). I was trying to deal it with HttpServletRequest but didn't end so well. But after spending some time thinking about the universe, mens style, water pond (road? seriously?!!) on dhaka city after a heavy rain and how to make life easier doing absolutely nothing, figured out the nicest way to do it.

We'll use apache commons IO to copy inputstream (and write) to a file. But it has nothing to do with OutOfMemoryError. It's just a convenient and simple way to write inputstream to a file
1. Dependency

2. Create a multipart form
<form th:action="@{/admin/categories/create}" method="post" enctype="multipart/form-data">