Error handling in SOAP Web Services – The Right Way

I have seen too many web services (and done a few) where fault handing is not user friendly / graceful.  Most of the times the way people code the web services using annotations or using POJOs in  frameworks like Axis2 the SOAP faults just contains an error message since this is the easiest thing to do. However for  clients this is not too friendly as they can only do error handling  based on your error strings. SOAP 1.2 specifications here , provide a better way of populating your SOAP faults. That is to provide at-least SOAP codes, sub-codes and a fault string as well as details (if possible). This is old news, but i still thought should be talked about.  Continue reading

PostgreSQL Replication Options

Based on different parameters, reuirements etc you have the following popular options.

  • Block level replication – DRBD
  • PostgreSQL Streaming replication (SR)– only available 9.0 +
  • Slony Trigger based replication – Almost the gold standard for Master – Slave replication
  • Bucardo – Perl based multi master Async replication
  • pgPool- II – Load balancer, Query cache, connection pooller , Replication manager
  • pgCluster – multi-master synchronous replication

Continue reading

All you need to know about Search Engine Optimization

Your online businesses are ultimately only as profitable as they are accessible—if no one can find you online, your hard work in creating a useful architecture, providing interesting content, and coding them correctly will be for naught. This is where Search Engine Optimization (SEO) comes into play, and most of you know what it is.

Contrary to what you might hear from companies who try to sell SEO services to you, there are no magic secrets that guarantee you’ll be at the top of every list of search results. However, there is a set of free best practices that you can do on your own to make sure your site is as easy to find as possible.

Continue reading

Getting Around Browser’s Same Origin Policy (SOP) With Proxies, Script Injection , JSONP and CORS

If you work with Web Development or Javascript / Ajax a lot you must have come across browser’s same origin policy or SOP. Same Origin Policy or SOP is a security concept in which documents retrieved from distinct origins are isolated from each other. This is quite strictly implemented by almost all major browsers today.

Continue reading

Implementing HTTP Digest Authentication in Java

I recently had to implement my own version of RFC 2617 which addresses the digest authentication in http protocol. This RFC is an improvement over RFC 2069 which was the previous version of Digest Access authentication. However RFC 2617 adds some additional security features such as quality of protection (qop) to try to counter re-play attacks. Continue reading