https://www.reardontech.uk/ Recent content on Reardon Tech Hugo en Fri, 05 Sep 2025 10:00:00 +0000 https://www.reardontech.uk/posts/understanding-idempotency/ Sun, 24 Aug 2025 10:30:00 +0000 https://www.reardontech.uk/posts/understanding-idempotency/ When communication between systems there is no guarantee that requests will only be send / received only once. Idempotency ensures that performing the same operation multiple times has the same effect as performing it once, preventing duplicate processing and data corruption. This is crucial for building reliable systems that can handle the inevitable failures and retries that occur in distributed environments. What is Idempotency? Link to heading An operation is idempotent if performing it multiple times has the same effect as performing it once. https://www.reardontech.uk/posts/the-8-fallacies-of-distributed-computing/ Fri, 22 Aug 2025 10:30:00 +0000 https://www.reardontech.uk/posts/the-8-fallacies-of-distributed-computing/ In today’s cloud-native landscape, where systems are no longer monolithic and communicate across networks and continuously deployment practices ships new versions frequently, understanding the fundamental assumptions that can lead to system failures is more critical than ever. The 8 Fallacies of Distributed Computing, originally formulated by Peter Deutsch and others at Sun Microsystems, remain as relevant today as when they were first articulated—perhaps even more so. Modern cloud architectures, with their dynamic scaling, rolling deployments, and multi-region setups, mean that each time you call a service, you might be talking to a completely different node running a different version of its system. https://www.reardontech.uk/posts/asb-emulator/ Wed, 27 Nov 2024 10:00:00 +0000 https://www.reardontech.uk/posts/asb-emulator/ For years, developers working with Azure Service Bus have longed for a local emulator to streamline development and testing. Relying on cloud-based instances for every iteration was costly, time-consuming, and often impractical. But as of November 19, 2024, Microsoft has answered those prayers with the official release of the Azure Service Bus Local Emulator! Azure Service Bus Emulator is not a full replacement for Azure Service bus but is aimed at local development and testing never the less lets look into how to the features it offers and how to use it. https://www.reardontech.uk/posts/tls-trusted-root-store/ Mon, 23 Sep 2024 10:00:00 +0100 https://www.reardontech.uk/posts/tls-trusted-root-store/ We are all aware of the padlock in address bar of our web browser means that this site is secure, but have you ever wondered how the computer knows that it is secure? The answer lies in the intricate world of TLS (Transport Layer Security) trust. Let’s dive in and explore how this crucial process works. How Transport Layer Security works Link to heading Before we delve deeper into trust, let’s briefly touch upon TLS itself. https://www.reardontech.uk/posts/csrf/ Fri, 13 Sep 2024 10:00:00 +0100 https://www.reardontech.uk/posts/csrf/ Cross-Site Request Forgery (XSRF or CSRF), often pronounced as “Sea-Surf”, attacks are a serious threat to web applications. They exploit the trust a website has in a user’s browser, tricking the browser into sending unauthorised requests to the website. This can lead to data breaches, unauthorised actions on a user’s account, and other malicious activities. The Attack Vector Link to heading A CSRF attack typically unfolds in the following way : https://www.reardontech.uk/posts/step-up-auth/ Tue, 03 Sep 2024 10:27:00 +0100 https://www.reardontech.uk/posts/step-up-auth/ Step-Up JIT is an authentication mechanism that combines the security of MFA with the flexibility of contextual risk assessment. Instead of requiring MFA challenges for every authentication attempt, Step-Up JIT dynamically evaluates the risk associated with each access request based on various factors such as: Resource and Action : Is the resource privileged such as updating passwords or transferring money? User identity : Who is attempting to access the resource? Device : What device is being used for access? https://www.reardontech.uk/posts/a-tale-of-http/ Thu, 22 Aug 2024 10:00:00 +0100 https://www.reardontech.uk/posts/a-tale-of-http/ In the vast digital landscape of the internet, where billions of web pages, images, videos, and applications reside, a silent conductor orchestrates the seamless flow of information: the Hypertext Transfer Protocol, or HTTP. It’s the invisible language that allows your browser to communicate with web servers, fetching the content you request and delivering it to your screen. As the web has evolved from simple text-based pages to complex, interactive experiences, HTTP has also undergone a series of transformations. https://www.reardontech.uk/posts/mutli-factor-authentication/ Wed, 14 Aug 2024 10:30:00 +0100 https://www.reardontech.uk/posts/mutli-factor-authentication/ Multi-factor authentication requires users to present multiple pieces of evidence, or factors, to verify their identity before accessing an account or system. This approach drastically reduces the risk of unauthorised access, even if one factor is compromised. The most common factors used in MFA fall into three categories: Something you know : This typically involves a password, PIN, or security questions. Something you have : This can be a physical token, a smartphone, or a hardware security key. https://www.reardontech.uk/posts/oauth2-token-exchange/ Sat, 29 Jun 2024 13:00:44 +0100 https://www.reardontech.uk/posts/oauth2-token-exchange/ OAuth 2.0 is a widely adopted framework for authorisation in web applications and APIs. While it provides essential grant types for obtaining tokens, the Token Exchange flow (defined in RFC 8693) is a powerful extension that addresses complex scenarios involving multiple services and token types. This flow enables the exchange of one type of token for another, making it particularly useful for cross-domain single sign-on (SSO), delegated access, token transformation, and confidential client access. https://www.reardontech.uk/posts/oauth2/ Wed, 12 Jun 2024 10:30:00 +0100 https://www.reardontech.uk/posts/oauth2/ OAuth 2.0 is an authorisation framework that allows applications to securely access resources on behalf of a user without requiring the user to share their credentials directly with the application. It achieves this by obtaining limited access to a user’s account on a service (like Google, Facebook, etc.) and authorising third-party applications to act on that user’s behalf. Key Roles in OAuth 2.0 Link to heading OAuth 2 is still a tri-party trust (trust between the Client, Server and Authority) below shows the 4 key roles. https://www.reardontech.uk/posts/oauth2-auth-code-pkce/ Wed, 12 Jun 2024 10:00:01 +0100 https://www.reardontech.uk/posts/oauth2-auth-code-pkce/ OAuth 2.0 is the industry-standard protocol for authorisation, enabling applications to securely access user resources on behalf of the user. The Authorisation Code Flow is a popular OAuth 2.0 grant type used by web and mobile applications to obtain access tokens from authorisation servers. While secure in many scenarios, it can be vulnerable to certain attacks when used with “public” clients (applications that cannot securely store secrets). This is where Proof Key for Code Exchange (PKCE) comes into play. https://www.reardontech.uk/posts/security-basics/ Thu, 23 May 2024 10:30:00 +0100 https://www.reardontech.uk/posts/security-basics/ In the ever-evolving landscape of cybersecurity, safeguarding sensitive information and systems is of paramount importance. A robust security framework must be in place to protect against unauthorised access and potential threats. The foundation of such a framework is built upon the three pillars known as the 3 A’s of security: Authentication, Authorisation, and Audit. Authentication Link to heading Authentication (sometimes referred to as AuthN) is essentially the process of validating identity, or more to the point asking the question “Who am I”, this is the first step in accessing any resource. https://www.reardontech.uk/posts/mssql-open-json/ Thu, 25 Apr 2024 10:30:00 +0000 https://www.reardontech.uk/posts/mssql-open-json/ In our increasingly data-driven world, JSON (JavaScript Object Notation) has emerged as a versatile and lightweight format for exchanging information. While JSON offers flexibility, working with it within the structured realm of relational databases like SQL Server can be cumbersome. Microsoft SQL Server has supported the OPENJSON function since SQL Server 2016 (Compatibility Level 130) with the primary purpose of converting JSON text into tabular format making it easier to query and manipulate JSON data to integrate into your current queries. https://www.reardontech.uk/posts/ef-queries/ Thu, 18 Apr 2024 10:30:00 +0000 https://www.reardontech.uk/posts/ef-queries/ Entity Framework Core (EF Core) streamlines database interactions, but its automatic translation of LINQ queries can sometimes lead to overly complex SQL. This becomes evident when you need to fetch data across multiple relationships, potentially resulting in performance problems. Split queries offer a way to optimize these situations. For more information on EF Core click here For more information on LINQ click here Single Query Link to heading Single Query is the default type of query used with Entity Framework (EF), a Single query creates a query that returns a cartesian product which can, under the correct circumstances, create significant performance issues when loading and hydrating the entities in code. https://www.reardontech.uk/posts/hexagonal-architecture/ Thu, 11 Apr 2024 10:30:00 +0000 https://www.reardontech.uk/posts/hexagonal-architecture/ In the ever-changing world of software development, crafting applications that are both maintainable and adaptable is a constant challenge. Hexagonal architecture, also known as ‘Ports and Adapters’, provides an elegant solution to this problem, emphasizing separation of concerns and testability. Why use Hexagonal Architecture Link to heading The core idea behind hexagonal architecture is to isolate the business domain (the heart of the application) from the technical details of infrastructure, databases, user interfaces, and external services. https://www.reardontech.uk/posts/messaging-basics/ Thu, 04 Apr 2024 10:30:00 +0000 https://www.reardontech.uk/posts/messaging-basics/ In the realm of software development, the way applications communicate with each other is critical to achieving scalability, flexibility, and resilience. This is where messaging comes into play, acting as a powerful tool in a software architect’s toolkit. Let’s delve into messaging paradigms, patterns, and their value in modern software architectures. Fundamentals Link to heading There are many reasons to choose Distributed systems or Microservices architectures, simplicity is not one of them, these architectures do however help to force some good design patterns such as loose coupling between bounded contexts, for more on bounded contexts please ready my Domain Driven Design Article. https://www.reardontech.uk/posts/jwt-verification/ Thu, 28 Mar 2024 10:30:01 +0000 https://www.reardontech.uk/posts/jwt-verification/ JSON Web Tokens (JWTs) provide a secure and reliable method for user authentication in web applications. This article explores the structure, uses, and advantages of JWTs, along with an example of how to verify their signatures. Structure of a JWT Link to heading A JWT is comprised of 3 base64 encoded sections separated by full stops: The Header Contains information about the token type (i.e., JWT) and the signing algorithm used (such as HMAC SHA256 or RSA). https://www.reardontech.uk/posts/eda-versioned-aggregates/ Fri, 22 Mar 2024 10:30:00 +0000 https://www.reardontech.uk/posts/eda-versioned-aggregates/ In the realm of event-driven architecture (EDA), aggregates play a pivotal role. Aggregates are clusters of domain objects that are treated as a single unit for the purpose of state changes and data consistency. As an EDA system evolves, managing modifications to these aggregates while maintaining consistency is crucial. This is where the concept of versioned aggregates enters the picture. For more information on Aggregates See my What Is Domain Driven Design article. https://www.reardontech.uk/posts/azure-service-bus-sessions/ Sun, 17 Mar 2024 10:30:00 +0000 https://www.reardontech.uk/posts/azure-service-bus-sessions/ In the world of cloud messaging, where applications often exchange a continuous stream of data, ensuring the right order and correlation amongst messages can be critical. Azure Service Bus sessions provide a mechanism to achieve this. Completing messages in order Link to heading In some scenarios, it is important to complete all messages in the order that they are sent such as Financial Transactions : Actions like deposits, withdrawals, and transfers must occur in the precise order received to maintain account accuracy. https://www.reardontech.uk/posts/what-is-domain-driven-design/ Fri, 08 Mar 2024 10:30:00 +0000 https://www.reardontech.uk/posts/what-is-domain-driven-design/ Have you ever used software that seemed completely out of touch with how your work actually gets done? Confusing terminology, endless menus, features nobody needs… these are signs of software that wasn’t designed with the real world in mind. Domain-Driven Design (DDD) offers a solution. It’s a powerful approach that aligns software with the way businesses truly operate. If you work at a company whose developers practice DDD you may have heard the terms ‘domain,’ ‘bounded context,’ and ‘aggregate’ floating around, let’s dive into what they actually mean. https://www.reardontech.uk/posts/configuration-in-dotnet/ Thu, 29 Feb 2024 10:30:00 +0000 https://www.reardontech.uk/posts/configuration-in-dotnet/ Effective application configuration management is crucial for ensuring adaptability and maintainability. It empowers applications to seamlessly adapt to diverse environments, from development to production, and dynamically adjust settings like external service URLs. Types of configuration Link to heading Configuration can be broken down in many different ways, I like to categories it in the following groups: Environmental Configuration Link to heading This is configuration that will change between environments some good examples are https://www.reardontech.uk/posts/roles-and-permissions/ Thu, 22 Feb 2024 10:30:00 +0000 https://www.reardontech.uk/posts/roles-and-permissions/ In the complex realm of application security, roles and permissions play a foundational role. While seemingly straightforward, their effective implementation can often be shrouded in confusion. This article aims to shed light on this critical duo, exploring common patterns surrounding user, roles, and permissions. Through practical insights and clear explanations, we’ll unveil the secrets of constructing a robust authorization model – a vital piece of the security puzzle safeguarding your applications. https://www.reardontech.uk/posts/sql-server-managed-identity/ Tue, 13 Feb 2024 10:30:00 +0000 https://www.reardontech.uk/posts/sql-server-managed-identity/ In the realm of Azure integration, robust security is paramount. When it comes to accessing your Azure SQL Server, opting for Azure Identity or token-based authentication is the obvious choice over basic forms of authentication. This approach significantly enhances security and streamlines access management, offering numerous advantages over traditional methods. For more information on Azure Managed Identity, please read this article Azure Managed Identities Introduction. Obtaining a Token Link to heading The first step in connecting to SQL Server is to obtain a token. https://www.reardontech.uk/posts/outbox-pattern/ Tue, 06 Feb 2024 10:30:00 +0000 https://www.reardontech.uk/posts/outbox-pattern/ The outbox pattern emerges as a powerful solution for ensuring reliable event delivery, guaranteeing events reach their destination even in the face of failures. This introductory tech article delves into the outbox pattern’s high-level structure, exploring how it empowers us to confidently update entities and trigger downstream actions with the peace of mind that events will be published, no matter what. When a user makes a call to an API to update their address typically this will result in an update to the data store, in event driven systems there would also be an expectation of an event being sent so that all downstream consumers are notified of the change and can act accordingly. https://www.reardontech.uk/posts/securing-azure-pipelines-with-azure-identities/ Fri, 02 Feb 2024 08:30:04 +0000 https://www.reardontech.uk/posts/securing-azure-pipelines-with-azure-identities/ In the era of DevOps, manual processes are relics of the past. Repetitive tasks are prime candidates for automation, freeing up development teams to focus on strategic innovation. Today, we no longer build and package applications locally for production—infrastructure concerns such as how database schemas and message queues are managed seamlessly through code. But how do we ensure secure access to these protected Azure resources while adhering to the principle of least privilege? https://www.reardontech.uk/posts/azure-managed-identities-introduction/ Mon, 29 Jan 2024 10:30:00 +0000 https://www.reardontech.uk/posts/azure-managed-identities-introduction/ Microsoft’s cloud ecosystem boasts a robust and multifaceted approach to service-to-service communication security. This intricate landscape, familiar to developers familiar with Azure AD (now evolved into Entra ID), reflects Microsoft’s long-standing commitment to robust identity and access management solutions. At the heart of this layered approach lies the fundamental principle of the Three A’s: Authentication, Authorization, and Audit. This article delves specifically into the realm of Authentication, focusing on Managed Service Identities as a cornerstone for establishing secure communication between Azure services. https://www.reardontech.uk/posts/array-vs-list-csharp/ Thu, 25 Jan 2024 10:30:00 +0000 https://www.reardontech.uk/posts/array-vs-list-csharp/ When traversing collections of data in C#, developers wield a diverse arsenal of tools. Among the most prominent stand Arrays and Lists, powerful contenders often vying for the same role. Yet, beneath their shared purpose lies a nuanced tapestry of advantages and drawbacks, beckoning careful evaluation before making the optimal choice. Arrays Link to heading An Array is a built in type in c#, generally an array is the first way that an aspiring developer is introduced to collections. https://www.reardontech.uk/posts/azure-free-services/ Fri, 19 Jan 2024 10:00:00 +0000 https://www.reardontech.uk/posts/azure-free-services/ As a professional developer, I often face a dilemma when hosting personal projects: striking a balance between affordability and the robust features I’m accustomed to at work. Many free or basic hosting solutions feel outdated or lack the functionalities I rely on. Fortunately, Azure offers a compelling solution with its “Always Free” tier, providing access to powerful services without incurring any costs. This article focuses specifically on these perpetually free offerings, as 12-month free trials don’t align with my preference for projects without set deadlines. https://www.reardontech.uk/posts/hugo-scheduled-posts/ Tue, 16 Jan 2024 11:45:00 +0000 https://www.reardontech.uk/posts/hugo-scheduled-posts/ Most modern content management systems have features to control when an article is published and when the article should be removed. This functionality can be quite useful if content needs to be approved or finished ahead of time for an announcement or if the post would no longer be relevant after a certain date. Hugo is not a stranger to these features however, given that Hugo sites are static there is server as such to control when these posts are published or to remove them. https://www.reardontech.uk/posts/adf-to-asb/ Sun, 14 Jan 2024 09:00:00 +0000 https://www.reardontech.uk/posts/adf-to-asb/ While dealing with a requirement to interact with a feed of data from a legacy system I decided to look into how I could leverage the existing ETL workflows in Azure Data Factory (ADF). There is not curenty a connector in ADF for Azure Service Bus (ASB) however ASB does have a simple REST interface. This article is going to focus on sending single messages to a Queue or Topic. https://www.reardontech.uk/posts/intro-to-hugo-and-functions/ Sat, 13 Jan 2024 12:03:32 +0000 https://www.reardontech.uk/posts/intro-to-hugo-and-functions/ This site was made to Play with Azure Static Websites and Hugo. I intend to Add some Azure Functions and see how much I can get out of the Technology Azure Function Example Code : Link to heading Please Enter your Name : Submit Building the above Link to heading The form’s functionality is powered by a two-pronged architecture: Client-side rendering: Utilizes Hugo Shortcode, a lightweight templating system, for efficient on-demand content generation, minimizing server load. https://www.reardontech.uk/about/ Sat, 13 Jan 2024 00:00:00 +0000 https://www.reardontech.uk/about/ During my 15+ years in enterprise technology, spanning Australia’s Judicial and London’s FinTech scene, I have woven a tapestry of expertise in: robust software architecture, scalable distributed systems, event driven architecture, security, and cloud infrastructure. Passion fuels my work; I contribute to open-source software and champion DevOps collaboration, believing shared responsibility unlocks the true potential of technology. This collaborative spirit extends beyond just systems. As a mentor, I find immense satisfaction in nurturing new engineers, creating an environment where veterans impart wisdom while young minds bring fresh perspectives.