more and more
Digital Signatures in Java 1. Overview In this tutorial, we’re going to learn about the Digital Signature mechanism and how we can implement it using the Java Cryptography Architecture (JCA). We’ll explore the KeyPair, MessageDigest, Cipher, KeyStore, Certificate, and Signature JCA APIs. We’ll start by understanding what is Digital Signature,… Continue Reading java-digital-signature
Intro to the Java SecurityManager 1. Overview In this tutorial, we’ll have a look into Java’s built-in security infrastructure, which is disabled by default. Specifically, we’ll examine its main components, extension points, and configurations. 2. SecurityManager in Action It might be a surprise, but default SecurityManager settings disallow many standard operations:… Continue Reading java-security-manager
Authentication with HttpUrlConnection 1. Overview In this tutorial, we’re going to explore how to authenticate HTTP requests using the HttpUrlConnection class. 2. HTTP Authentication In web applications, servers may require clients to authenticate themselves. Failing to comply usually results in the server returning an HTTP 401 (Unauthorized) status code. There… Continue Reading java-http-url-connection
A Collection of Spring Tutorials Persistence REST Security Series Spring Hibernate JPA I started the REST Security project on GitHub to explore writing an elegant REST Services with the latest and greatest Spring had to offer. That was Spring 3.1 and now Spring 3.2, moving towards Spring 4.0 and 4.1.… Continue Reading this-is-not-your-fathers-spring-a-learning-project
getdocs
Use char[] Array Over a String for Manipulating Passwords in Java? 1. Overview In this article, we’ll explain why we should use char[] array for representing passwords instead of String in Java. Please note that this tutorial focuses on the ways of manipulating passwords in the memory, not on the… Continue Reading java-storing-passwords
getdocs
Guide to Google Tink 1. Introduction Nowadays, many developers use cryptographic techniques to protect user data. In cryptography, small implementation errors can have serious consequences, and understanding how to implement cryptography correctly is a complex and time-consuming task. In this tutorial, we’re going to describe Tink – a multi-language, cross-platform… Continue Reading google-tink
getdocs
Generate a Secure Random Password in Java 1. Introduction In this tutorial, we’ll look at various methods we can use to generate a secure random password in Java. In our examples, we’ll be generating ten-character passwords, each with a minimum of two lower case characters, two uppercase characters, two digits,… Continue Reading java-generate-secure-password
getdocs
Hashing a Password in Java 1. Overview In this tutorial, we’ll be discussing the importance of password hashing. We’ll take a quick look at what it is, why it’s important, and some secure and insecure ways of doing it in Java. 2. What’s Hashing? Hashing is the process of generating… Continue Reading java-password-hashing
getdocs
Introduction to BouncyCastle with Java Security 1. Overview BouncyCastle is a Java library that complements the default Java Cryptographic Extension (JCE). In this introductory article, we’re going to show how to use BouncyCastle to perform cryptographic operations, such as encryption and signature. 2. Maven Configuration Before we start working with… Continue Reading java-bouncy-castle
getdocs
Building a Basic UAA-Secured JHipster Microservice Security JHipster 1. Overview In previous articles, we’ve covered the basics of JHipster and how to use it to generate a microservices-based application. In this tutorial, we’ll explore JHipster’s User Account and Authorization service — UAA for short — and how to use it to secure… Continue Reading jhipster-uaa-secured-micro-service
getdocs