Intro to the Java SecurityManager 1. Overview In this tutorial, we’ll have a look into Java’s built-in security infrastructure, which is disabled by default. Specifically, we’ll examine its main components, extension points, and configurations. 2. SecurityManager in Action It might be a surprise, but default SecurityManager settings disallow many standard operations:… Continue Reading java-security-manager

Authentication with HttpUrlConnection 1. Overview In this tutorial, we’re going to explore how to authenticate HTTP requests using the HttpUrlConnection class. 2. HTTP Authentication In web applications, servers may require clients to authenticate themselves. Failing to comply usually results in the server returning an HTTP 401 (Unauthorized) status code. There… Continue Reading java-http-url-connection

A Collection of Spring Tutorials Persistence REST Security Series Spring Hibernate JPA I started the REST Security project on GitHub to explore writing an elegant REST Services with the latest and greatest Spring had to offer. That was Spring 3.1 and now Spring 3.2, moving towards Spring 4.0 and 4.1.… Continue Reading this-is-not-your-fathers-spring-a-learning-project

Guide to Google Tink 1. Introduction Nowadays, many developers use cryptographic techniques to protect user data. In cryptography, small implementation errors can have serious consequences, and understanding how to implement cryptography correctly is a complex and time-consuming task. In this tutorial, we’re going to describe Tink – a multi-language, cross-platform… Continue Reading google-tink

Generate a Secure Random Password in Java 1. Introduction In this tutorial, we’ll look at various methods we can use to generate a secure random password in Java. In our examples, we’ll be generating ten-character passwords, each with a minimum of two lower case characters, two uppercase characters, two digits,… Continue Reading java-generate-secure-password

Introduction to BouncyCastle with Java Security 1. Overview BouncyCastle is a Java library that complements the default Java Cryptographic Extension (JCE). In this introductory article, we’re going to show how to use BouncyCastle to perform cryptographic operations, such as encryption and signature. 2. Maven Configuration Before we start working with… Continue Reading java-bouncy-castle

Building a Basic UAA-Secured JHipster Microservice Security JHipster 1. Overview In previous articles, we’ve covered the basics of JHipster and how to use it to generate a microservices-based application. In this tutorial, we’ll explore JHipster’s User Account and Authorization service — UAA for short — and how to use it to secure… Continue Reading jhipster-uaa-secured-micro-service