more and more
Supercharge Java Authentication with JSON Web Tokens (JWTs) Getting ready to build, or struggling with, secure authentication in your Java application? Unsure of the benefits of using tokens (and specifically JSON web tokens), or how they should be deployed? I’m excited to answer these questions, and more, for you in… Continue Reading java-json-web-tokens-jjwt
getdocs
SHA-256 and SHA3-256 Hashing in Java 1. Overview The SHA (Secure Hash Algorithm) is one of the popular cryptographic hash functions. A cryptographic hash can be used to make a signature for a text or a data file. In this tutorial, let’s have a look how we can perform SHA-256 and… Continue Reading sha-256-hashing-java
getdocs
Difference Between a Java Keystore and a Truststore 1. Overview In this quick article, we’ll provide an overview of the differences between a Java keystore and a Java truststore. 2. Concepts In most cases, we use a keystore and a truststore when our application needs to communicate over SSL/TLS. Usually,… Continue Reading java-keystore-truststore-difference
getdocs
Enabling TLS v1.2 in Java 7 1. Overview When it comes to SSL connections, we should be using TLSv1.2. Indeed, it’s the default SSL protocol for Java 8. And while Java 7 supports TLSv1.2, the default is TLS v1.0, which is too weak these days. In this tutorial, we’ll discuss various… Continue Reading java-7-tls-v12
getdocs
HTTPS using Self-Signed Certificate in Spring Boot 1. Overview In this tutorial, we’re going to illustrate step by step an example of enabling HTTPS in a Spring Boot application. We’ll generate a self-signed certificate and configure it in a sample app. For more details on Spring Boot projects, we can… Continue Reading spring-boot-https-self-signed-certificate
getdocs
First Round of Improvements to the Reddit Application 1. Overview The Reddit web application Case Study is moving along nicely – and the small web application is shaping up and slowly becoming usable. In this installment, we’re going to be making small improvements to the existing functionality – some externally… Continue Reading reddit-web-app-improvements-1
getdocs
Introduction to SSL in Java 1. Overview In this tutorial, we’ll introduce SSL and explore how we can use it in Java using JSSE (Java Secure Socket Extension) API. 2. Introduction Simply put, the Secured Socket Layer (SSL) enables a secured connection between two parties, usually clients and servers. SSL provisions… Continue Reading java-ssl
getdocs
Java KeyStore API 1. Overview In this tutorial, we’re looking at managing cryptographic keys and certificates in Java using the KeyStore API. 2. Keystores If we need to manage keys and certificates in Java, we need a keystore, which is simply a secure collection of aliased entries of keys and certificates. We typically… Continue Reading java-keystore
getdocs
The Java SecureRandom Class 1. Introduction In this short tutorial, we’ll learn about java.security.SecureRandom, a class that provides a cryptographically strong random number generator. 2. Comparison to java.util.Random Standard JDK implementations of java.util.Random use a Linear Congruential Generator (LCG) algorithm for providing random numbers. The problem with this algorithm is that it’s… Continue Reading java-secure-random
getdocs
The Basics of Java Security 1. Overview In this tutorial, we’ll go through the basics of security on the Java platform. We’ll also focus on what’s available to us for writing secure applications. Security is a vast topic that encompasses many areas. Some of these are part of the language… Continue Reading java-security-overview
getdocs