Security Archives - Page 4 of 5

java-ssl-handshake-failures

SSL Handshake Failures 1. Overview Secured Socket Layer (SSL) is a cryptographic protocol which provides security in communication over the network. In this tutorial, we’ll discuss various scenarios that can result in an SSL handshake failure and how to it. Note that our Introduction to SSL using JSSE covers the basics of… Continue Reading java-ssl-handshake-failures

Posted on: 2019-10-08 2019-11-19
Author: getdocs
Tags: Java, Security
Leave a comment: java-ssl-handshake-failures

registration-token-cleanup

Purging Expired Tokens Generated By The Registration 1. Overview In this tutorial – we’re continuing the ongoing Registration with Spring Security series to setup a scheduled task to purge expired VerificationTokens. During the registration process a VerificationToken is persisted. In this article we will show how to remove these entities.… Continue Reading registration-token-cleanup

Posted on: 2019-10-08 2019-11-19
Author: getdocs
Tags: Security, Spring
Leave a comment: registration-token-cleanup

sql-injection

SQL Injection and How to Prevent It? 1. Introduction Despite being one of the best-known vulnerabilities, SQL Injection continues to rank on the top spot of the infamous OWASP Top 10’s list – now part of the more general Injection class. In this tutorial, we’ll explore common coding mistakes in Java that… Continue Reading sql-injection

java-gss

A Guide to Java GSS API 1. Overview In this tutorial, we’ll understand the Generic Security Service API (GSS API) and how we can implement it in Java. We’ll see how we can secure network communication using the GSS API in Java. In the process, we’ll create simple client and… Continue Reading java-gss

vault

An Intro to Vault 1. Overview In this tutorial, we’ll explore Hashicorp’s Vault – a popular tool used to securely manage sensitive information in modern application architectures. The main topics we’ll cover, include: What problem does Vault try to solve Vault’s architecture and main concepts Setup of a simple test… Continue Reading vault

java-xstream-remote-code-execution

Remote Code Execution with XStream 1. Overview In this tutorial, we’ll dissect a Remote Code Execution attack against the XStream XML serialization library. This exploit falls into the untrusted deserialization category of attacks. We’ll learn when XStream is vulnerable to this attack, how the attack works, and how to prevent… Continue Reading java-xstream-remote-code-execution

Posted on: 2019-10-08 2019-11-19
Author: getdocs
Tags: Data, Security
Leave a comment: java-xstream-remote-code-execution

java-ee-8-security

Java EE 8 Security API 1. Overview The Java EE 8 Security API is the new standard and a portable way of handling security concerns in Java containers. In this article, we’ll look at the three core features of the API: HTTP Authentication Mechanism Identity Store Security Context We’ll first… Continue Reading java-ee-8-security

spring-schedule-posts-to-reddit

Schedule Post to Reddit with Spring 1. Overview In the earlier parts of this case study, we set up a simple app and an OAuth authentication process with the Reddit API. Let’s now build something useful with Reddit – support for scheduling Posts for latter. 2. The User and the… Continue Reading spring-schedule-posts-to-reddit

Posted on: 2019-10-08 2019-11-19
Author: getdocs
Tags: Security, Spring
Leave a comment: spring-schedule-posts-to-reddit

java-md5

MD5 Hashing in Java 1. Overview MD5 is a widely used cryptographic hash function, which produces a hash of 128 bit. In this article we shall see how will see different approaches to create MD5 hashes using various Java libraries. 2. MD5 Using MessageDigest Class We have a hashing functionality… Continue Reading java-md5

apache-shiro

Introduction to Apache Shiro 1. Overview In this article, we’ll look at Apache Shiro, a versatile Java security framework. The framework is highly customizable and modular, as it offers authentication, authorization, cryptography and session management. 2. Dependency Apache Shiro has many modules. However, in this tutorial, we use the shiro-core… Continue Reading apache-shiro