Home » Archives for Eidher Julian

Author Archives: Eidher Julian

Eidher Julian is a Systems Engineer and Software Engineering Specialist with 13+ years of experience as a Java developer. He is an Oracle Certified Associate and SOA Certified Architect.

Handling Injection Attacks in Java

An injection attack is the insertion of malicious data from the client to the application using SQL or XXE (XML External Entity).It is important to prevent injection attacks because it allows attackers to spoof identity, tamper with existing data, disclosure all the data, destroy the data, become the administrator, etc. SQL Injection If the attacker introduces something like ‘ or ...

Read More »

Handling Cross-Site Scripting (XSS) in Java

Cross-site scripting (XSS) is a type of security vulnerability in web applications where an attacker injects malicious scripts through some kind of user input (like input boxes, URL parameters, HTML headers, etc)It is important to prevent XSS attacks to safeguard the confidentiality, integrity, and availability of the information of the web application. The two main cross-site scripting flaws are reflected ...

Read More »

Testing with Mockito

1) Register MockitoExtension @ExtendWith(MockitoExtension.class) class ObjectTest { static final Long ID = 1L; 2) Create the mock @Mock private ObjectRepo mockRepo; 3) Inject the mock @InjectMocks private ObjectService objectService; @Test void whenfindByIdThenReturnResult() { var objectDAO = new ObjectDAO(); objectDAO.setId(ID); 4) Define the behavior when(mockRepo.findById(any(Long.class))).thenReturn(Optional.of(objectDAO)); 5) Test var result = ObjectService.findById(ID); 6) Verify verify(mockRepo, times(1)).findById(any(Long.class)); 7) Validate assertAll( () -> assertNotNull(result), ...

Read More »

Spring Injection Types

spring-interview-questions-answers

Spring supports three types of dependency injections: Constructor injection @Component public class SecondBeanImpl implements SecondBean { private FirstBean firstBean; @Autowired public SecondBeanImpl(FirstBean firstBean) { this.firstBean = firstBean; } } That is similar to: FirstBean firstBean = new FirstBeanImpl(); SecondBean secondBean = new SecondBeanImpl(firstBean); This type of dependency injection instantiates and initializes the object. In this approach, beans are immutable and ...

Read More »

Jenkins: Automating your delivery pipeline

In this post, we are going to create a Jenkins pipeline for a Java Spring project using Maven and Git: Accessing Jenkins dashboard and configuring Maven in Jenkins: Click on “Manage Jenkins” and then in “Global Tool Configuration” Add a Maven installation and provide a name for it. Click on Save. Creation of our first build job in Jenkins for ...

Read More »

Spring Security

spring-interview-questions-answers

There are many authentication mechanisms (basic, digest, form, X.509, etc), and there are many storage options for credentials and authority information (in-memory, database, LDAP, etc). Authorization depends on authentication and determines if you have the required Authority. The decision process is often based on roles (e.g. ADMIN, MEMBER, GUEST, etc). There are three steps to set up and configure Spring ...

Read More »

Spring MVC REST

spring-interview-questions-answers

Representational state transfer (REST) is an architectural style that describes best practices to expose web services over HTTP, emphasizing performance, scalability, simplicity, modifiability, visibility, portability, and reliability. REST exposes resources through URIs using nouns (not verbs), supporting a limited set of operations (GET, PUT, POST, DELETE). Clients can request particular representations (HTML, XML, JSON, etc) that can link to other ...

Read More »

Spring Boot for war

spring-interview-questions-answers

Spring Boot supports the following embedded servlet containers: Tomcat Jetty Undertow You can use Maven, Gradle, or Ant/Ivy as build tools to generate the jar file. However, you may need to use your own server as WebLogic, Wildfly, JBoss, etc. In that case, you would need to generate a WAR file of your Spring Boot project. To do that you ...

Read More »

Spring Web MVC

spring-interview-questions-answers

Spring MVC is a web framework based on the model–view–controller pattern. It is based on the Spring principles and supports a wide range of server-side rendering technologies as JSP, Thymeleaf, Groovy, among others. Dispatcher Servlet It is a front controller that coordinates all the request handling activities. Delegates to the web infrastructure beans and invokes the user’s web components. It ...

Read More »