Home » Tag Archives: Security

Tag Archives: Security

Build Secure Single Sign-On with OIDC and JHipster

java-interview-questions-answers

“I love writing authentication and authorization code.” ~ No Web Developer Ever. Tired of building the same login screens over and over? Try the Okta API for hosted authentication, authorization, and multi-factor auth. Devs might not care about single sign-on (SSO) when building one-off applications for clients or themselves. However, when developing apps for their company or consulting on internal ...

Read More »

Secure Your Java App with Spring Security, Thymeleaf, and Okta

spring-interview-questions-answers

Never Build Auth Again – Love building user management? With Okta, you can add social login, multi-factor authentication, and OpenID Connect support to your app in minutes. Create a free developer account today. When you’re building your java app, user management is a critical consideration. It’s common for apps and APIs to partition access to different parts of an application, ...

Read More »

Protecting Sensitive Data

If you are building a service that stores sensitive data, your number one concern should be how to protect it. What IS sensitive data? There are some obvious examples, like medical data or bank account data. But would you consider a dating site database as sensitive data? Based on a recent leaks of a big dating site I’d say yes. ...

Read More »

Using UAA OAuth2 authorization server – client and resource

java-interview-questions-answers

In a previous post I had gone over how to bring up an OAuth2 authorization server using Cloud Foundry UAA project and populating it with some of the actors involved in a OAuth2 Authorization Code flow. I have found this article at the Digital Ocean site does a great job of describing the OAuth2 Authorization code flow, so instead of rehashing what is ...

Read More »

A Case For Native Smart Card Support in Browsers

A smart card is a device that holds a private key securely without letting it out of its storage. The chip on your credit card is a “smart card” (yup, terminology is ambiguous – the card and the chip are interchangeably called “smart card”). There are smaller USB-pluggable hardware readers that only hold the chip (without an actual card – ...

Read More »

Bootstrapping an OAuth2 Authorization server using UAA

A quick way to get a robust OAuth2 server running in your local machine is to use the excellent Cloud Foundry UAA project. UAA is used as the underlying OAUth2 authorization server in Cloud Foundry deployments and can scale massively, but is still small enough that it can be booted up on modest hardware. I will cover using the UAA in two ...

Read More »

Tutorial: Build an Android Application with Secure User Authentication

Building Identity Management, including authentication and authorization? Try Stormpath! Our REST API and robust Java SDK support can eliminate your security risk and can be implemented in minutes. Sign up, and never build auth again! In this tutorial, we will build a simple Android app that stores user generated notes remotely, with user authentication managed by Stormpath and our new ...

Read More »

How to Secure Elasticsearch and Kibana

Introduction Elasticsearch (ES) is a search engine based on Lucene. It provides a distributed, multitenant-capable, full-text search engine with an HTTP web interface and schema-free JSON documents. Kibana is an open source data visualization plugin for Elasticsearch. It provides visualization capabilities on top of the content indexed on an Elasticsearch cluster. Users can create bar, line, and scatter plots, or pie charts and maps on top of large volumes of data. ...

Read More »