Security
-
DevOps
How to use SSH tunneling to get to your restricted servers
Have you ever been told that in your network serverX can only be reached by a serverY via SSH? Now…
Read More » -
Core Java
How to setup custom SSLSocketFactory’s TrustManager per each URL connection
We can see from javadoc that javax.net.ssl.HttpsURLConnection provided a static method to override with setDefaultSSLSocketFory() method. This allow you to…
Read More » -
Software Development
Single Sign-On with the Delegated Access Control Pattern
Suppose a medium-scale enterprise has a limited number of RESTful APIs. Company employees are allowed to access these APIs via…
Read More » -
Software Development
WSO2 Identity Server 5.0.0 Authentication Framework
The WSO2 Identity Server 5.0.0 takes the identity management into a new direction. No more there will be federation silos…
Read More » -
Enterprise Java
Identity Anti-patterns: Federation Silos and Spaghetti Identity
A recent research done by the analyst firm Quocirca confirms that many businesses now have more external users than internal…
Read More » -
Software Development
Chained Access Delegation Pattern
Suppose a medium-scale enterprise that sells bottled water has a RESTful API (Water API) that can be used to update…
Read More » -
Core Java
Getting A List of Available Cryptographic Algorithms
How do you learn what cryptographic algorithms are available to you? The Java spec names several required ciphers, digests, etc.,…
Read More » -
Software Development
Trust instead of Threats
According to Dr. Gary McGrawâs ground breaking work on software security, up to half of security mistakes are made in…
Read More » -
Software Development
10 things you can do to as a developer to make your app secure: #10 Design Security In
Thereâs more to secure design and architecture besides properly implementing Authentication, Access Control and Logging strategies, and choosing (and properly…
Read More »
