Security
-
Software Development
OAuth 2.0 Bearer Token Profile Vs MAC Token Profile
Almost all the implementation I see today are based on OAuth 2.0 Bearer Token Profile. Of course its an RFC…
Read More » -
Groovy
A Grails plugin to bridge Spring Security and Shiro
I started using Spring Security in 2007 when I was tasked with adding security to a Spring/Hibernate application at the…
Read More » -
Enterprise Java
Securing your Tomcat app with SSL and Spring Security
If you’ve seen my last blog, you’ll know that I listed ten things that you can do with Spring Security.…
Read More » -
Core Java
Using Cryptography in Java Applications
This post describes how to use the Java Cryptography Architecture (JCA) that allows you to use cryptographic services in your…
Read More » -
Enterprise Java
SQL Injection in Java Application
In this post we will discuss what is an SQL Injection attack. and how its may affect any web application its…
Read More » -
Enterprise Java
Database Encryption Using JPA Listeners
I recently had to add database encryption to a few fields and discovered a lot of bad advice out there.…
Read More » -
Core Java
Database and Webapp Security
Threat Model This is a discussions on database and webapp security loosely based on the quick reference page on my…
Read More » -
Enterprise Java
Permissions in OSGi
In a previous post, we looked at implementing a sandbox for Java applications in which we can securely run mobile…
Read More » -
Core Java
Sandboxing Java Code
In a previous post, we looked at securing mobile Java code. One of the options for doing so is to…
Read More »
