Security
-
Enterprise Java
Google Services Authentication in App Engine, Part 2
In the first part of the tutorial I described how to use OAuth for access/authentication for Google’s API services. Unfortunately, as…
Read More » -
Enterprise Java
Google Services Authentication in App Engine, Part 1
This post will illustrate how to build a simple Google App Engine (GAE) Java application that authenticates against Google as…
Read More » -
Software Development
Where do Security Requirements come from?
One of the problems in building a secure application is that it’s not always clear what the security requirements are…
Read More » -
Software Development
Key Exchange Patterns with Web Services Security
When we have message level security with web services – how we achieve integrity and confidentiality is through keys. Keys…
Read More » -
Enterprise Java
Java JAAS form based authentication
Implementing a login module using JAAS is an of advance topic and also most of the developers have rare chance…
Read More » -
Enterprise Java
Apache Shiro Part 3 – Cryptography
Besides securing web pages and managing access rights Apache Shiro does also basic cryptography tasks. The framework is able to:…
Read More » -
Enterprise Java
Apache Shiro Part 2 – Realms, Database and PGP Certificates
This is second part of series dedicated to Apache Shiro. We started previous part with simple unsecured web application. When…
Read More » -
Enterprise Java
Apache Shiro Part 1 – Basics
Apache Shiro, originally called JSecurity, is Java security framework. It was accepted and became Apache top level project in 2010.…
Read More » -
Core Java
Secure Password Storage – Don’ts, dos and a Java example
The importance of storing passwords securely As software developers, one of our most important responsibilities is the protection of our…
Read More »