Security
-
Enterprise Java
Java JAAS form based authentication
Implementing a login module using JAAS is an of advance topic and also most of the developers have rare chance…
Read More » -
Enterprise Java
Apache Shiro Part 3 – Cryptography
Besides securing web pages and managing access rights Apache Shiro does also basic cryptography tasks. The framework is able to:…
Read More » -
Enterprise Java
Apache Shiro Part 2 – Realms, Database and PGP Certificates
This is second part of series dedicated to Apache Shiro. We started previous part with simple unsecured web application. When…
Read More » -
Enterprise Java
Apache Shiro Part 1 – Basics
Apache Shiro, originally called JSecurity, is Java security framework. It was accepted and became Apache top level project in 2010.…
Read More » -
Core Java
Secure Password Storage – Don’ts, dos and a Java example
The importance of storing passwords securely As software developers, one of our most important responsibilities is the protection of our…
Read More » -
Software Development
Building security into a development team
Getting application developers to understand and take responsibility for software security is difficult. Bootstrapping an Appsec program requires that you…
Read More » -
Software Development
AppSensor – Intrusion Detection
Imagine that you have created a nice web application and secured it to your best. Users came, used it and…
Read More » -
Software Development
Application Security at Scale
This week’s SANS AppSec conference in Las Vegas took on Application Security at Scale: how can we scale application security…
Read More » -
Core Java
Secure Encryption in Java
Last time I wrote about cryptography, I outlined Apache Shiro crypto API and shown how to use its two symmetric…
Read More »
