Security
-
Software Development
Database Threat Models
I finally have a breather and can start working through my backlog of ideas. I start with some background that…
Read More » -
Software Development
In Favour of Self-Signed Certificates
Today I watched the Google I/O presentation about HTTPS everywhere and read a couple of articles, saying that Google is…
Read More » -
Software Development
Revamping WSO2 API Manager Key Management Architecture around Open Standards
WSO2 API Manager is a complete solution for designing and publishing APIs, creating and managing a developer community, and for…
Read More » -
Software Development
Securing the Insecure
The 33 years old, Craig Spencer returned back to USA on 17th October from Africa after treating Ebola patients. Just…
Read More » -
DevOps
How to use SSH tunneling to get to your restricted servers
Have you ever been told that in your network serverX can only be reached by a serverY via SSH? Now…
Read More » -
Core Java
How to setup custom SSLSocketFactory’s TrustManager per each URL connection
We can see from javadoc that javax.net.ssl.HttpsURLConnection provided a static method to override with setDefaultSSLSocketFory() method. This allow you to…
Read More » -
Software Development
Single Sign-On with the Delegated Access Control Pattern
Suppose a medium-scale enterprise has a limited number of RESTful APIs. Company employees are allowed to access these APIs via…
Read More » -
Software Development
WSO2 Identity Server 5.0.0 Authentication Framework
The WSO2 Identity Server 5.0.0 takes the identity management into a new direction. No more there will be federation silos…
Read More » -
Enterprise Java
Identity Anti-patterns: Federation Silos and Spaghetti Identity
A recent research done by the analyst firm Quocirca confirms that many businesses now have more external users than internal…
Read More »