Security
-
Enterprise Java
Add RememberMe Authentication With Spring Security
I mentioned in my post Add Social Login to Jiwhiz Blog that the RememberMe function was not working with Spring…
Read More » -
Software Development
Your Password Is No Longer Secret, Part 1
Of course, the title is a trick. Your password is still secret, for now. To be sure that it will…
Read More » -
Software Development
Appsec at RSA 2013
This was my second time at the RSA conference on IT security. Like last year, I focused on the appsec…
Read More » -
Software Development
How To Secure an Organization That Is Under Constant Attack
There have been many recent security incidents at well-respected organizations like the Federal Reserve, the US Energy Department, the New…
Read More » -
Software Development
Why OAuth it self is not an authentication framework ?
Let’s straight a way start with definitions to avoid any confusions. Authentication is the act of confirming the truth of…
Read More » -
Software Development
A brief chronology of SSL/TLS attacks
I haven’t had a substantial post for quite a long time, so it’s time for something useful and interesting. Although…
Read More » -
Software Development
OAuth 2.0 Bearer Token Profile Vs MAC Token Profile
Almost all the implementation I see today are based on OAuth 2.0 Bearer Token Profile. Of course its an RFC…
Read More » -
Groovy
A Grails plugin to bridge Spring Security and Shiro
I started using Spring Security in 2007 when I was tasked with adding security to a Spring/Hibernate application at the…
Read More » -
Enterprise Java
Securing your Tomcat app with SSL and Spring Security
If you’ve seen my last blog, you’ll know that I listed ten things that you can do with Spring Security.…
Read More »
