It’s the end of the year. Time to look back on what you’ve done, what
you’ve learned, your successes and mistakes, and what you learned from
them. I also like to look at the big picture: not just my team and the
projects that I manage, or even the...
0 replies - 3274 views - 01/06/12 by Jim Bird in Articles
It’s happened – again. A major gaming network has been hacked, compromising millions of users’ information.
0 replies - 3325 views - 11/12/11 by Eric Berg in Articles
OAuth is a wonderful standard: it allows users to give permissions to a third-party service to use theirs accounts on a website; but it works without forcing them to share their password like a phishing website would do.The typical use of OAuth is for...
2 replies - 3546 views - 10/13/11 by Giorgio Sironi in Articles
Just saw this for the first time today: http://cwe.mitre.org/top25/
I'd always relied on this: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
Both are really good lists of security vulnerabilities.
0 replies - 4409 views - 07/17/11 by Steven Lott in News
One thing I’m doing very often and
always searching on the Internet is how to obtain a self-signed SSL
certificate and install it in both my client browsers and my local
Tomcat.
Sure enough there are enough resources available online, but since
it’s a...
10 replies - 7749 views - 07/03/11 by Nicolas Frankel in Articles
This tutorial will walk you through how to configure SSL (https://localhost:8443 access) on Tomcat in 5 minutes.For this tutorial you will need:
Java SDK (used version 6 for this tutorial)Tomcat (used version 7 for this tutorial)
The set up consists in 3...
4 replies - 6672 views - 07/01/11 by Loiane Groner in Articles
A cross-site request forgery (CSRF)
occurs when a hacker takes advantage of the fact that users don't
always log out of the websites and web applications they visit. The
hacker creates a URL or a form on a website they control that passes
valid data to a...
0 replies - 3106 views - 06/13/11 by Brian Swartzfager in News
A couple weeks ago, I wrote a tutorial on how to implement security with Spring Security. The week prior, I wrote a similar tutorial for Java EE 6. This week, I'd like to show you how to implement the same features using Apache Shiro.
2 replies - 6868 views - 05/27/11 by Matt Raible in Articles
Whether you are a web developer or a system administrator, there's no reason to not master the tools of the SSH ecosystem. I don't mean calculating public keys in your head: just to know SSH from the user point of view.As a disclaimer before starting, all my...
7 replies - 8875 views - 02/10/11 by Giorgio Sironi in Articles
According to an unnamed source, Apple could be planning to release three different versions of the iPad 2 next year: Wi-Fi only, UMTS + Wi-Fi, and CDMA. The source was cited by DigiTimes, and also mentioned that Apple may be working on some anti-smudging...
0 replies - 22985 views - 12/30/10 by Mitchell Pronsc... in Daily Dose
I’ve had the opportunity to see many development environments: from
the mature organization with tens of thousands of developers that can
afford to spend millions on dedicated infrastructure teams, to the three
person start-up lacking something as simple...
0 replies - 3465 views - 12/20/10 by Tim O'Brien in Articles
It's been a little more than a year since IntelliJ IDEA 9 was released and a free and open source version of the IDE became available—this turned out to be a great decision. Today, IntelliJ IDEA 10 is here. Along with a 2x speed upgrade for initial...
0 replies - 20967 views - 12/10/10 by Mitchell Pronsc... in Daily Dose
Whether or not you support the leaking of 250,000 embassy cables to the now infamous Wikileaks
website, it certainly makes you think. Whatever business you are in
there always emails or data that would be embarrassing or more likely
harmful to our business...
5 replies - 5701 views - 12/03/10 by Paul Fremantle in News
At Cornell University, researchers have built an extension to Java that incorporates security logic into a program while it's being written. The platform, named "Fabric", replaces the mishmash of security layers and intermittent patches with one...
0 replies - 5618 views - 11/24/10 by Mitchell Pronsc... in Articles
Java compilers translate Java source code into ‘.class’ files, which contain the Java bytecode for the classes. Much of the information about the source code is kept in the class files. Since the appearance of the first Java decompiler , the threat of...
1 replies - 4583 views - 11/23/10 by Mairsh John in Articles
The 
