Wicket, JBoss, JAAS, LDAP
Call me old-skool, but I don't like pulling in huge frameworks like Acegi for some simple authentication and authorization stuff. This post will show... more »
0 commentsSave Tags: frameworks, java, security
How to fix Uncaught Exception: Permission denied to call method to Location.toString
This annoying error started occurring recently in conjunction with a Flash 9 security update that changed the policy file behavior; this is how to fix... more »
0 commentsSave Tags: flash-flex, how-to, security, web 2.0
A Guide to Cryptography in PHP
This comprehensive guide discusses where to get, how to install, and how to use the various cryptography packages available to enhance the security of... more »
0 commentsSave Tags: frameworks, php, security
JSF PhaseListeners in Action - image rendering, back button, simple security
I am going to show you how to use Java Server Faces phase listeners to do three very common things: rendering images located on the filesystem,... more »
0 commentsSave Tags: frameworks, how-to, java, security
500,000 SQL Injection Attacks this Week
Apparently there have an estimated half-million attacks on different Web sites this week alone. There seems to have been a rush to judgement in trying... more »
0 commentsSave Tags: .net, microsoft, security, server
J2EE Security and JAAS
What is the role of JAAS in J2EE security? Do you think JASS is the underlying security mechanism used in J2EE? This post may be of interest.
0 commentsSave Tags: java, security
How to install RESTful Authentication on a Ruby on Rails 2.0 application
It’s time to upgrade your Rails 2.0 application with user authentication, and we hear that RESTful Authentication is the way to go, but all the... more »
0 commentsSave Tags: frameworks, ruby, security
Obfuscation, Weird Languages, and Code Aesthetics
The standard idea of code aesthetics, when such an idea manifests itself at all, allows for programmers to have elegance and clarity as their... more »
0 commentsSave Tags: c-and-cpp, methodology, other languages, security
SQL Injection Attacks on IIS Web Servers
You may have seen recent reports that have surfaced stating that web sites running on Microsoft’s Internet Information Services (IIS) 6.0 have been... more »
0 commentsSave Tags: .net, security, server
Grails JSecurity Plugin - Quick Start 0.1.x
This guide will quickly get you up and running with a standard setup for your web application's authentication and authorisation needs. Note that... more »
0 commentsSave Tags: frameworks, groovy, security
Grails OpenID Plugin
This plugin provides simple authentication using OpenID. Using OpenID you don't need to store user credentials in your own application, so no... more »
0 commentsSave Tags: frameworks, groovy, security
Grails Authentication plugin released
My mission is to make authentication and authorisation as simple as possible. I just don’t get on with the complexity of Acegi etc, and they just... more »
0 commentsSave Tags: frameworks, groovy, news, security
Cross-site scripting attacks : How to Prevent?
Cross-site scripting (XSS for short) is one of the most common application-level attacks that hackers use to sneak into Web applications. XSS is an... more »
2 commentsSave Tags: security
Pathway from ACEGI to Spring Security 2.0
Formerly called ACEGI Security for Spring, the re-branded Spring Security 2.0 has delivered on its promises of making it simpler to use and improving... more »
0 commentsSave Tags: java, security
5 web development techniques to prevent Google from crawling your HTML forms
5 web development techniques to prevent Google from crawling your HTML forms. do you really want Googlebot messing around in your HTML forms? Probably... more »
1 commentsSave Tags: css-html, perl, php, security
.NET Obfuscators
Obfuscation is the process of scrambling and encrypting software so that it cannot be easily reverse-engineered. The goal is to stop all casual... more »
0 commentsSave Tags: .net, security
Data Encryption and Decryption using DPAPI classes in .NET
This article explains how to use the ProtectMemory and ProtectData classes in System.Security.Cryptography namespace to encrypt and decrypt data by... more »
0 commentsSave Tags: .net, frameworks, security
Your Session Has Timed Out
If you're anything like me, the answer is lots. What's worse is that you're usually kicked out of whatever page context you were working in. You have... more »
0 commentsSave Tags: opinion, security, web design
Method-Level Security in Spring Security 2.0
Spring Security 2.0 was released today. To mark the occasion, I thought I'd write a little blog entry to show how you can use Spring Security to... more »
0 commentsSave Tags: frameworks, java, security
Stop hackers from launching cross-site scripting attacks
Cross-site scripting (XSS) is one of the most common application-level attacks that hackers use to sneak into Web applications. Learn how hackers... more »
0 commentsSave Tags: javascript, news, security, tools
Reviewing Practical PHP Exploitation Techniques
For those who didn’t attend, Rodrigo Marcos discussed his research on hacking PHP sockets for fun and profit. I found the concept very interesting. He... more »
1 commentsSave Tags: php, security
ASP.NET MVC: Securing Your Controller Actions
Many people on the forums want to know how to best protect Actions on their Controller using Forms Authentication. The MVC Team has done a nice job... more »
0 commentsSave Tags: .net, frameworks, security
Three New Security Tutorials Now Available
I've been working on some tutorials for the www.asp.net site on the topics of forms authentication, authorization, membership, and roles. The first... more »
0 commentsSave Tags: .net, security
5 useful url rewriting examples using .htaccess
These are the 5 useful url rewriting examples using .htaccess...
1 commentsSave Tags: how-to, php, security, server
Online Password Manager - Would You Dare Use This Software?
I have a rough sketch of an online password manager application in my head, but I want to hear your opinion about it beforehand. Especially about... more »
4 commentsSave Tags: flash-flex, ria, security
