Security Spring Boot

Spring4Shell

April 4, 2022 – 8:02 pm

The Spring4Shell (CVE-2022-22965) critical severity vulnerability in Spring Framework allows remote code execution (RCE). At time of writing, it can be exploited only in very specific scenarios. However, Spring have made a patch available (Spring Framework version 5.3.18 and 5.2.20) and I strongly advise you to take them, even if you’re not running the exploitable setup.

Read more »
Tags , , , , , | Permalink | Comment (0)
Security Spring Boot

Spring Security delegating password encoder

March 14, 2022 – 3:18 pm

The new DelegatingPasswordEncoder provides support for multiple PasswordEncoder implementations, many of which are available in Spring Boot applications with default configuration. This makes it possible to select an algorithm at run time and to have a database containing password hashes with different algorithms.

Read more »
Tags , , , , , , , , , | Permalink | Comment (0)
How To Testing

Testing Spring reactive WebClient

January 15, 2022 – 3:09 pm

The reactive WebClient does not yet have the mature test support that RestTemplate now has. There is not yet a standard recipe to test Spring WebClient applications. No doubt support will be improved in future versions but for now, here’s what works for me.

Read more »
Tags , , , , , | Permalink | Comment (0)
How To Security

Securing a Zookeeper ensemble

November 30, 2021 – 9:31 pm

Even in secured networks, it’s a good idea to use some of the security features available in Zookeeper. In this post we’ll look at two security mechanisms: mutual TLS (mTLS) and SASL authentication. We’ll set up these security features on the server-server communication (leader election protocols) and client-server communication (Kafta to Zookeeper).

Read more »
Tags , , , , , , | Permalink | Comments (3)
How To

Building a Zookeeper ensemble

October 28, 2021 – 3:52 pm

Some notes on setting up and configuring a Zookeeper ensemble. Many guides use some shortcuts to setting up the ensemble such as running multiple Zookeeper instances on a single machine or running them in Docker. Both require some workarounds to make it work. As a better example, this guide runs three Zookeeper instances across three different VMs.

Read more »
Tags , | Permalink | Comment (1)
How To

Microsoft Bot Framework Part 3: Connect to channels

September 1, 2021 – 12:00 pm

In the first two parts we built a bot using the Microsoft Bot Framework SDK and registered it in Azure. In this third and final part we’ll consume the bot using three of the available Bot Framework Channels: A simple chat component on a web page, SMS text and a fully custom Node.js application.

Read more »
Tags , , , | Permalink | Comment (0)
How To

Microsoft Bot Framework Part 2: Build a bot with Bot Framework SDK

August 7, 2021 – 12:49 pm

In the first part, we created an Azure Bot registration and connected to a demo bot application. In this part we’ll swap out the demo bot for one we’ve built using the Microsoft Bot Framework SDK.

Read more »
Tags , , , | Permalink | Comment (1)
How To

Microsoft Bot Framework Part 1: Create an Azure Bot Resource

July 27, 2021 – 8:33 pm

In this part, I’ll register and configure a bot with Microsoft Azure Bot Service. It might seem odd to start here rather than going straight into the application code. However, getting this step out of the way gives us something simple to play with that works end to end.

Read more »
Tags , | Permalink | Comment (1)
Java Basics

Exception handling in ScheduledExecutorService

May 15, 2021 – 11:03 am

Java’s ScheduledExecutorService allows you to schedule Runnable tasks without having to worry too much about creating Threads. But how do we handle this exception? We have a few options.

Read more »
Tags , , , , , | Permalink | Comment (0)
Uncategorized

The epoch was an hour late

January 1, 2021 – 12:00 am

On the moment that is represented as zero in Unix, C, Java and so many other systems, Big Ben did not strike twelve. At midnight on the 1st January 1970, Big Ben struck one.

Read more »
Tags , , , , | Permalink | Comment (0)

Next Page »

Next Page »