Tag Archives: Security

Protecting Service Methods with Spring Security Annotations

Any class or method can be protected with Spring Security using either AOP interceptors or expression based annotations on the class or method.

Preventing XSS Vulnerabilities in Web Frameworks

The protection offered by web frameworks is only useful if it is enabled. On several occasions I’ve seen developers explicitly disable the ‘safe’ output mechanisms provided by the framework.

Web service testing with soapUI

soapUI is an essential free tool for testing SOAP and other web service protocols. It was particularly useful for testing the SpannersWS demo as it works well with WSS.

Spring-WS and Security

Security mechanisms are notoriously difficult to implement. By their nature they’re designed to prevent something from working unless it is used exactly correctly. Having Spring-WS do the heavy lifting makes our application far more likely to work and far more likely to be secure.