Blocking Common Attacks using ModSecurity 2.5: Part 3
Source code revelation
Normally, requesting a file with a .php extension will cause mod_php to execute the PHP code contained within the file and then...
Blocking Common Attacks using ModSecurity 2.5: Part 2
Cross-site scripting
Cross-site scripting attacks occur when user input is not properly sanitized and ends up in pages sent back to users. This makes it...
Blocking Common Attacks using ModSecurity 2.5: Part 1
Web applications can be attacked from a number of different angles, which is what makes defending against them so difficult. Here are just a...
Install GNOME-Shell on Ubuntu 9.10 “Karmic Koala”
Remember, these are development builds and preview snapshots, and are still in the early stages. While it appears to be functional (so far) your...
CISSP: Vulnerability and Penetration Testing for Access Control
IT components such as operating systems, application software, and even networks, have many vulnerabilities. These vulnerabilities are open to compromise or exploitation. This creates...
Securing our Applications using OpenSSO in GlassFish Security
An example of such system is integration between an online shopping system, the product provider who actually produces the goods, the insurance company that...
Migration to Spring Security 3
(For more resources on Spring, see here.)
During the course of this article we will:
Review important enhancements in Spring Security 3
Understand configuration changes required in...
Encode your password with Spring Security 3
This article by Peter Mularien is an excerpt from the book Spring Security 3.
In this article, we will:
Examine different methods of configuring password encoding
Understand...
Opening up to OpenID with Spring Security
(For more resources on Spring, see here.)
The promising world of OpenID
The promise of OpenID as a technology is to allow users on the web...
Designing Secure Java EE Applications in GlassFish
Security is an orthogonal concern for an application and we should assess it right from the start by reviewing the analysis we receive from...