So you've heard about this fabulous JWT and want to implement it into your Spring application? Good, let's see how can be done.
Suppose you receive a SOAP message with a SAML assertion to validate, something like this:
Last day I had a problem with some code randomly executed in a java bean. After nearly a hour searching for a solution I found some old commented code inside an XHTML jsf page. As you may know, commented XHTML are still executed by jsf.
Well, googling a little, I found this great article: JSF2 XHTML facelets comments appearing in output.
Simply put, if you put the following param in the web.xml of your app, the comment will be ignored:
Today I run across a job advertisement here in Italy for a full-time position of java web developer in a "leading business solutions company" (as they said...).
The requirements include (but were not limited to):
Suppose you have two table to join, like these:
Suppose you have your fancy authentication all up and running with Spring Security, but you have to manage also authorization. You don't want to handle permissions based only on the authorities granted to the user, but want something like hasPermission('some_domain', 'permission') to check. This is where the Spring PermissionEvaluator comes into play.
Let's say you have to secure your REST API, but can't or don't want to use a secure connection (why u no use SSL/TLS!?!?), what you can do is implementing a HMAC mechanism to handle authentication.
Last day I was working with a colleague in the development of a mobile app that relies on a rest web service that requires the setting of the Date header in the request (for authentication purposes). No matter how we set it, the request arrived to the web service with a null date header. After much trouble we found that if the date header was valorized after any other header, the request nullifies it. Setting the date before anything else worked like a charm. This strange behaviour happened only on the android application.