background preloader


Facebook Twitter

Spring Security – Reset Your Password. 1.

Spring Security – Reset Your Password

Overview In this tutorial – we’re continuing the ongoing Registration with Spring Security series with a look at the basic “I forgot my password” feature – so that the user can safely reset their own password when they need to. 2. The Password Reset Token. 2.x Documentation. CronTrigger is often more useful than SimpleTrigger, if you need a job-firing schedule that recurs based on calendar-like notions, rather than on the exactly specified intervals of SimpleTrigger.

2.x Documentation

With CronTrigger, you can specify firing-schedules such as “every Friday at noon”, or “every weekday and 9:30 am”, or even “every 5 minutes between 9:00 am and 10:00 am on every Monday, Wednesday and Friday during January”. Even so, like SimpleTrigger, CronTrigger has a startTime which specifies when the schedule is in force, and an (optional) endTime that specifies when the schedule should be discontinued. Cron Expressions Cron-Expressions are used to configure instances of CronTrigger. Cron-Expressions are strings that are actually made up of seven sub-expressions, that describe individual details of the schedule.

Seconds Minutes Hours Day-of-Month Month Day-of-Week Year (optional field) Spring Security’s CSRF protection for REST services: the client side and the server side – Codes And Notes. Following my previous article regarding REST security, I have decided to further push my exploration of CSRF implementation in the case of web clients talking to REST services.

Spring Security’s CSRF protection for REST services: the client side and the server side – Codes And Notes

The example code resulting from those tests can be found on GitHub. But first… CSRF (Cross-Site Request Forgery) protection is important and should be mandatory for all applications with a minimum of concern about web security. The protection uses a clever trick (the Synchronizer Token Pattern) to ensure that your requests, the ones that modify stuff on the server-side, are not fakes emitted by a third party. Java - CSRF token expires during login. DBCP - BasicDataSource Configuration. NOTE: If maxIdle is set too low on heavily loaded systems it is possible you will see connections being closed and almost immediately new connections being opened.

DBCP - BasicDataSource Configuration

This is a result of the active threads momentarily closing connections faster than they are opening them, causing the number of idle connections to rise above maxIdle. The best value for maxIdle for heavily loaded system will vary but the default is a good starting point. This component has also the ability to pool PreparedStatements. When enabled a statement pool will be created for each Connection and PreparedStatements created by one of the following methods will be pooled: public PreparedStatement prepareStatement(String sql) public PreparedStatement prepareStatement(String sql, int resultSetType, int resultSetConcurrency) NOTE - Make sure your connection has some resources left for the other statements.

Scheduled Jobs with Custom Clock Processes in Java with Quartz and RabbitMQ. Last updated 05 February 2016 There are numerous ways to schedule background jobs in Java applications.

Scheduled Jobs with Custom Clock Processes in Java with Quartz and RabbitMQ

This article will teach you how to setup a Java application that uses the Quartz library along with RabbitMQ to create a scalable and reliable method of scheduling background jobs on Heroku. Many of the common methods for background processing in Java advocate running background jobs within the same application as the web tier. (Ab)using Java 8 FunctionalInterfaces as Local Methods. If you’re programming in more advanced languages like Scala or Ceylon, or even JavaScript, “nested functions” or “local functions” are a very common idiom to you.

(Ab)using Java 8 FunctionalInterfaces as Local Methods

For instance, you’ll write things like fibonacci functions as such: (Question from Stack Overflow by Aaron Yodaiken) The f() function contains a nested g() function, which is local to the scope of the outer f() function. In Java, there is no way to create a local function like this, but you can assign a lambda expression to a local variable and use that instead. The above example can be translated to the following Java code: Security 4.0.4 Released. Boot 1.3.3 and 1.4.0.M1 available now.

Sleepless in Salt Lake City: Spring Security - Stateless Cookie Based Authentication with Java Config. It has been security time for me recently at work, single sign on and the likes.

Sleepless in Salt Lake City: Spring Security - Stateless Cookie Based Authentication with Java Config

While at it, I stumbled upon my favorite framework Spring and its offering Spring Security. In the words of the creators of the framework, "Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications". Spring Security form login using database.

In this tutorial, we will show you how to perform database authentication (using both XML and Annotations) in Spring Security.

Spring Security form login using database

Technologies used : Accessing Data with JPA. Spring Data JPA focuses on using JPA to store data in a relational database.

Accessing Data with JPA

Its most compelling feature is the ability to create repository implementations automatically, at runtime, from a repository interface. To see how this works, create a repository interface that works with Customer entities: src/main/java/hello/ Retrieve User Information In Spring Security. 1.

Retrieve User Information In Spring Security

Overview. Spring Boot Security Application - Bartosz Kielczewski. Spring Security had some opinions of being complicated to use. Well, of course it's quite complicated when you look at it, as its scope covers a lot of use-cases. Troubleshooting Memory Issues in Java Applications. Last updated 26 February 2016 Tuning the memory use of your application requires understanding both how Java uses memory and how you can gain visibility into your application’s memory use. JVM memory usage The JVM uses memory in a number of different ways. The primary, but not singular, use of memory is in the heap. Outside of the heap memory is also consumed in Metaspace, and the stack. Oracle: Java 9 will understand dependencies.

The upcoming modularization of Java will be transformative for the platform, but developers can take solace in that they still have a year before it officially arrives, an Oracle official reasoned this week. Based on Project Jigsaw, Java modularization will happen in Java SE Development Kit 9, which is due in March 2017. "If the watchword for JDK 8 was 'functional,' then the watchword for JDK 9 is 'transitive,'" said Alex Buckley, with the Java platform group at Oracle, during a presentation at a Silicon Valley Java User Group meeting. The new watchword refers to the promise that the forthcoming JDK will understand dependencies across modules, and will attempt to resolve these "transitive" dependencies at compile or launch time. "Modules are about shapes of programs in the large. We deal with classes and packages and get bigger from there," Buckley said. 2. JPA Repositories.

The JPA module of Spring Data contains a custom namespace that allows defining repository beans. It also contains certain features and element attributes that are special to JPA. Generally the JPA repositories can be set up using the repositories element: Example 2.1. Setting up JPA repositories using the namespace.