SSL Handshake Failures 1. Overview Secured Socket Layer (SSL) is a cryptographic protocol which provides security in communication over the network. In this tutorial, we’ll discuss various scenarios that can result in an SSL handshake failure and how to it. Note that our Introduction to SSL using JSSE covers the basics of… Continue Reading java-ssl-handshake-failures

Purging Expired Tokens Generated By The Registration 1. Overview In this tutorial – we’re continuing the ongoing Registration with Spring Security series to setup a scheduled task to purge expired VerificationTokens. During the registration process a VerificationToken is persisted. In this article we will show how to remove these entities.… Continue Reading registration-token-cleanup

An Intro to Vault 1. Overview In this tutorial, we’ll explore Hashicorp’s Vault – a popular tool used to securely manage sensitive information in modern application architectures. The main topics we’ll cover, include: What problem does Vault try to solve Vault’s architecture and main concepts Setup of a simple test… Continue Reading vault

Remote Code Execution with XStream 1. Overview In this tutorial, we’ll dissect a Remote Code Execution attack against the XStream XML serialization library. This exploit falls into the untrusted deserialization category of attacks. We’ll learn when XStream is vulnerable to this attack, how the attack works, and how to prevent… Continue Reading java-xstream-remote-code-execution