Skip to main content

Posts

Showing posts from 2014

Basic HTTP Authentication for REST Web Service

Basic HTTP authentication solve following security problems. Get username and password from http requestFetch the applicable method security detailsVerify if user is authorized to access the APIReturn valid error codes in case of invalid access In this tutorial, we show you how to develop a simple RESTfull web service application with HTTP basic authentication using Cuubez framwork. Technologies and Tools used in this article: cuubez 1.1.1JDK 1.6Tomcat 6.0Maven 3.0.3Intellij IDEA 13.1.1 Note: If you want to know what and how REST works, just search on Google, ton of available resources.
1. Directory Structure This is the final web project structure of this tutorial.
2. Standard Web Project Create a standard Maven web project structure.
mvn archetype:generate -DgroupId=com.cuubez -DartifactId=basic_authentication -DarchetypeArtifactId=maven-archetype-webapp -DinteractiveMode=false Note: To support IntelliJ IDEA, use Maven command : mvn idea:idea
3. Project Dependencies Cuubez is published …

Embedded jetty for JAXRS

In this tutorial, we show you how to develop a simple RESTfull web service application with embedded jetty server using cuubez framwork. Technologies and Tools used in this article: cuubez 1.1.1JDK 1.7Maven 3.0.3Intellij IDEA 13.1.1Note: If you want to know what and how REST works, just search on Google, ton of available resources. 1. Directory Structure This is the final web project structure of this tutorial. 2. Standard Java Project Create a standard Maven java project structure mvn archetype:generate -DgroupId=com.cuubez -DartifactId=cuubez-jetty -DarchetypeArtifactId=maven-archetype-quickstart -DinteractiveMode=false
Note: To support IntelliJ IDEA, use Maven command : mvn idea:idea3. Project Dependencies Following maven dependencies should add to the pom.xml file. File : pom.xml

<dependency> <groupId>com.cuubez</groupId> <artifactId>cuubez-core</artifactId> <version>1.1.1</version> </dependency> <dependency> …

Cuubez Rest framework sample application

In this tutorial, we show you how to develop a simple REST web application with Cuubez. Technologies and Tools used in this article: Cuubez 1.0.0JDK 1.6Tomcat 6.0Maven 3.0.3Intellij IDEA 13.1.1 Note If you want to know what and how REST works, just search on Google, ton of available resources. 1. Directory Structure This is the final web project structure of this tutorial. 2. Standard Web Project Create a standard Maven web project structure
.
mvn archetype:generate -DgroupId=com.cuubez -DartifactId=Employee-example -DarchetypeArtifactId=maven-archetype-webapp -DinteractiveMode=false Note To support IDEA, use Maven command :

mvn idea:idea

3. Project Dependencies Cuubez is published in Maven repository. To develop cuubez REST application , just declares cuubez-core in Maven pom.xml. File : pom.xml

<dependencies> <dependency> <groupId>com.cuubez</groupId> <artifactId>cuubez-core</artifactId> <version>1.0.0</version>…

Heartbleed

Heartbleed is the vulnerable which is identifying in very famous TSL level security library call OpenSSL. It is widely used to implement TSL level security. Heartbleed is effecting if user using vulnerable OpenSSL instance for the client side or server side. Note that only the number of OpenSSL version are reported as an effected by vulnerability.
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerableOpenSSL 1.0.1g is NOT vulnerableOpenSSL 1.0.0 branch is NOT vulnerableOpenSSL 0.9.8 branch is NOT vulnerableOpenSSL 0.9.7 branch is NOT vulnerable
CVE-2014-0160 is the official name for this vulnerability. These vulnerability names are maintain by the CVE (http://cve.mitre.org/)

What actually happened?
When Heartbleed is exploited it leads to the leak of memory information from the server to the client and from client to the server side. RFC6520 is for the transport layer security (TLS) and datagram transport layer security (DTLS). RFC6520 heartbeat extension is providing link to send heartb…