Introduction In this example I am going to show you how to start your spring boot application on HTTPS protocol. HTTPS is a secured protocol, whereas HTTP is unsecured protocol. So the data passed over the network using HTTPS protocol are generally encrypted data. The application which I am going to build is in the…

Posted in Security Spring Boot Spring MVC

Spring Boot Application Over HTTPS

Introduction Here I will discuss about OWASP top 10 securities considerations in web applications. These applications could be anything from standalone to enterprise to web applications. OWASP is an acronym that stands for Open Web Application Security Project (OWASP) and it is a global community that continuously focuses on the improvement of all types of…

Posted in Security Web

OWASP Top 10 Securities Consideration In Web Applications

In this tutorial I am going to show you how to configure PHP, MySQL, Apache HTTP Server for developing PHP based web applications. You may create PHP based standalone applications or web based applications and you want to run them in development environment before deploying into the production or live environment. I will also show…

Posted in htaccess MySQL PHP Server

How To Configure PHP, MySQL, Apache HTTP Server

Introduction Here in this tutorial I am going to discuss about working principle of content security policy (CSP) in web applications. What if you want to minimize attacks on your website, what if you want to restrict the content to be displayed on your web site for some security reasons, what if you want to…

Posted in Security Server

Working Principle of Content Security Policy (CSP) in Web Applications

Introduction The tutorial, REST over HTTPS with client certificate authentication, will show you how we can use client certificate to handshake with server along with basic authentication for consuming the service. Even you can use header authentication along with client certificate to make more secure. I will create Spring Boot application on Spring REST API…

Posted in Security Spring Boot Spring REST

REST over Https with Client certificate Authentication

Introduction In this post we will see how to secure REST API with JWT authentication using Python Flask. JWT is an acronym for JSON Web Token. In previous example we have seen how to secure REST API using HTTP Basic Authentication which is not recommended for most of the time. Recommended Reading REST API CRUD…

Posted in Flask Python Security

Securing REST API: JWT Authentication using Python Flask

Introduction We will see an example on how to secure REST API using Python Flask. We will create a Python Flask HTTP Basic Authentication. Most of the web services that require authentication accept HTTP Basic Authentication. This is the simplest one, and request supports it straight out of the box. This HTTP basic authentication is…

Posted in Flask Python Security

Securing REST API: Python Flask HTTP Basic Authentication

Introduction Here I am going to show you how to do Gmail SMTP and Security settings for sending email using programming language. You can use any server side technology for sending email using Gmail SMTP server. This example will show you only what configurations you need in order to send email and it does not…

Posted in Email Security

Gmail SMTP and Security settings for sending email

Introduction The tutorial, SOAP over HTTPS with client certificate authentication, will show you how we can use client certificate to handshake with server along with basic authentication for consuming the service. We have also seen how to authenticate by sending authentication information over http headers in SOAP web service but here we will use client…

Posted in Security Spring Boot Spring SOAP

SOAP over HTTPS with Client Certificate Authentication

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasPermission() example in Spring Security. The most useful annotation @PreAuthorize, which decides whether a method can actually be invoked or not based on user’s role and permission. hasRole() method returns true if the current principal has the specified role and hasPermission()…

Posted in REST Security Spring REST Spring Security

@PreAuthorize annotation – hasPermission example in Spring Security

Introduction In this tutorial I will show you an example on @PreAuthorize annotation – hasRole() example in Spring Security. @PreAuthorize is the most useful annotation that decides whether a method can actually be invoked or not based on user’s role. hasRole() method returns true if the current principal has the specified role. By default if…

Posted in REST Security Spring REST Spring Security

@PreAuthorize annotation – hasRole example in Spring Security

Introduction In this tutorial I will discuss how SiteMinder works as an SSO authentication system. This tutorial will give you technical insights of the working principle of SiteMinder system. The Web Application Firewall may integrate with SiteMinder to provide single sign-on and centralized management of web applications using the predefined security policies. It uniquely identifies…

Posted in Security Siteminder

How Siteminder works