Useful OpenID Provider for internal installations
I installed the solution on my laptop where my test installation of ESME is running. I was able to register as a new user, receive a OpenID and use... more »
0 commentsSave Tags: open source, security
Battling Web spam
Spam on the Web is one of the biggest threats to a modern Web developer. The "bad guys" become more and more sophisticated every year in how to... more »
2 commentsSave Tags: javascript, news, security, web 2.0
Password Recovery: the good, the bad, and the procedure
bloid 
via blog.kornr.net
The password recovery procedure is a major element of security for any web site that contains a login form or any form of authentication. All too... more »
1 commentsSave Tags: opinion, security, web design
Let *Me* Decide What A Good Password Is!
bloid via joeygibson.com
I have had it with web sites that won’t let me put really secure passwords on my accounts. What do I mean by that? I mean sites that won’t allow... more »
0 commentsSave Tags: opinion, security
OpenID Authenticator for Tomcat
This is a step by step guide which shows how you can write an OpenID Authenticator for Tomact
0 commentsSave Tags: security, server, standards
Seven habits for writing secure PHP applications
Discover the habits PHP developers should get into to implement Web applications that have both characteristics.
0 commentsSave Tags: php, security, trends
WS-SecurityPolicy With PHP
WS-SecurityPolicy specification defines standards for defining security policies for your web service. This post discusses the approaches you can take... more »
0 commentsSave Tags: how-to, php, security, web services
Web Applications and Software Security
bloid via informit.com
Is Web application security commanding too much attention at the expense of other security issues? Gary McGraw argues that by understanding the... more »
0 commentsSave Tags: opinion, security
Rerouting Spring Security 2 Login Page Through a Spring Controller
bloid via mularien.com
Interestingly, a month or so after I posted my 5 Minute Guide to Spring Security 2, a commonly asked question was asked on the Spring forums. I... more »
0 commentsSave Tags: frameworks, java, security
Understanding OpenID
Understanding OpenID - from basics to advanced topics
1 commentsSave Tags: security
OpenID Is Here... Too Bad Users Can't Figure Out How It Works
bloid via webmonkey.com
Imagine a much friendlier internet, one where you only have to remember one password. A place where it’s easy to keep a tight grip on your personal... more »
4 commentsSave Tags: opinion, security, standards, usability
MD5 Encrypt a Password String
Never store passwords as plain text. Here is a simple function that will take a string and make it into an MD5 encryption, making the world a more... more »
2 commentsSave Tags: .net, how-to, security
Why Google Forked OpenID and Other Stories
bloid via 25hoursaday.com
The more I learn about OpenID, the more it reminds me of XML in that it is a suboptimal solution to the primary problem people are using it to solve.... more »
2 commentsSave Tags: opinion, security, standards
Set PHP Values Using .htaccess
Did you know that you can set php.ini values right inside the .htaccess file? It’s actually very easy.
2 commentsSave Tags: php, security, server, tools
Script kiddies have awesome tools
About 10 years ago a friend of mine showed me an exploit. It was written in C and it tried to spawn a shell at a remote host. It seemed pretty cool. I... more »
3 commentsSave Tags: php, security
OpenSSL on WINDOWS
This post explains all the steps you need to create your own CA.
0 commentsSave Tags: security, tools
PHP Tutorials Utopia: 13 Vital PHP skills for every novice PHP developer and solutions
Today, I’m going to write about PHP, The most popular server-side scripting language. There are lots of articles & tutorials online that help novice... more »
0 commentsSave Tags: how-to, php, security, xml
Authgasm released! Rails authentication done right.
bloid via binarylogic.com
The last thing we need is another authentication solution for rails, right? That's what I thought. It was disappointing to find that all of the... more »
3 commentsSave Tags: frameworks, ruby, security
Microsoft Jumps on OpenID Bandwagon
bloid via sitepoint.com
Now is OpenID finally mainstream? Microsoft announced today that it will be enabling all Windows Live ID accounts — of which there are some 420... more »
0 commentsSave Tags: frameworks, microsoft, news, security
Web Application Security Best Practices
Common practices which should be followed to enhance the security of any web application.
2 commentsSave Tags: database, methodology, php, security
Bootstrap PHP code
PHP source code for HTTP requests funneling, used with mvc style web applications and Apache's mod rewrite. Breaks down the uri request and assigns... more »
0 commentsSave Tags: frameworks, php, security, web 2.0
Google App Engine: Announcing HTTPS support for appspot.com!
bloid via googleappengine.blogspot.com
One of the most frequently requested features for App Engine has been HTTPS serving capabilities. Today we're excited to announce that App Engine now... more »
0 commentsSave Tags: announcement, security, server
'Hidden field' Captchas are crazy talk!
I was never a fan of 'hidden field' CAPTCHAs and behaviour from my log files may show that this practice can be considered 'broken'.
0 commentsSave Tags: css-html, security
Unlocking the Secrets of the Java Cryptography ExtensionsBasics
Learn about cryptography and how to encrypt and decrypt data with the Java Cryptography Extension.
1 commentsSave Tags: how-to, java, security
Authentication for GWT based applications on Google App Engine
there is a way to use Java together with Google App Engine: GWT together with python-gwt-rpc. Although python-gwt-rpc has it's own means to allow... more »
0 commentsSave Tags: java, javascript, python, security
