Recent Posts

Links

  • 1. Sogeti
  • 2. JBoss
  • 3. IBM
  • 4. Oracle
  • 5. SpringSource
  • 6. NL-JUG
  • 7. Java

Archives

Syndication  RSS 2.0

RSS 1.0
RSS 2.0

Bookmark this site

Add 'JCN Blog' site to delicious  Add 'JCN Blog' site to technorati  Add 'JCN Blog' site to digg  Add 'JCN Blog' site to dzone

Posted by jcn at 9:57 on Tuesday 12 August    Add 'Security vulnerabilities found in open source Java projects' site to delicious  Add 'Security vulnerabilities found in open source Java projects' site to technorati  Add 'Security vulnerabilities found in open source Java projects' site to digg  Add 'Security vulnerabilities found in open source Java projects' site to dzone

Op de serverside wordt gesproken over “software vendor Fortify Software claims that a wide variety of vulnerabilities in projects such as Struts, Hibernate, and Geronimo”. Ook het Spring framework bevat security issues. Op searchsoftwarequality.com wordt gesproken over “Critical security issues found in the Spring Framework”en “Keith Donald, principal software engineer at SpringSource, said they are working with security experts at Ounce Labs to raise awareness within the Spring community of these two issues.

http://www.theserverside.com/news/thread.tss?thread_id=50237

http://searchsoftwarequality.techtarget.com/news/article/0,289142,sid92_gci1321417,00.html

Tags: , ,

Posted by Ruud Steeghs at 10:08 on Monday 10 September    Add 'Webservices zonder webserver!' site to delicious  Add 'Webservices zonder webserver!' site to technorati  Add 'Webservices zonder webserver!' site to digg  Add 'Webservices zonder webserver!' site to dzone

In dit artikel wordt ingegaan over hoe je HTTP webservices kunt gebruiken zonder daarvoor een (commerciele) webserver voor nodig te hebben. In bepaalde situaties uitermate krachtig!

Tags:

Posted by Hans-Jürgen Jacobs at 11:42 on Tuesday 19 June    Add 'Layered Architecture, Dependency Injection, and Dependency Inversion' site to delicious  Add 'Layered Architecture, Dependency Injection, and Dependency Inversion' site to technorati  Add 'Layered Architecture, Dependency Injection, and Dependency Inversion' site to digg  Add 'Layered Architecture, Dependency Injection, and Dependency Inversion' site to dzone

Building loosely coupled application architectures requires more than just separating your application into different layers. [devx.com]

Tags:

Posted by Hans-Jürgen Jacobs at 20:46 on Thursday 7 June    Add 'Flex and JavaFX' site to delicious  Add 'Flex and JavaFX' site to technorati  Add 'Flex and JavaFX' site to digg  Add 'Flex and JavaFX' site to dzone

In this interview with Artima, James Ward, Adobe’s Flex and Apollo evangelist, shares Adobe’s response to JavaFX, and highlights some similarities and differences between Flex and JavaFX. [artima.com] [Podcast]

Tags: ,

Posted by Ruud Steeghs at 14:01 on Wednesday 25 April    Add 'RUP for SOA' site to delicious  Add 'RUP for SOA' site to technorati  Add 'RUP for SOA' site to digg  Add 'RUP for SOA' site to dzone

The Rational Unified Process for Service-Oriented Modeling and Architecture (RUP / SOMA) extends the RUP and adds steps, tasks and concepts for identifying, specifying and realizing services in a SOA. read more

Tags:

Posted by Eric Gunnewegh at 8:59 on Tuesday 20 March    Add 'WADL REST API description language getting some attention' site to delicious  Add 'WADL REST API description language getting some attention' site to technorati  Add 'WADL REST API description language getting some attention' site to digg  Add 'WADL REST API description language getting some attention' site to dzone

To define and describe a web-service API, many developers would use WSDL. Although WSDL is meant to be extensible to any protocol and message format, most people use it for HTTP GET/POST and SOAP, when writing to WS-* standards. On the other hand, developers writing a REST API using XML over HTTP typically don’t use WSDL, or any other standardized definition/description of the API. There will usually be some kind of human-readable documentation, but that’s as far as it goes.

See infoq.com

Tags:

Posted by Barend Garvelink at 11:39 on Friday 9 March    Add 'Over tokens, impersonation, delegation en WS-Trust' site to delicious  Add 'Over tokens, impersonation, delegation en WS-Trust' site to technorati  Add 'Over tokens, impersonation, delegation en WS-Trust' site to digg  Add 'Over tokens, impersonation, delegation en WS-Trust' site to dzone

Gunnar Peterson schrijft op zijn security blog een stukje over identity, tokens en impersonation.

Het gaat hier om de problematiek van het doorgeven van gebruikerscredentials in een gedistribueerd systeem. Bijvoorbeeld: GUI roept service aan, service roept vervolgservice aan; vervolgservice roept nog weer iets aan waarbij hij de credentials van de gebruiker nodig heeft.

Hoe zorg je nou dat die op een verantwoorde manier door je hele keten heen bij dat systeem terechtkomen? De posting linkt naar diverse achtergrondartikelen en al met al is het waardevolle "food for thought".

[On the road to delegation - learning from QMail]

Tags: ,

Posted by Hans-Jürgen Jacobs at 11:10 on Wednesday 7 March    Add 'Web Services Standards Overview poster' site to delicious  Add 'Web Services Standards Overview poster' site to technorati  Add 'Web Services Standards Overview poster' site to digg  Add 'Web Services Standards Overview poster' site to dzone

innoQ has released a new version of their Web Services Standards Overview poster, covering more than 60 specifications and standards. [infoq.com]

In Europe, we can mail you a paper copy (in DIN A0 format) via snail mail at the cost of shipping; [innoq.com]


Tags: ,

Posted by Hans-Jürgen Jacobs at 10:53 on Tuesday 27 February    Add '10 Principles of SOA' site to delicious  Add '10 Principles of SOA' site to technorati  Add '10 Principles of SOA' site to digg  Add '10 Principles of SOA' site to dzone

In this article, InfoQ’s Stefan Tilkov, consultant at innoQ, proposes 10 principles to serve as a basis for SOA discussions. The list starts with Don Box’s four tenets (service with explicit boundaries, shared contract and schema, policy-driven, and autonomous) and expands them to include wire formats, document orientation, loose coupling, standards compliance, vendor independence, and metadata. [infoq.com]

Tags:

Posted by Barend Garvelink at 14:17 on Tuesday 13 February    Add 'Artikel: Security Concepts, Challenges, and Design Considerations for Web Services Integration' site to delicious  Add 'Artikel: Security Concepts, Challenges, and Design Considerations for Web Services Integration' site to technorati  Add 'Artikel: Security Concepts, Challenges, and Design Considerations for Web Services Integration' site to digg  Add 'Artikel: Security Concepts, Challenges, and Design Considerations for Web Services Integration' site to dzone

Via het weblog van Gunnar Peterson kwam ik bij een artikel over het beveiligen van een webservices architectuur. Het behandelt een breed scala aan threats, tegenmaatregelen en standaards.

Security Concepts, Challenges, and Design Considerations for Web Services Integration

Tags: , ,

« Older Entries

© 2013 Java Competence Network. All Rights Reserved.