Authentication

Authentication | News, how-tos, features, reviews, and videos

11 reasons encryption is (almost) dead

Massive leaps in computing power, hidden layers, hardware backdoors -- encrypting sensitive data from prying eyes is more precarious than ever.


HttpClient basic authentication

Basic authentication with HttpClient 4: A simple use case demonstrates preemptive authorization and how to manually set the Authorization header.

Twitter permissions changes frustrate developers

Twitter's new permission model gives users fine-grained control over third-party application access permissions. Developers may scramble to adopt the new protocol, however.

Lamport's one-time password algorithm (or, don't talk to complete strangers!)

The Lamport algorithm provides an elegant scheme for generating and applying one-time passwords, or OTP. Find out how Lamport works, then see it in action with an OTP reference implementation for an extensible, Java-based library.

Adding Authentication Mechanisms to the GlassFish Servlet Container

by Ron Monzillo This tip will show you how to implement and configure new authentication mechanisms in the GlassFish v2 servlet container. GlassFish v2 includes implementations of a number of HTTP layer authentication mechanisms such...

Acegi Security in one hour

If you've been itching to try Acegi Security, here's your chance for a hands-on introduction. Learn how to set up Acegi's authentication and authorization services for any Java-based Web application, using both standard components and...

Simplify directory access with Spring LDAP

Why spend all your time handling checked exceptions, closing resources, and looping through NamingEnumerations when you don't have to? The Spring LDAP framework puts the 'l' (for lightweight) back into LDAP programming with JNDI.

Create an anonymous authentication module

Spam has become one of the biggest menaces on the Web. Many community-based applications force authentication only to distinguish a valid user from an automated spam-bot, which can be overkill in some cases. CAPTCHAs help in...

A Java proxy for MS SQL Server Reporting Services

Generating high-quality print output from a Web application is often difficult because browsers provide only limited control over a document's layout. Adjusting page margins or positioning document elements at a precise location on...

J2EE security: Container versus custom

This article covers the factors to consider when choosing between custom security and J2EE standard security, also known as container security. It briefly covers how each type of security works and then illustrates their differences,...

All that JAAS

Have you ever needed to create a login authentication mechanism for an application? Odds are, you have, and probably more than once, with each new implementation being close, but not identical, to the previous one. For example, one...

US Department of Energy signs on to J2EE

If you architect many secure Web applications, authentication and authorization are always important concerns. Defining an architecture so that users can sign on to many n-tier Web applications only once—regardless of who built...

Breathe intelligence into Java

Java's creator, Sun Microsystems, has failed to seize the initiative to create APIs to support evolutionary programming in Java. Someday, perhaps, Java programmers will have a set of interfaces for attaching machine learning and...

Secure a Web application, Java-style

The string of recent denial-of-service attacks has renewed interest in the security of Internet-based applications. As the Web matures and program functionality increases, the security needs of applications is becoming exceedingly...

An introduction to the URL programming interface

The demand is increasing for universally available networks and devices for personal and corporate use. For example, wouldn't it be useful to be able to get a file from your home system in Australia while you were on a business trip...

In Java we trust

The Java Security API makes it a simple matter to add security and authentication to your application. The result is an application that knows what and whom it can trust. This month, Todd delves into the Java Security API and...

Signed and delivered: An introduction to security and authentication

Whether information arrives as applet or agent, e-mail or e-check, you can ultimately believe its claims, assess its value, or trust its promises only to the extent that you can trust every hand that it passed through. This is the...

Building a bigger sandbox

Java security has always been an issue, especially for networked code. While it has always been possible to develop custom security policies to protect private resources (using Java's security-manager paradigm), this model didn't...

Java Tip 47: URL authentication revisited

The previous tip, Java Tip 46, described how to access a URL that's password-protected from within a Java program, using Java 1.2's new Authenticator class. But what if you and your users are just now moving to Java 1.1? Basically,...

Load More