Working with XML can be "difficult" in a lot of different situations. But consider the case where your internal system is using JSON for generic data capture, but the external system you need to integrate with is using SOAP? What could be more convoluted that parsing JSON in order to express XML? Well, our group found an elegant way to hide all that complexity.
Monday, November 28, 2011
Sunday, November 6, 2011
The right way to hash passwords with Spring Security
When storing passwords, OWASP recommends using a strong salted hash and applying the hash a minimum of 1000 times. Unfortunately, Spring Security's classes like DaoAuthenticationProvider come out of the box configured to use the PlaintextPasswordEncoder - no hash, no salt, no iterations. To do this right, we need to reconfigure a bit.
Subscribe to:
Posts (Atom)