Tagged articles

225 articles

Page 3 of 3

Dec 7, 2019 · Information Security

Master Spring Security Exception Handling: From Authentication to Access Denied

This article explains the different exception types in Spring Security, how HTTP status codes map to authentication and authorization failures, and provides concrete implementations of AuthenticationEntryPoint and AccessDeniedHandler that return JSON responses, along with configuration tips for integrating them into a Spring Boot application.

AuthorizationException HandlingJava

0 likes · 8 min read

Master Spring Security Exception Handling: From Authentication to Access Denied

Java Captain

Sep 1, 2019 · Information Security

Integrating Apache Shiro with Spring Boot: Configuration, Session Management, and Permission Control

This tutorial demonstrates how to integrate the lightweight Apache Shiro security framework into a Spring Boot 2.1.5 project, covering environment setup, Maven dependencies, Redis session storage, custom utilities, Shiro configuration, permission annotations, test controllers, and Postman verification.

AuthenticationAuthorizationJava

0 likes · 27 min read

Integrating Apache Shiro with Spring Boot: Configuration, Session Management, and Permission Control

Programmer DD

Aug 26, 2019 · Cloud Native

Mastering Kubernetes RBAC: From Basics to Advanced Auditing Tools

This article explains Kubernetes RBAC fundamentals, demonstrates how to create roles, bindings, and service accounts, and introduces practical auditing commands and tools such as kubectl can‑i, who‑can, rakkess, rback, and RBAC‑View, helping you secure clusters with least‑privilege policies.

AuditingAuthorizationKubernetes

0 likes · 12 min read

Mastering Kubernetes RBAC: From Basics to Advanced Auditing Tools

360 Quality & Efficiency

Aug 15, 2019 · Information Security

Understanding the OAuth Authorization Flow Using a WeChat Login Example

This article explains the OAuth authorization process, illustrating how a third‑party app like a WeChat‑based login requests user permission, obtains a code, exchanges it for an access token, and uses that token to access user data, while highlighting token expiration and business‑scenario applications.

AuthorizationOAuthWeChat

0 likes · 4 min read

Understanding the OAuth Authorization Flow Using a WeChat Login Example

Programmer DD

Aug 10, 2019 · Information Security

Secure Your Spring Boot App with Apache Shiro: Auth, Authz, and Redis

This article walks through integrating Apache Shiro into a Spring Boot project to handle authentication, authorization, session management, and caching, including custom realms, Redis-backed sessions, and cache managers, while providing detailed code examples and configuration guidance.

Apache ShiroAuthenticationAuthorization

0 likes · 20 min read

Secure Your Spring Boot App with Apache Shiro: Auth, Authz, and Redis

macrozheng

May 15, 2019 · Information Security

Implement Login, Registration and JWT Authentication in Spring Boot

This tutorial walks through building a Spring Boot backend with user registration, login, JWT token generation, Swagger UI configuration, and method-level permission annotations, providing complete code examples and step‑by‑step instructions for secure authentication and authorization.

AuthorizationBackendSpring Boot

0 likes · 13 min read

Implement Login, Registration and JWT Authentication in Spring Boot

macrozheng

May 13, 2019 · Backend Development

How to Secure a Spring Boot API with Spring Security and JWT

This tutorial shows how to integrate Spring Security and JWT into a Spring Boot backend to implement user login and authorization, configure Swagger‑UI to automatically include the token, and provides all necessary code snippets, configuration files, and utility classes for a complete authentication solution.

AuthorizationBackendJava

0 likes · 21 min read

How to Secure a Spring Boot API with Spring Security and JWT

Weimob Technology Center

Dec 28, 2018 · Mobile Development

12 Must‑Know Mini Program Tips to Avoid Common Pitfalls

Discover essential solutions for common WeChat Mini Program challenges—including plugin relative paths, generating QR codes, swiper current reset, template message limits, subpackage size rules, retrieving unionId, H5‑MiniProgram navigation, canvas overlay handling, image sharing ratios, authorization flows, and data binding constraints.

AuthorizationCanvasQR code

0 likes · 7 min read

12 Must‑Know Mini Program Tips to Avoid Common Pitfalls

Tencent Cloud Developer

Dec 18, 2018 · Information Security

Designing a Relatively Secure Account System: Authentication, Authorization, and Auditing

Designing a relatively secure account system requires integrating strong multi-factor authentication, fine-grained authorization models like RBAC or ABAC, and continuous real-time and offline auditing to mitigate breaches, while recognizing that absolute security is impossible and ongoing vigilance is essential.

AuthenticationAuthorizationaccess control

0 likes · 17 min read

Designing a Relatively Secure Account System: Authentication, Authorization, and Auditing

ITFLY8 Architecture Home

Dec 4, 2018 · Information Security

How to Secure Microservices: From SSO to JWT and OAuth2 Explained

This article explores the evolution of authentication and authorization from monolithic to microservice architectures, comparing traditional session-based methods with modern token solutions like JWT and OAuth2, and provides practical guidance on implementing secure, scalable access control across dozens of services.

AuthorizationJWTMicroservices

0 likes · 18 min read

How to Secure Microservices: From SSO to JWT and OAuth2 Explained

UC Tech Team

Nov 16, 2018 · Information Security

Understanding OAuth Authorization Flow and Grant Types

This article explains the OAuth protocol, its role in providing secure third‑party access to user resources, describes the overall authorization architecture, outlines the involved parties and step‑by‑step flow, and details the four main grant types along with token refresh mechanisms.

APIAuthorizationGrant Types

0 likes · 6 min read

Understanding OAuth Authorization Flow and Grant Types

Java Captain

Oct 14, 2018 · Information Security

Apache Shiro Java Security Framework Overview and Integration Guide

This article introduces Apache Shiro as a powerful Java security framework, explains its core components such as Subject, SecurityManager, Authenticator, Authorizer, Realm, SessionManager, CacheManager and Cryptography, and provides step‑by‑step integration instructions with Maven, XML configuration, custom realm code, controller logic and JSP tag usage.

Apache ShiroAuthorizationJava Security

0 likes · 10 min read

Apache Shiro Java Security Framework Overview and Integration Guide

Big Data and Microservices

Jul 23, 2018 · Information Security

Understanding Apache Shiro: Core Concepts and Architecture Explained

This article introduces Apache Shiro, a lightweight Java security framework, and explains its three core concepts—Subject, SecurityManager, and Realms—while detailing the full system architecture including authenticators, authorizers, session management, caching, and cryptography components.

Apache ShiroAuthenticationAuthorization

0 likes · 5 min read

Understanding Apache Shiro: Core Concepts and Architecture Explained

Java Architect Essentials

May 28, 2018 · Information Security

How to Secure RESTful APIs: Authentication, Encryption, and Authorization Strategies

This guide explains the three core pillars of RESTful API security—client authentication, data encryption, and post‑authentication authorization—detailing practical methods such as signature keys, HTTP Basic/Digest, OAuth, SSL, selective encryption with salts, and role‑based access control.

AuthenticationAuthorizationHTTP Digest

0 likes · 4 min read

How to Secure RESTful APIs: Authentication, Encryption, and Authorization Strategies

Java Captain

Apr 27, 2018 · Information Security

Integrating Apache Shiro with Spring MVC: Detailed Example and Configuration Guide

This article provides a step‑by‑step tutorial on using Apache Shiro for authentication, authorization, session management and encryption in a Java web project, covering Maven dependencies, custom Realm implementation, Spring XML configuration, servlet filter setup, controller logic, JSP login page, demo screenshots and common pitfalls.

Apache ShiroAuthorizationJava Security

0 likes · 17 min read

Integrating Apache Shiro with Spring MVC: Detailed Example and Configuration Guide

21CTO

Jan 11, 2018 · Information Security

What Is Permission? Uncovering the Core of Access Control

This article explains the fundamental nature of permissions as limited authorized access to protected resources, defines what constitutes a resource in software, outlines permission classifications by method and layer, describes the control model using receptor‑ligand analogy, and summarizes the three core components of a permission system.

AuthorizationSoftware Securityaccess control

0 likes · 7 min read

What Is Permission? Uncovering the Core of Access Control

Programmer DD

Jan 2, 2018 · Information Security

Understanding Spring Security Architecture: Authentication, Authorization, and Filter Chains

This guide provides a deep dive into Spring Security's architecture, explaining how authentication and authorization are separated, how the AuthenticationManager and AccessDecisionManager work, how web filter chains are organized, and how to apply method‑level security and thread‑local context handling in Java applications.

AuthenticationAuthorizationFilter Chain

0 likes · 17 min read

Understanding Spring Security Architecture: Authentication, Authorization, and Filter Chains

Architecture Digest

Jan 2, 2018 · Information Security

Understanding the Essence of Permissions: Resources, Access, and Authorization Models

This article explains the fundamental nature of permissions as limited licensed access to protected resources, defines what constitutes a resource in software, outlines resource identification and limitation, and describes permission classifications, control models, and authorization mechanisms such as role‑based access.

AuthorizationPermissionsResource Management

0 likes · 7 min read

Understanding the Essence of Permissions: Resources, Access, and Authorization Models

dbaplus Community

Sep 9, 2017 · Information Security

Why MongoDB Nodes Are Getting Hijacked and How to Secure Them

The article examines the widespread exposure of MongoDB instances on default ports, outlines how attackers hijack them, and provides concrete steps—including enabling authentication, configuring role‑based access, encrypting traffic, and limiting network exposure—to secure MongoDB deployments.

AuthenticationAuthorizationMongoDB

0 likes · 7 min read

Why MongoDB Nodes Are Getting Hijacked and How to Secure Them

Architecture Digest

Sep 5, 2017 · Information Security

Security Authentication and Authorization Strategies for Microservice Architecture

This article examines the challenges of securing microservice architectures and compares various authentication and authorization approaches—including SSO, distributed sessions, client‑token schemes, JWT, and OAuth 2.0—to help developers choose suitable solutions for efficient and fine‑grained access control.

AuthenticationAuthorizationJWT

0 likes · 15 min read

Security Authentication and Authorization Strategies for Microservice Architecture

StarRing Big Data Open Lab

Sep 1, 2017 · Information Security

How Guardian 5.0 Reinvents Big Data Security with an Enhanced ARBAC Model

Guardian 5.0 introduces a comprehensive security solution for the TDH big‑data platform, featuring LDAP/Kerberos authentication, unified ARBAC authorization, quota management, and multi‑layer architecture, while enhancing data protection and simplifying operations across cloud‑based deployments.

ARBACAuthenticationAuthorization

0 likes · 9 min read

How Guardian 5.0 Reinvents Big Data Security with an Enhanced ARBAC Model

Efficient Ops

Jan 24, 2016 · Information Security

From 1.0 to 3.0: The Evolution and Architecture of Jumpserver Bastion Host

This article chronicles the development milestones, architectural design, and practical lessons learned while building Jumpserver—from its humble 1.0 prototype to the feature‑rich 3.0 release—offering deep insights for developers and security engineers interested in open‑source bastion solutions.

AuthenticationAuthorizationBastion Host

0 likes · 21 min read

From 1.0 to 3.0: The Evolution and Architecture of Jumpserver Bastion Host

Java High-Performance Architecture

Jan 11, 2016 · Frontend Development

Debug WeChat Web Authorization on Your PC with the New Web Dev Tool

The article explains how the newly released WeChat web development tool lets developers debug web authorization flows directly on a computer, eliminating the need to switch between mobile devices and simplifying the testing process.

AuthorizationDebuggingWeChat

0 likes · 3 min read

Debug WeChat Web Authorization on Your PC with the New Web Dev Tool

Java High-Performance Architecture

Oct 29, 2015 · Information Security

How OAuth2 Secures Third‑Party Access: A Complete Guide

OAuth2 provides a secure, open standard that lets third‑party applications obtain limited user access without exposing passwords, using a token‑based flow involving resource owners, clients, resource servers, and authorization servers, illustrated through a step‑by‑step authorization process.

APIAuthorizationOAuth2

0 likes · 4 min read

How OAuth2 Secures Third‑Party Access: A Complete Guide

Architect

Oct 21, 2015 · Backend Development

Introduction to REST API Design and Security Practices

This article explains the fundamentals of REST APIs, outlines HTTP methods, recommends JSON payloads, and details authentication, authorization, URL filtering, encryption, rate limiting, error handling, and other security measures for building robust backend services.

AuthenticationAuthorizationBackend Development

0 likes · 10 min read

Introduction to REST API Design and Security Practices