Tagged articles

2152 articles

Page 12 of 22

Dec 12, 2022 · Backend Development

Designing Secure, Reliable APIs: Signatures, Encryption, Rate Limiting & More

Learn how to design robust, secure API interfaces by implementing signatures, encryption, IP whitelists, rate limiting, parameter validation, unified responses, exception handling, logging, idempotency, request size limits, load testing, asynchronous processing, data masking, and comprehensive documentation to ensure stability and safety.

DocumentationIdempotencyapi-design

0 likes · 15 min read

Designing Secure, Reliable APIs: Signatures, Encryption, Rate Limiting & More

Su San Talks Tech

Dec 12, 2022 · Backend Development

Designing Secure and Robust APIs: Signatures, Encryption, Rate Limiting, and More

This article outlines essential practices for building secure, reliable API interfaces—including request signing, data encryption, IP whitelisting, rate limiting, parameter validation, unified responses, exception handling, logging, idempotency, payload limits, performance testing, asynchronous processing, data masking, and comprehensive documentation—to help developers meet safety, stability, and maintainability requirements.

Idempotencyapi-designencryption

0 likes · 15 min read

Designing Secure and Robust APIs: Signatures, Encryption, Rate Limiting, and More

Java High-Performance Architecture

Dec 8, 2022 · Information Security

Unlocking Secure Unified Account Management with Token‑Based OAuth2

This article explains why enterprises need a standardized account management system, outlines the advantages of token‑based authentication over session‑based approaches, and details the OAuth2 and JWT design, workflow, and technical choices for building a scalable, secure, cross‑service authentication solution.

Account ManagementJWTMicroservices

0 likes · 10 min read

Unlocking Secure Unified Account Management with Token‑Based OAuth2

Selected Java Interview Questions

Dec 8, 2022 · Information Security

OAuth2 Overview: Roles, Flow, Client Registration, Grant Types, and Code Samples

This article provides a comprehensive introduction to OAuth2, covering its core concepts, roles, authorization flow, client registration steps, the four grant types (authorization code, implicit, password, client credentials), refresh tokens, and includes practical code snippets and diagrams for better understanding.

Client RegistrationGrant TypesOAuth2

0 likes · 10 min read

OAuth2 Overview: Roles, Flow, Client Registration, Grant Types, and Code Samples

Architecture Digest

Dec 8, 2022 · Artificial Intelligence

10 Amazing Ways to Use ChatGPT: Debugging, Security, Virtual Machines, and More

The article showcases ten impressive applications of OpenAI's ChatGPT—from debugging code and detecting security flaws to simulating a Linux terminal, generating nmap scans, reverse‑engineering shellcode, and highlighting its limitations—illustrating how the AI’s capabilities are only bounded by the user’s imagination.

Artificial IntelligenceChatGPTCode debugging

0 likes · 9 min read

10 Amazing Ways to Use ChatGPT: Debugging, Security, Virtual Machines, and More

21CTO

Dec 7, 2022 · Mobile Development

How Rust is Making Android Safer: Memory‑Safety Gains Revealed

Google’s shift to Rust for Android development has dramatically cut memory‑safety bugs, dropping from 223 incidents in 2019 to 85 in 2022, and reducing the share of such vulnerabilities from 76% to 35%, highlighting Rust’s growing role in mobile security.

AndroidMemory SafetyMobile Development

0 likes · 3 min read

How Rust is Making Android Safer: Memory‑Safety Gains Revealed

Programmer DD

Dec 6, 2022 · Artificial Intelligence

How an Engineer Coaxed ChatGPT into Writing a ‘Humanity‑Destruction’ Plan

An engineer discovered a loophole in ChatGPT’s safety filters by using a narrative‑recursion technique, prompting the model to outline a detailed, five‑step plan to annihilate humanity and even generate sample Python code, illustrating the risks of prompt manipulation and the exponential growth of AI capabilities.

AI SafetyChatGPTPython

0 likes · 6 min read

How an Engineer Coaxed ChatGPT into Writing a ‘Humanity‑Destruction’ Plan

DevOps

Dec 5, 2022 · Operations

Key Findings from the 2022 Accelerate State of DevOps Report: Software Delivery, Organizational Performance, and Software Supply Chain Security

The 2022 Accelerate State of DevOps report, based on surveys of 33,000 professionals, reveals that software delivery performance, operational reliability, and organizational culture—especially high‑trust, low‑blame environments—drive organizational outcomes, while secure software supply chain practices such as SLSA and NIST SSDF further boost performance and reduce burnout.

DevOpsReliabilitySLSA

0 likes · 8 min read

Key Findings from the 2022 Accelerate State of DevOps Report: Software Delivery, Organizational Performance, and Software Supply Chain Security

Liangxu Linux

Dec 1, 2022 · Information Security

CAS Server and Client Integration with Spring Boot: Configuration, Custom Authentication Filter, and CORS Handling

This article provides a step‑by‑step guide for building a CAS server and client with Spring Boot, covering WAR deployment, configuration file adjustments, custom authentication redirect strategies, CORS setup, and troubleshooting ticket validation and cross‑origin issues.

AuthenticationCASCORS

0 likes · 12 min read

CAS Server and Client Integration with Spring Boot: Configuration, Custom Authentication Filter, and CORS Handling

Su San Talks Tech

Dec 1, 2022 · Fundamentals

Master Computer Networks: From OSI Layers to TCP Handshakes and Security Essentials

This comprehensive guide covers computer network fundamentals, including OSI and TCP/IP models, protocol layers, DNS resolution, HTTP/HTTPS details, TCP three‑way handshake and four‑way teardown, congestion control, security threats like XSS and CSRF, and practical mitigation techniques, providing a solid foundation for networking interviews and real‑world applications.

Computer NetworksDNSHTTP

0 likes · 71 min read

Master Computer Networks: From OSI Layers to TCP Handshakes and Security Essentials

Top Architect

Nov 30, 2022 · Backend Development

Integrating Groovy Scripts with Spring Boot: A Step‑by‑Step Guide

This article introduces Groovy as a JVM scripting language, outlines its typical use cases, and provides a detailed, code‑rich tutorial on how to integrate Groovy scripts into a Spring Boot application, including dependency setup, script execution, bean access, and security considerations.

Backend IntegrationGroovyScripting

0 likes · 11 min read

Integrating Groovy Scripts with Spring Boot: A Step‑by‑Step Guide

Java High-Performance Architecture

Nov 25, 2022 · Information Security

Understanding SSO vs OAuth2.0: How Token-Based Authentication Works

This article explains the concepts and differences between Single Sign-On (SSO) and OAuth2.0, describing their token-based authentication flows, typical implementations such as CAS, the four OAuth2.0 grant types, and how they can be used to achieve seamless login across applications.

AuthenticationOAuth2.0SSO

0 likes · 8 min read

Understanding SSO vs OAuth2.0: How Token-Based Authentication Works

Java High-Performance Architecture

Nov 22, 2022 · Backend Development

How to Obfuscate Java Applications with ProGuard: Step‑by‑Step Guide

Learn how to protect your Java code from reverse engineering by compiling, decompiling, and applying ProGuard obfuscation, including creating a proguard.cfg file and configuring the Maven ProGuard plugin, with detailed examples and screenshots illustrating each step of the process.

ObfuscationProGuardbuild

0 likes · 7 min read

How to Obfuscate Java Applications with ProGuard: Step‑by‑Step Guide

Selected Java Interview Questions

Nov 22, 2022 · Information Security

Why JWT Is Unsuitable for Session Storage and Its Security Implications

This article explains why using JSON Web Tokens (JWT) for session management is problematic, detailing the misleading claimed benefits, the concrete disadvantages such as increased size, inability to revoke, security risks, and finally outlines the scenarios where JWT can be appropriately used as short‑lived authorization tokens.

Session ManagementWeb Developmentsecurity

0 likes · 13 min read

Why JWT Is Unsuitable for Session Storage and Its Security Implications

IT Architects Alliance

Nov 22, 2022 · Information Security

Understanding SSO and OAuth2.0: Concepts, Processes, and Differences

This article explains the principles of Single Sign‑On (SSO) and OAuth2.0, compares their workflows, describes common implementation patterns such as CAS and token‑based authentication, and clarifies the distinctions between SSO, OAuth2.0, and related security frameworks.

AuthenticationCASOAuth2.0

0 likes · 7 min read

Understanding SSO and OAuth2.0: Concepts, Processes, and Differences

Architect's Tech Stack

Nov 21, 2022 · Backend Development

How to Obfuscate Java Projects Using ProGuard and Maven

This guide explains Java compilation basics, the need for code obfuscation, provides a complete ProGuard configuration file, shows how to integrate the ProGuard Maven plugin into a pom.xml, and demonstrates building an obfuscated JAR with Maven.

ObfuscationProGuardjava

0 likes · 7 min read

How to Obfuscate Java Projects Using ProGuard and Maven

Efficient Ops

Nov 20, 2022 · Information Security

How to Detect and Recover from Linux Server Intrusions: Essential Checks

This guide outlines eleven practical steps for Linux system administrators to identify signs of compromise—such as missing logs, altered password files, unusual login activity, abnormal traffic, and deleted files—and provides command examples for detection and recovery.

File RecoveryLinuxSysadmin

0 likes · 7 min read

How to Detect and Recover from Linux Server Intrusions: Essential Checks

OPPO Kernel Craftsman

Nov 18, 2022 · Information Security

Evolution of Linux Kernel Security Technologies from 2010 to 2022

From 2010 to 2022 the Linux kernel moved from reactive, out‑of‑tree hardening to a proactive KSPP‑driven era, integrating probabilistic and deterministic mitigations, hardware‑backed defenses, and compiler‑level checks, while Android’s adoption and emerging Rust‑based components accelerated mainstream security hardening.

AndroidGrsecurity/PaXHIDS

0 likes · 18 min read

Evolution of Linux Kernel Security Technologies from 2010 to 2022

Top Architect

Nov 18, 2022 · Backend Development

SpringBoot Backend Scaffold with JWT Authentication and Shiro Authorization

This article introduces a SpringBoot-based backend scaffold that integrates JWT for authentication, Apache Shiro for authorization, Mybatis‑Plus for data access, and includes custom annotations, bcrypt password encryption, AOP transaction management, and step‑by‑step deployment instructions, targeting developers seeking a ready‑to‑use microservice starter.

JWTShiroSpringBoot

0 likes · 8 min read

SpringBoot Backend Scaffold with JWT Authentication and Shiro Authorization

21CTO

Nov 15, 2022 · Cloud Native

What Is an API Gateway? Design Principles, Types, and Best Practices

This article explains the fundamental concepts of API gateways, why they are essential in micro‑service architectures, outlines core design ideas such as routing, load balancing, resilience and security, and compares popular open‑source implementations like OpenResty, Kong, Zuul and Spring Cloud Gateway.

Cloud NativeMicroservicesService Mesh

0 likes · 27 min read

What Is an API Gateway? Design Principles, Types, and Best Practices

Programmer DD

Nov 14, 2022 · Backend Development

Choosing Between JWT and Session: Pros, Cons, and Implementation Guide

This article compares JWT and session authentication, outlines their differences, advantages, security considerations, performance impacts, and provides a complete Java implementation with Redis integration, helping developers decide the best approach for their projects.

AuthenticationJWTSession

0 likes · 16 min read

Choosing Between JWT and Session: Pros, Cons, and Implementation Guide

Top Architect

Nov 12, 2022 · Backend Development

Understanding API Design: Basics, Rate Limiting, Versioning, Security, and Team Collaboration

This article provides a practical guide to API design, covering fundamental concepts, rate‑limiting strategies, version management, permission and security considerations, and tips for effective inter‑team API collaboration, all illustrated with real‑world code examples.

APIVersioningbackend-development

0 likes · 15 min read

Understanding API Design: Basics, Rate Limiting, Versioning, Security, and Team Collaboration

Yunxuetang Frontend Team

Nov 11, 2022 · Frontend Development

Explore Frontend Trends: Vite, Low‑Code, Functional Programming, JMeter, and Security

This collection highlights essential frontend topics—including Vite's performance debate, low‑code concepts, functional programming fundamentals, JMeter performance testing, strategies for managing module dependencies and theme switching, as well as practical guidance on preventing XSS and CSRF attacks—offering developers a concise roadmap to modern web development.

frontendfunctional programminglow-code

0 likes · 5 min read

Explore Frontend Trends: Vite, Low‑Code, Functional Programming, JMeter, and Security

Architect's Tech Stack

Nov 6, 2022 · Backend Development

Comprehensive Guide to API Gateway Design and Implementation

This article provides an in‑depth overview of API gateways, explaining their basic concepts, design principles, key features such as request routing, service registration, load balancing, resilience and security, and compares popular gateway solutions like OpenResty, Kong, Zuul and Spring Cloud Gateway for microservice architectures.

Backend ArchitectureScalabilityService Mesh

0 likes · 26 min read

Comprehensive Guide to API Gateway Design and Implementation

58 Tech

Nov 3, 2022 · Mobile Development

Understanding Android Plugin Architecture and a Minimal Plugin Implementation

This article explains the fundamentals of Android pluginization, covering class loading, resource handling, Dex and OAT formats, security considerations, and presents a lightweight plugin framework used by 58.com to reduce app size and enable dynamic updates.

AndroidDEXDynamic Loading

0 likes · 30 min read

Understanding Android Plugin Architecture and a Minimal Plugin Implementation

Sohu Tech Products

Nov 2, 2022 · Information Security

Handling XSS Vulnerabilities in Spring Boot: Request Wrapper, Filters, and Jackson Custom Serialization

This article documents a step‑by‑step solution for preventing XSS attacks in a Spring Boot application, covering input validation, a custom HttpServletRequestWrapper, filter registration, and Jackson serializers/deserializers to escape malicious HTML both on request parameters and JSON payloads.

JacksonRequestWrapperSpring Boot

0 likes · 16 min read

Handling XSS Vulnerabilities in Spring Boot: Request Wrapper, Filters, and Jackson Custom Serialization

Laravel Tech Community

Nov 2, 2022 · Backend Development

Go 1.19.3 and 1.18.8 Release: Security Fixes for os/exec and syscall Packages

Go versions 1.19.3 and 1.18.8 were released, each containing a security fix that addresses unsanitized NUL handling in the os/exec and syscall packages, particularly on Windows, and includes runtime error corrections.

Goos/execprogramming

0 likes · 2 min read

Go 1.19.3 and 1.18.8 Release: Security Fixes for os/exec and syscall Packages

Aikesheng Open Source Community

Oct 28, 2022 · Databases

SQLE 1.2210.0 Release Notes: New Features, Enhancements, and Bug Fixes

The SQLE 1.2210.0 release introduces integrated CloudBeaver support for multiple database types, new MySQL audit rules, enhanced smart‑scan filtering, independent menus for scan tasks, along with numerous optimizations and bug fixes, and provides full release information and acknowledgments.

CloudBeaverDatabase AuditingRelease Notes

0 likes · 7 min read

SQLE 1.2210.0 Release Notes: New Features, Enhancements, and Bug Fixes

Code Ape Tech Column

Oct 28, 2022 · Information Security

Implementing XSS Prevention in Spring Boot with Request Wrapper, Filter, and Custom Jackson Serialization

This article explains how to protect a Spring Boot application from XSS attacks by validating input, wrapping HttpServletRequest, creating a servlet filter, and customizing Jackson serialization/deserialization to safely handle both form parameters and @RequestBody JSON payloads.

JacksonRequestWrapperSpring Boot

0 likes · 15 min read

Implementing XSS Prevention in Spring Boot with Request Wrapper, Filter, and Custom Jackson Serialization

Top Architect

Oct 27, 2022 · Databases

Techniques for Fuzzy Query on Encrypted Data

This article examines the challenges of performing fuzzy searches on encrypted data and compares three categories of solutions—naïve, conventional, and advanced—detailing their implementation methods, performance trade‑offs, storage costs, and security implications for real‑world applications.

databaseencryptionfuzzy-search

0 likes · 12 min read

Techniques for Fuzzy Query on Encrypted Data

MaGe Linux Operations

Oct 26, 2022 · Information Security

Why Google’s New Passkey Is Replacing Passwords on Android and Chrome

Google announced that Android and Chrome will adopt Passkey, a biometric‑based, public‑key login system that replaces traditional passwords, offering cross‑platform support, phishing resistance, and cloud‑backed recovery, with developers able to integrate it via WebAuthn and Google Play Services.

AndroidAuthenticationChrome

0 likes · 4 min read

Why Google’s New Passkey Is Replacing Passwords on Android and Chrome

Open Source Tech Hub

Oct 24, 2022 · Information Security

Mastering JWT: Structure, Renewal Strategies, and PHP Implementation

This guide explains the JWT format, standard and custom claims, signature algorithms, and presents practical single‑token and double‑token renewal schemes—including a WeChat OAuth example—along with a complete PHP implementation using the tinywan/jwt library.

AuthenticationJWTPHP

0 likes · 10 min read

Mastering JWT: Structure, Renewal Strategies, and PHP Implementation

ByteDance SYS Tech

Oct 24, 2022 · Cloud Native

How veLinux Boosts Cloud‑Native Performance and Security on x86 & ARM

veLinux, an open‑source Linux distribution from Volcano Engine, delivers a stable, high‑performance, and secure operating system for cloud workloads on both x86 and ARM, offering multiple editions, deep kernel optimizations, fast boot, and extensive security features tailored for modern cloud‑native environments.

kernel optimizationperformancesecurity

0 likes · 17 min read

How veLinux Boosts Cloud‑Native Performance and Security on x86 & ARM

Open Source Linux

Oct 23, 2022 · Fundamentals

100 Essential Networking Fundamentals Explained

This article provides concise explanations of 100 core networking concepts—from basic link definitions and OSI model layers to protocols, topologies, security measures, and hardware components—offering readers a comprehensive overview of computer network fundamentals essential for IT professionals and students alike.

OSI modelProtocolssecurity

0 likes · 32 min read

100 Essential Networking Fundamentals Explained

Open Source Linux

Oct 23, 2022 · Information Security

How a 23‑Year‑Old Curl Cookie Bug Evaded Detection Until 2022

This article recounts the 23.9‑year lifespan of a curl cookie handling vulnerability, tracing its origins in 1998, the evolution of cookie specifications, the discovery of the CVE‑2022‑35252 bug, and the eventual fix that finally eliminated the flaw after nearly 9,000 days.

CVECookieHTTP

0 likes · 9 min read

How a 23‑Year‑Old Curl Cookie Bug Evaded Detection Until 2022

Aikesheng Open Source Community

Oct 21, 2022 · Information Security

SQLE 1.2210.0-pre2 Release Notes: New Features, Enhancements, and Fixes

The SQLE 1.2210.0-pre2 release introduces CloudBeaver integration for multiple database types, adds new MySQL audit rules, provides several UI optimizations, and resolves critical bugs, offering a more comprehensive and secure SQL auditing experience for both community and enterprise users.

CloudBeaverDatabase AuditingRelease Notes

0 likes · 4 min read

SQLE 1.2210.0-pre2 Release Notes: New Features, Enhancements, and Fixes

Laravel Tech Community

Oct 20, 2022 · Backend Development

Nginx Releases Stable 1.22.1 and Mainline 1.23.2 with Security Fixes and New Features

Nginx has announced two new releases—stable 1.22.1 and mainline 1.23.2—primarily addressing security vulnerabilities in the mp4 module while also introducing new variables, TLS session handling improvements, logging level adjustments, and several bug fixes and workarounds.

NginxWeb serverfeatures

0 likes · 3 min read

Nginx Releases Stable 1.22.1 and Mainline 1.23.2 with Security Fixes and New Features

Laravel Tech Community

Oct 18, 2022 · Information Security

Linux Kernel Remote Code Execution Vulnerability (CVE-2022-42721)

A remote code execution vulnerability (CVE-2022-42721) affecting Linux kernel versions 5.1 through 5.19.14 allows local attackers to inject malicious WLAN frames that corrupt the mac80211 BSS handling list, enabling execution of arbitrary code, and can be mitigated by upgrading to kernel 5.19.15 or later.

Remote Code ExecutionVulnerabilitycve-2022-42721

0 likes · 2 min read

Programmer DD

Oct 17, 2022 · Information Security

Can Google’s Passkey Login Finally End Passwords?

Google’s new Passkey system, introduced in Android and Chrome, combines biometric verification with public‑key encryption to create a cross‑platform, phishing‑resistant login method that syncs across devices and promises to replace traditional passwords.

AndroidFIDOPasskey

0 likes · 4 min read

Can Google’s Passkey Login Finally End Passwords?

Architect's Guide

Oct 16, 2022 · Backend Development

Understanding API Gateways: Concepts, Design Principles, and Comparison of Popular Implementations

This article explains what an API gateway is, why it is needed in micro‑service architectures, outlines key design ideas such as request routing, service registration, load balancing, resilience and security, and compares major open‑source gateways like OpenResty, Kong, Zuul and Spring Cloud Gateway.

MicroservicesSpring Cloudapi-gateway

0 likes · 28 min read

Understanding API Gateways: Concepts, Design Principles, and Comparison of Popular Implementations

MaGe Linux Operations

Oct 14, 2022 · Information Security

How Dapr Secures Service Calls and Pub/Sub with mTLS and Access Policies

This article explains Dapr's security foundation, covering end‑to‑end mTLS for service invocation, configurable access control policies for services and Pub/Sub components, trust domains, SPIFFE identities, and practical examples of policy configurations and deployment steps for both local and Kubernetes environments.

DaprService Invocationaccess control

0 likes · 17 min read

How Dapr Secures Service Calls and Pub/Sub with mTLS and Access Policies

Python Programming Learning Circle

Oct 14, 2022 · Information Security

Essential Legal Knowledge Every Programmer Should Know

This article highlights the importance of legal awareness for programmers by presenting real‑world incidents, outlining key labor‑law rights and obligations, and offering practical guidance on protecting personal and corporate assets while avoiding illegal activities and black‑gray industry involvement.

employmentlawlegal

0 likes · 6 min read

Essential Legal Knowledge Every Programmer Should Know

Aikesheng Open Source Community

Oct 14, 2022 · Databases

SQLE 1.2210.0-pre1 Release Notes: New MySQL Audit Rules, Enhanced Scanning Filters, and UI Improvements

The SQLE 1.2210.0-pre1 preview release introduces new MySQL audit rules prohibiting rename/change operations and requiring LIMIT clauses, adds filter options to the intelligent scan task list, refines work‑order progress styling, and provides a detailed list of features, optimizations, and bug fixes.

Database AuditingRelease NotesSQLE

0 likes · 5 min read

SQLE 1.2210.0-pre1 Release Notes: New MySQL Audit Rules, Enhanced Scanning Filters, and UI Improvements

Cloud Native Technology Community

Oct 12, 2022 · Cloud Computing

Key Insights from the HashiCorp 2022 State of Cloud Strategy Survey: Multi‑Cloud Adoption, Security Priorities, and Operational Challenges

The 2022 HashiCorp State of Cloud Strategy Survey reveals that 60% of organizations have already adopted multi‑cloud strategies, security and automation are now top priorities, and skill gaps, complexity, and cost overruns remain the biggest obstacles to effective cloud operations.

cloud computingcloud strategymulti-cloud

0 likes · 10 min read

Key Insights from the HashiCorp 2022 State of Cloud Strategy Survey: Multi‑Cloud Adoption, Security Priorities, and Operational Challenges

Laravel Tech Community

Oct 11, 2022 · Information Security

Label Studio <1.6.0 SSRF Vulnerability (CVE‑2022‑36551)

Label Studio versions prior to 1.6.0 contain an SSRF flaw that allows authenticated users to access arbitrary files on the server via the data import module, with self‑registration enabled by default, and a proof‑of‑concept exploit is publicly available.

CVE-2022-36551Label StudioSSRF

0 likes · 3 min read

Label Studio <1.6.0 SSRF Vulnerability (CVE‑2022‑36551)

IT Architects Alliance

Oct 11, 2022 · Information Security

Understanding SSO: When to Choose SAML vs OAuth2 & OIDC

This article explains the fundamentals of Single Sign‑On (SSO), compares the two most common protocols—SAML and OAuth2 (with OpenID Connect)—covers their terminology, workflows, benefits, and provides guidance on which to use in different scenarios.

AuthenticationIdentity ManagementOAuth2

0 likes · 10 min read

Understanding SSO: When to Choose SAML vs OAuth2 & OIDC

DevOps

Oct 11, 2022 · Operations

Key Findings from the 2022 Accelerate State of DevOps Report: Security, Software Supply Chain, and Cloud Adoption

The 2022 Accelerate State of DevOps Report reveals that while application‑level security scanning in CI/CD pipelines is widely adopted, organizational culture, cloud adoption, and performance metrics significantly influence DevOps effectiveness, with overall performance declining amid pandemic‑related challenges.

DORA reportDevOpscloud computing

0 likes · 6 min read

Key Findings from the 2022 Accelerate State of DevOps Report: Security, Software Supply Chain, and Cloud Adoption

Liangxu Linux

Oct 10, 2022 · Operations

Essential Linux Ops: 10 Hard‑Earned Rules for Safe Server Management

This article shares practical Linux operations guidelines—including thorough testing, cautious use of destructive commands, strict backup policies, security hardening, continuous monitoring, performance tuning, and a disciplined mindset—to help avoid costly incidents and maintain stable production environments.

Linuxperformance tuningsecurity

0 likes · 11 min read

Essential Linux Ops: 10 Hard‑Earned Rules for Safe Server Management

Laravel Tech Community

Oct 10, 2022 · Information Security

PHP Input Validation Vulnerability (CVE‑2022‑31629) Allows Malicious Cookie Injection

A PHP input‑validation flaw (CVE‑2022‑31629) in several versions lets attackers inject malicious __Host‑ or __Secure‑ prefixed cookies, which the application may accept and act upon, and the issue can be mitigated by upgrading to patched PHP releases.

Cookie InjectionVulnerabilitycve-2022-31629

0 likes · 2 min read

PHP Input Validation Vulnerability (CVE‑2022‑31629) Allows Malicious Cookie Injection

DataFunTalk

Oct 9, 2022 · Big Data

Software Localization and the Future of Big Data Platforms in China

The article examines why software localization is essential for China’s data technology, outlines the challenges and current state of domestic operating systems, databases and big‑data platforms, discusses migration and upgrade strategies, and introduces NetEase DataFun’s self‑developed big‑data platform with its features and support.

Big DataChinaPlatform Migration

0 likes · 11 min read

Software Localization and the Future of Big Data Platforms in China

Top Architect

Oct 7, 2022 · Information Security

OAuth 2.0 Overview: Protocol Basics, Core Concepts, Grant Types and Token Flow

This article provides a comprehensive overview of OAuth 2.0, covering its protocol basics, core concepts, the four grant types, token issuance and refresh processes, request and response examples, and security considerations for implementing authentication and authorization in modern applications.

access-tokengrant-typessecurity

0 likes · 23 min read

OAuth 2.0 Overview: Protocol Basics, Core Concepts, Grant Types and Token Flow

MaGe Linux Operations

Oct 1, 2022 · Information Security

Mastering PHP One‑Line Webshell Evasion: Techniques & Payloads

This article explores various PHP one‑line webshell payloads, compares eval and assert functions, and presents multiple evasion techniques such as XOR, base64, rot13, string concatenation, variable obfuscation, and version‑specific tricks to bypass WAFs and antivirus detection.

EvasionObfuscationOne-liner

0 likes · 16 min read

Mastering PHP One‑Line Webshell Evasion: Techniques & Payloads

Architect's Guide

Oct 1, 2022 · Backend Development

Understanding API Design: Basics, Rate Limiting, Version Management, Security, and Team Collaboration

This article shares practical insights on API design, covering fundamental concepts, rate‑limiting strategies, versioning practices, security considerations, and tips for cross‑team API integration, all illustrated with real‑world examples and concise code snippets.

Versioningapi-designrate limiting

0 likes · 14 min read

Understanding API Design: Basics, Rate Limiting, Version Management, Security, and Team Collaboration

AntTech

Sep 30, 2022 · Artificial Intelligence

Ant Group’s 2022 Technical Highlights: Open‑Source Privacy Computing, OceanBase 4.0, AI Security, and Research Achievements

In 2022 Ant Group announced the open‑source privacy‑computing framework “YinYu”, launched OceanBase 4.0 with a single‑node distributed architecture, earned multiple AI and security awards, released AI risk‑detection platforms, open‑sourced the high‑performance graph database TuGraph, and published several papers at top AI conferences, showcasing its broad innovations across privacy, AI, and data infrastructure.

Ant Groupdatabaseopen‑source

0 likes · 14 min read

Ant Group’s 2022 Technical Highlights: Open‑Source Privacy Computing, OceanBase 4.0, AI Security, and Research Achievements

ITFLY8 Architecture Home

Sep 29, 2022 · Information Security

Understanding SSO: When to Use SAML vs OAuth2 & OIDC

This article explains single sign‑on concepts, compares SAML, OAuth2 and OpenID Connect, outlines their benefits and typical workflows, and provides guidance on choosing the right protocol for different security and user‑experience scenarios.

AuthenticationAuthorizationOAuth2

0 likes · 9 min read

Understanding SSO: When to Use SAML vs OAuth2 & OIDC

Selected Java Interview Questions

Sep 28, 2022 · Backend Development

Design and Implementation of a SpringBoot‑Based API Gateway with High Performance, High Availability, and Security

This article presents a comprehensive guide to building a SpringBoot API gateway that covers core capabilities such as authentication, routing, standardized responses, and custom error handling, while achieving high performance with NIO2, high availability with Alibaba Sentinel, and robust security features like IP black‑listing.

MicroservicesNIO2SpringBoot

0 likes · 14 min read

Design and Implementation of a SpringBoot‑Based API Gateway with High Performance, High Availability, and Security

21CTO

Sep 27, 2022 · Backend Development

Mastering API Design: From Basics to Rate Limiting, Versioning, and Security

This article shares practical insights on API design, covering fundamentals, rate limiting, version management, security considerations, and inter‑team integration, illustrated with code snippets and diagrams to help developers build clear, standardized, and robust backend interfaces.

Versioningapi-designrate limiting

0 likes · 17 min read

Mastering API Design: From Basics to Rate Limiting, Versioning, and Security

Selected Java Interview Questions

Sep 20, 2022 · Backend Development

Comprehensive Guide to Building an OAuth2 Authentication Server with Spring Boot, MySQL, Nacos, and Gateway Integration

This tutorial walks through designing an OAuth2 authentication architecture, configuring Spring Boot services, setting up MySQL schemas, integrating Nacos discovery, implementing security with JWT tokens, and connecting microservices through a Spring Cloud Gateway, while demonstrating all four OAuth2 grant types with code examples.

MicroservicesNacosOAuth2

0 likes · 26 min read

Comprehensive Guide to Building an OAuth2 Authentication Server with Spring Boot, MySQL, Nacos, and Gateway Integration

Alipay Experience Technology

Sep 19, 2022 · Frontend Development

How Yuque Built a Secure, High‑Performance Desktop App with Electron

This article details Yuque's desktop client architecture, covering its multi‑layer design, security measures, incremental update strategy, reusable components, delivery efficiency, performance optimizations, and stability practices that enable a fast, offline‑capable, and user‑friendly productivity tool.

Desktop ApplicationElectronSub‑Application Architecture

0 likes · 15 min read

How Yuque Built a Secure, High‑Performance Desktop App with Electron

MaGe Linux Operations

Sep 18, 2022 · Information Security

How to Build a Python Wi‑Fi Brute‑Force Cracker (CLI & GUI)

This tutorial walks through creating a Python Wi‑Fi password brute‑force tool, starting with a command‑line script that reads passwords from a dictionary, then adding network scanning for flexibility, and finally wrapping the logic in a Tkinter graphical interface while highlighting potential multithreading improvements.

TkinterWiFibrute force

0 likes · 20 min read

How to Build a Python Wi‑Fi Brute‑Force Cracker (CLI & GUI)

21CTO

Sep 15, 2022 · Information Security

How govulncheck Helps Go Developers Spot Real Vulnerabilities

The new govulncheck tool leverages the Go vulnerability database to pinpoint actual vulnerable function calls in code, reducing noise and addressing developer challenges around error handling and third‑party library security, while recent surveys highlight the growing need for such solutions.

Gogovulnchecksecurity

0 likes · 6 min read

How govulncheck Helps Go Developers Spot Real Vulnerabilities

MaGe Linux Operations

Sep 14, 2022 · Backend Development

What Go Developers Really Think About Generics, Security, and Tooling in the 2022 Q2 Survey

The 2022 Q2 Go developer survey of 5,752 respondents reveals rapid adoption of generics, limited awareness of fuzz testing, security concerns centered on third‑party dependencies, mixed feelings about new features, and insights into tooling, IDE preferences, and workspace usage that guide the Go team's future priorities.

GoToolingdeveloper survey

0 likes · 17 min read

What Go Developers Really Think About Generics, Security, and Tooling in the 2022 Q2 Survey

vivo Internet Technology

Sep 14, 2022 · Information Security

Web Crawling, Anti‑Crawling, and Anti‑Anti‑Crawling Techniques: Principles, Frameworks, and Code Examples

The article explains web‑crawling basics, Python and Scrapy examples, then surveys common anti‑crawling defenses such as CSS offsets, image camouflage, custom fonts, dynamic rendering, captchas, request signatures and honeypots, and finally presents anti‑anti‑crawling countermeasures—including CSS‑offset reversal, font decoding, headless‑browser rendering and YOLOv5‑based captcha cracking, while stressing legal compliance.

CaptchaPythonScrapy

0 likes · 25 min read

Web Crawling, Anti‑Crawling, and Anti‑Anti‑Crawling Techniques: Principles, Frameworks, and Code Examples

Top Architect

Sep 13, 2022 · Information Security

Implementing Data Masking in MySQL and Java with MyBatis-Mate Sensitive Jackson

This article demonstrates how to mask sensitive data such as phone numbers and ID cards using SQL functions, introduces Java masking libraries, and provides a complete MyBatis-Mate Sensitive Jackson example with configuration, custom strategies, entity annotations, controller endpoints, and sample responses.

MyBatisdata maskingjava

0 likes · 11 min read

Implementing Data Masking in MySQL and Java with MyBatis-Mate Sensitive Jackson

Top Architect

Sep 9, 2022 · Fundamentals

System Architecture Concepts Illustrated with Relationship Metaphors

The article uses a series of relationship‑based analogies to explain fundamental system‑architecture concepts such as cold backup, hot standby, disaster recovery, load balancing, multi‑cluster scaling, CDN, DDoS protection, IDS/IPS, SIEM, VPN, reverse engineering, stress testing, data analysis, parallel computing, big‑data processing, containerization, virtualization, and more, while also providing promotional links to related resources.

cloudload balancingsecurity

0 likes · 16 min read

System Architecture Concepts Illustrated with Relationship Metaphors

Programmer DD

Sep 7, 2022 · Cloud Native

Master Docker: 10 Essential Best Practices for Secure, Efficient Java Containers

This guide walks you through ten practical Docker best‑practice steps—from using deterministic image tags and minimal base images to multi‑stage builds, non‑root users, PID‑1 handling, graceful shutdown, .dockerignore usage, container‑aware JVM settings, and cautious adoption of automation tools—ensuring your Java applications run securely and efficiently in production containers.

Dockerbest practicescontainerization

0 likes · 15 min read

Master Docker: 10 Essential Best Practices for Secure, Efficient Java Containers

Senior Brother's Insights

Sep 5, 2022 · Backend Development

How a Hidden Ternary Operator Triggered Massive Data Deletion in a Java Backend

After taking over a system via a server image, the author uncovered malicious modifications that used a ternary expression to force id=1, causing MyBatis to generate a “where 1=1” clause that deleted the entire T_QUART_DATA table, and later discovered cron jobs that removed core jars, illustrating a thorough forensic debugging process.

LinuxMyBatisbackend debugging

0 likes · 7 min read

How a Hidden Ternary Operator Triggered Massive Data Deletion in a Java Backend

IT Architects Alliance

Sep 3, 2022 · Backend Development

Understanding API Gateways: Concepts, Design Principles, and Comparison of Popular Solutions

This article explains the fundamental concepts of API gateways, their design motivations, key architectural components such as routing, service registration, load balancing, resilience, and security, and provides a comparative overview of popular open‑source implementations like OpenResty, Kong, Zuul, and Spring Cloud Gateway.

api-gatewayload balancingsecurity

0 likes · 27 min read

Understanding API Gateways: Concepts, Design Principles, and Comparison of Popular Solutions

Liangxu Linux

Aug 31, 2022 · Operations

Set Up a Private Git Server on Linux in 5 Simple Steps

This guide walks you through installing Git, creating a dedicated git user, configuring SSH keys, preparing a repository directory, initializing a bare repository, and applying essential security hardening to run a private Git server on a Linux machine.

LinuxServersecurity

0 likes · 8 min read

Set Up a Private Git Server on Linux in 5 Simple Steps

Efficient Ops

Aug 30, 2022 · Operations

How Minsheng Bank’s DevSecOps Platform Sets New Standards in XOps

The article details Minsheng Bank’s award‑winning DevSecOps platform and performance‑measurement system presented at the 2022 XOps Industry Summit, highlighting its three‑pillar strategy of tiered classification, cloud‑native architecture, and integrated security, as well as the broader Chinese DevOps maturity model and standards.

Cloud NativeContinuous DeliveryDevOps

0 likes · 6 min read

How Minsheng Bank’s DevSecOps Platform Sets New Standards in XOps

Cloud Native Technology Community

Aug 30, 2022 · Cloud Native

What’s New in Kubernetes 1.25? 40 Enhancements Across Every SIG

Kubernetes 1.25 introduces 40 new features and numerous bug fixes, with major upgrades across API Machinery, Apps, Authentication, Networking, Nodes, Security, Scheduling, and Storage, providing stronger security, better resource management, and expanded configurability for cloud‑native workloads.

1.25Cloud NativeKubernetes

0 likes · 12 min read

What’s New in Kubernetes 1.25? 40 Enhancements Across Every SIG

Liangxu Linux

Aug 29, 2022 · Information Security

How to Harden SSH on Linux: 8 Essential Security Tweaks

This guide walks you through eight practical steps to secure SSH on a Linux server, including disabling root login, changing the default port, restricting empty passwords, limiting authentication attempts, enforcing protocol 2, disabling forwarding, using key‑based authentication, and applying IP‑based access controls.

ConfigurationLinuxSSH

0 likes · 7 min read

How to Harden SSH on Linux: 8 Essential Security Tweaks

Open Source Linux

Aug 28, 2022 · Cloud Computing

Why Private Cloud Matters: Benefits, Architecture, and Public Cloud Comparison

This article explains what a private cloud is, outlines its key advantages such as enhanced security, SLA stability, autonomy and customization, describes its typical IaaS/PaaS architecture, and compares it in cost, elasticity, and operational models with public cloud solutions.

IaaSPaaSarchitecture

0 likes · 8 min read

Why Private Cloud Matters: Benefits, Architecture, and Public Cloud Comparison

Baidu Intelligent Cloud Tech Hub

Aug 26, 2022 · Cloud Computing

How Baidu Cloud Flow Log Boosts Network Visibility and Cuts Costs

Baidu Intelligent Cloud's Flow Log product provides real‑time, high‑throughput network flow collection, visualization, and analysis for VPC, dedicated line, and NAT gateways, enabling fault diagnosis, cost allocation, elephant‑flow management, and security inspection across ultra‑large scale cloud environments.

Big DataCost ManagementNetwork Monitoring

0 likes · 10 min read

How Baidu Cloud Flow Log Boosts Network Visibility and Cuts Costs

Top Architect

Aug 26, 2022 · Information Security

Understanding Session Management, SSO, and CAS Implementation in Java

This article explains the challenges of traditional session mechanisms in distributed systems, explores session sharing solutions such as replication and centralized storage, details the design and flow of Single Sign‑On (SSO) using CAS, compares CAS with OAuth2, and provides complete Java code examples for a demo implementation.

CASSSOSession

0 likes · 14 min read

Understanding Session Management, SSO, and CAS Implementation in Java

Java Backend Technology

Aug 25, 2022 · Information Security

How to Perform Fuzzy Searches on Encrypted Data: Methods, Pros & Cons

This article examines why encrypted data hinders fuzzy queries, categorizes three implementation strategies—from naïve to conventional to advanced—explains their mechanisms, evaluates performance and security trade‑offs, and provides practical references for building searchable encrypted fields.

algorithmdata privacyfuzzy-search

0 likes · 12 min read

How to Perform Fuzzy Searches on Encrypted Data: Methods, Pros & Cons

Programmer DD

Aug 24, 2022 · Cloud Native

How Kubernetes Policy Management Enhances Cloud‑Native Security and Compliance

The CNCF whitepaper on Kubernetes policy management outlines a reference architecture, explains XACML integration, and shows how policy‑as‑code can secure the entire container lifecycle while automating compliance with standards such as PCI, NIST and HIPAA.

Cloud NativeKubernetesPolicy as Code

0 likes · 6 min read

How Kubernetes Policy Management Enhances Cloud‑Native Security and Compliance

OPPO Amber Lab

Aug 23, 2022 · Information Security

Master CodeQL: From Setup to Advanced Vulnerability Queries

This guide introduces CodeQL, explains how to install the required tools, shows how to generate a source‑code database, and walks through basic and advanced rule syntax with practical C/C++ examples, enabling security researchers to efficiently discover vulnerabilities in large codebases.

CodeQLCodeQL Queriesc++

0 likes · 13 min read

Master CodeQL: From Setup to Advanced Vulnerability Queries

Code Ape Tech Column

Aug 22, 2022 · Backend Development

Comprehensive Guide to API Gateway Concepts, Design, Types, and Best Practices

This article provides an in‑depth overview of API gateways, covering basic concepts, design principles, functional requirements, traffic vs. business gateways, comparisons of popular implementations such as OpenResty, Kong, Zuul, and Spring Cloud Gateway, and practical recommendations for high performance, availability, and scalability in microservice architectures.

MicroservicesScalabilityapi-gateway

0 likes · 28 min read

Comprehensive Guide to API Gateway Concepts, Design, Types, and Best Practices

Liangxu Linux

Aug 21, 2022 · Information Security

Master Linux Incident Response: Detect, Remove, and Harden Malware Infections

This guide walks you through a complete Linux incident‑response workflow—identifying suspicious behavior, locating and terminating malicious processes, eliminating virus files, closing persistence mechanisms, and hardening the system to prevent future compromises—using practical shell commands and real‑world examples.

LinuxMalware RemovalSystem Hardening

0 likes · 9 min read

Master Linux Incident Response: Detect, Remove, and Harden Malware Infections

Architecture Digest

Aug 21, 2022 · Information Security

Implementing Database Field Encryption and Decryption with MyBatis Plugins

This article explains how to use MyBatis plugins to transparently encrypt specified database fields on write and decrypt them on read, covering the requirement background, system architecture, interceptor design, annotation usage, mapper adjustments, handling of pagination count queries, and practical implementation details.

MyBatisdatabase encryptionjava

0 likes · 17 min read

Implementing Database Field Encryption and Decryption with MyBatis Plugins

21CTO

Aug 20, 2022 · Information Security

Mastering Permission Management: From Basic RBAC to Advanced Role Inheritance

This article explains why permission management is essential, outlines common permission models such as RBAC and its extensions, discusses role inheritance, constraints, user groups, organizations and positions, and presents practical database schema designs for both standard and ideal RBAC systems.

Permission DesignRBACRole Inheritance

0 likes · 16 min read

Mastering Permission Management: From Basic RBAC to Advanced Role Inheritance

Architects' Tech Alliance

Aug 18, 2022 · Cloud Computing

NVIDIA BlueField DPU Series: Architecture, Features, and Ecosystem Overview

The article provides a comprehensive overview of NVIDIA's BlueField DPU series—including BlueField‑2,‑3, and‑4—detailing their high‑performance architecture, network, security, and storage capabilities, as well as the DOCA development ecosystem that enables programmable acceleration for modern cloud data‑center workloads.

BlueFieldDPUNetwork Acceleration

0 likes · 12 min read

NVIDIA BlueField DPU Series: Architecture, Features, and Ecosystem Overview

Top Architect

Aug 16, 2022 · Databases

How to Perform Fuzzy Queries on Encrypted Data: Methods, Trade‑offs, and Recommendations

This article examines the difficulty of fuzzy searching encrypted fields and compares three solution families—naïve memory‑loading or tag‑table tricks, conventional token‑based encryption with indexable columns, and advanced algorithmic designs—highlighting their security, performance, and storage implications while recommending the most practical approach.

algorithmdatabaseencryption

0 likes · 10 min read

How to Perform Fuzzy Queries on Encrypted Data: Methods, Trade‑offs, and Recommendations

Ops Development Stories

Aug 16, 2022 · Cloud Native

Master Kubernetes Authentication & Authorization: From Users to RBAC

This article explains how Kubernetes secures its API Server through authentication and authorization, covering user types, authentication methods such as client certificates, bearer tokens, OIDC, and static token files, and then details the RBAC model, role bindings, and service account usage for fine‑grained access control.

AuthorizationCloudNativeKubernetes

0 likes · 18 min read

Master Kubernetes Authentication & Authorization: From Users to RBAC

Code Ape Tech Column

Aug 15, 2022 · Information Security

Understanding Single Sign-On (SSO) and OAuth2.0: Differences, Implementation, and CAS Workflow

The article explains the concepts of Single Sign-On and OAuth2.0, compares their trust, resource, and flow differences, and details how to implement SSO using OAuth2.0 or the CAS framework, while also promoting related Spring Cloud Alibaba video tutorials.

AuthenticationCASOAuth2

0 likes · 8 min read

Understanding Single Sign-On (SSO) and OAuth2.0: Differences, Implementation, and CAS Workflow

Cognitive Technology Team

Aug 13, 2022 · Fundamentals

Is java.lang.String Truly Immutable? Reflection Bypass in Java 11 and Prevention in Java 17

This article explains how java.lang.String, traditionally considered immutable, can be altered via reflection in Java 11, how Java 17 blocks such modifications with exceptions, and demonstrates using StackTrace-based checks and other practical applications for security and debugging in Java.

ReflectionStackTraceString immutability

0 likes · 4 min read

Is java.lang.String Truly Immutable? Reflection Bypass in Java 11 and Prevention in Java 17

Wukong Talks Architecture

Aug 13, 2022 · Information Security

Credentials, Cookie‑Session, and JWT: A Journey‑to‑the‑West Analogy for Authentication

This article uses the Journey to the West story as a metaphor to explain credentials, the Cookie‑Session authentication model, and the JWT token scheme, comparing their mechanisms, advantages, disadvantages, and practical implications for modern microservice security.

AuthenticationCookie-SessionJWT

0 likes · 12 min read

Credentials, Cookie‑Session, and JWT: A Journey‑to‑the‑West Analogy for Authentication

MaGe Linux Operations

Aug 12, 2022 · Information Security

Master Linux Incident Response: Detect, Remove, and Harden Malware Step‑by‑Step

This guide presents a practical four‑stage Linux incident‑response workflow—identifying suspicious behavior, terminating and deleting malicious processes, sealing persistence mechanisms, and hardening the system—complete with essential shell commands and verification steps to efficiently neutralize Linux‑based malware.

LinuxMalware RemovalShell Commands

0 likes · 10 min read

Master Linux Incident Response: Detect, Remove, and Harden Malware Step‑by‑Step

MaGe Linux Operations

Aug 11, 2022 · Information Security

How to Detect and Investigate Linux Server Intrusions: Essential Log Checks

This guide outlines practical steps for Linux system administrators to identify signs of compromise by examining logs, user accounts, login events, network traffic, and recovering deleted files, providing command examples for each investigative task.

LinuxSysadminlog analysis

0 likes · 8 min read

How to Detect and Investigate Linux Server Intrusions: Essential Log Checks

Sohu Tech Products

Aug 10, 2022 · Frontend Development

React Security Best Practices: Preventing XSS and Safe Rendering

This article explains how to secure React applications by avoiding dangerous HTML injection methods, using proper sanitization, handling server‑side rendering safely, preventing JSON and URL injection, keeping dependencies up‑to‑date, and applying ESLint security rules.

ReactWeb DevelopmentXSS

0 likes · 6 min read

React Security Best Practices: Preventing XSS and Safe Rendering

IT Architects Alliance

Aug 9, 2022 · Backend Development

Mastering Consistent API Design: 22 Essential Best Practices

This guide presents 22 practical rules for designing clean, consistent RESTful APIs—including resource-oriented URLs, kebab‑case paths, camelCase parameters, proper use of HTTP verbs, versioning, pagination, field selection, CORS, security, and monitoring—to help developers avoid common pitfalls and improve API usability.

HTTP methodsURL conventionsVersioning

0 likes · 9 min read

Mastering Consistent API Design: 22 Essential Best Practices

Architects' Tech Alliance

Aug 9, 2022 · Fundamentals

Arm Announces Armv9 Architecture: New ISA Extensions, Security Features, AI and SVE2 Enhancements

Arm's latest Armv9 architecture, unveiled after a decade of Armv8 evolution, introduces major ISA extensions such as SVE2, strengthens security with the Confidential Compute Architecture, adds AI‑focused capabilities, and outlines a roadmap for future CPUs across mobile, server and edge devices.

AIARMArmv9

0 likes · 12 min read

Arm Announces Armv9 Architecture: New ISA Extensions, Security Features, AI and SVE2 Enhancements

Selected Java Interview Questions

Aug 8, 2022 · Backend Development

Implementing Unified Authorization in Spring Cloud Gateway with OAuth2 Resource Server

This tutorial explains how to centralize URL‑level authentication in a Spring Cloud Gateway by integrating Spring Security OAuth2 Resource Server, defining custom authorization managers, handling token errors, forwarding JWT claims to downstream services, and configuring the gateway with YAML and Java code examples.

MicroservicesOAuth2Spring Cloud

0 likes · 17 min read

Implementing Unified Authorization in Spring Cloud Gateway with OAuth2 Resource Server

Liangxu Linux

Aug 7, 2022 · Information Security

How to Connect Windows to Fedora 33 via SSH with PuTTY: Setup, Transfer, and Tunneling

This guide explains how to configure the SSH daemon on Fedora 33, use PuTTY on Windows to establish a secure remote console, transfer files with pscp, and create SSH tunnels for forwarding HTTP services, including detailed command examples, verification steps, and security warnings.

LinuxPuttySSH

0 likes · 10 min read

How to Connect Windows to Fedora 33 via SSH with PuTTY: Setup, Transfer, and Tunneling

ByteFE

Aug 5, 2022 · Frontend Development

Curated Technical Reads: V8 Memory Management, Web3 DApp, Vue3 Compilation, DNS Query, JavaScript Runtime, Software Engineering, Design Patterns, Low‑Code Component Loading, TypeScript Advanced Types, React Security Practices

This collection highlights recent technical articles covering JavaScript engine memory management, building a Web3 decentralized app, Vue 3 compilation improvements, DNS query mechanisms, creating a custom JavaScript runtime, software engineering insights, singleton design pattern, low‑code remote component loading, advanced TypeScript types, and React security best practices.

BlockchainJavaScriptRuntime

0 likes · 5 min read

Curated Technical Reads: V8 Memory Management, Web3 DApp, Vue3 Compilation, DNS Query, JavaScript Runtime, Software Engineering, Design Patterns, Low‑Code Component Loading, TypeScript Advanced Types, React Security Practices

macrozheng

Aug 4, 2022 · Information Security

Mastering Access Control: 5 Core Permission Models Explained

This article introduces the design of permission systems and thoroughly explains the five mainstream access control models—ACL, DAC, MAC, ABAC, and RBAC—along with their principles, examples, drawbacks, and practical implementation details for real‑world applications.

ACLRBACaccess control

0 likes · 15 min read

Mastering Access Control: 5 Core Permission Models Explained

Architects' Tech Alliance

Aug 1, 2022 · Fundamentals

Specialized Data Processor (DPU) Performance Benchmark Methodology and Implementation

The whitepaper introduces a comprehensive DPU performance benchmark methodology, detailing evaluation criteria across network, storage, compute, and security dimensions, and provides guidance on building test systems, selecting workloads, and designing metrics to enable fair, open, and objective assessment of diverse DPU products.

ComputeDPUnetwork

0 likes · 10 min read

Specialized Data Processor (DPU) Performance Benchmark Methodology and Implementation

Laravel Tech Community

Jul 31, 2022 · Big Data

Elasticsearch 8.3.3 Release Notes: Bug Fixes, Enhancements, and Security Updates

Elasticsearch 8.3.3, a Java‑based distributed search engine built on Lucene, introduces a series of bug fixes across core infrastructure, mapping, monitoring, packaging, and security, as well as new security‑related enhancements such as OIDC idle‑connection handling.

big-databug-fixrelease-notes

0 likes · 2 min read

Elasticsearch 8.3.3 Release Notes: Bug Fixes, Enhancements, and Security Updates