Security
Using Self-Signed Multi-Domain Certificates
Self-signed certificates are usually used for TLS authentication on non-production environments. We’ll discuss here how to generate proper certificate for your server.
Logging Policy
There are different points of view on how logging levels should be used in code. I will share mine.
My assumption is: “There should be no errors in logs when everything is fine.”
Secure Java Coding Best Practices
Making your web application flawless against security attacks is a challenge for every java developer. In this article I will briefly describe common practical development techniques that can help you to achieve it.
Secure Java Logging with Logback
Deploying application into secure environment adds some restrictions on logging and log management. OWASP community gives some useful recommendations.
API Authentication: Generating HMAC digest in PHP and Java
User authentication is an important part of the web service API design. One of the common approaches is the Hash-based Message Authentication Code – HMAC. Used together with transport level security, it provides a reliable mechanizm of user authentication and message integrity validation.