Have you ever wanted to deploy a Java Serverless function, but package it with a Docker Image? That is possible now with AWS new Container support. This guide will show you how to try it yourself, step by step! The …
-
Prevent LDAP injection in Java with SpringBoot
In this article, we dive into the basics of LDAP (Lightweight Directory Access Protocol)—a powerful protocol used to manage directory information like user authentication, authorization, and centralized account management in IT systems. 🌐👨💻
We also explore LDAP Injection, a common security vulnerability 🛡️ where attackers manipulate LDAP queries to:
⚠️ Bypass authentication
⚠️ Access unauthorized data
⚠️ Modify directory entriesLearn how these attacks work, the risks they pose, and, most importantly, how to protect your systems with secure coding practices like input sanitization and parameterized queries. ✅💻
Whether you’re an IT professional, developer, or just curious about cybersecurity, this article is your crash course on LDAP and LDAP Injection! 🚀✨
-
Effortless updates require a zero-migration policy
In today’s production environments, it is not only expected, but critical to keep your technology stack as up-to-date as possible. Staying current helps to mitigate security risks, while also benefiting from bug fixes, performance improvements, and new features and function …
-
Foojay Podcast #58: How Java Developers Can Secure Their Code
Three years after Log4Shell caused a significant security issue, we still struggle with insecure dependencies and injection problems. In this podcast, we’ll discuss how developers can secure their code. I talked with three authors who posted a security and code …
-
Health Check Response Format for HTTP APIs
I’m continuing my journey on getting more familiar with HTTP APIs by reading related RFCs.
-
DRY your Apache APISIX config
DRY is an important principle in software development. In this article, you learn how to apply it to Apache APISIX configuration.
-
Implementing the Idempotency-Key specification on Apache APISIX
A simple implementation of the Idempotency-Key header specification on Apache APISIX via a plugin.
-
When (not) to write an Apache APISIX plugin
Practical alternatives to writing a custom plugin, offering solutions you can quickly implement in your projects.
-
Creating cloud-native Java applications with the 12-factor app methodology
Learn how you could create cloud-native Java apps that are portable, scalable, and reliable with the 12 factor app methodology.
-
OpenTelemetry Tracing on Spring Boot, Java Agent vs. Micrometer Tracing
Let’s compare three different ways to do OpenTelemtry Tracing: Java agent v1, Java agent v2, and Micrometer Tracing.
-
Are Critical Vulnerabilities Lurking in Your Java Ecosystem?
According to the Datadog “State of DevSecOps” report, a staggering 90% of Java services are susceptible to one or more critical or high-severity vulnerabilities