Tag Archives: Security

Cisco ASAv firewall REST API – Resource Manipulation

Introduction After the initial article about ASAv REST API we are going to explore how we can granularity manipulate various resources such as objects and object-groups. You will learn how to create modify, verify and delete each object type. This can be useful when building an automation tool that needs to perform various configuration changes […]


Neo4j 2.2 Authentication and adding extra users

Token-based authentication is new in Neo4j 2.2, but how does it work? The first thing to know is that it is enabled by default in conf/neo4j-server.properties by: # Require (or disable the requirement of) auth to access Neo4j dbms.security.auth_enabled=true


Meteor security fundamentals

via Meteor security fundamentals – Just Meteor.

Let’s talk about Meteor and security.

There are several resources about your first steps with Meteor out there, but after you’ve finished your first tutorials and want to build “something real” you should really focus and adapt the best practices for Meteor security.

Meteor makes it very easy and fast to get an app out of the door, but this awesomeness comes with the responsibility to check that you’ve closed all holes before publishing your app to your audience.

Note: This is just a primer to Meteor security. It doesn’t mean that everything is covered here. I’ve added a “Additional resources”-Section below where you can read on about this topic.

Liferay jBoss turn off the version info from http response Header

According to Security best practices, it good to turn off the portal and application server version information from the HTTP response header. By default, Liferay portal deployed on jBoss server shows the following information in the HTTP response header Liferay-Portal:Liferay Portal Enterprise Edition X.X CE (Augustine / Build XXXX / Month DD, YYYY) Server: Apache-Coyote/1.1 […]


Secure REST services using Spring Security

Overview : Recently, I was working on a project which uses a REST services layer to communicate with the client application (GWT application). So I have spent a lot of to time to figure out how to secure the REST services with Spring Security. This article describe the solution I found, and I have implemented. […]


Securing GWT Apps using Spring Oauth & Spring Social

General purpose : Provides a spring security configuration for any Oauth2 providers in our projects. For that I found many good starting points on the web and I merged them into a simple GWTP project forked from an existing repository (https://github.com/imrabti/gwtp-spring-security) which helped me to achieve this goal with minor changes. This a solution for […]


Custom Authentication Success Handler with Grails and Spring Security

It’s Sunday and instead of devoting this day to our Lord I will dedicate it to the great Machine and its coding brethren. The jokes aside, this is a quick show up of how to establish custom Authentication Success Handler if you are working with Grails Framework + Spring Security Core Plugin. Well first, why […]