Security

How to configure a new user password in AWS Cognito using plain HTTP calls?

How to authenticate in AWS Cognito using plain HTTP calls?

Few days ago I’ve created a simple interceptors spike-solution at Github. Its purpose was to show my colleagues that in the EJB’s interceptors you can implement a code that exists in the same transaction and the same security context as the called EJB business method. Moreover, you can benefit from all the dependency injection you need. This project uses the following resources injected by the Application Server: TransactionSynchronizationRegistry – used for getting current transaction key and checking if we’re in the same transaction (I’ve written about it e....

By default few of the security features are turned off in OpenShift JBoss 7.1 cartridge. If you want to use the Java EE security features first you need to define your security roles and constraints in your deployment descriptor, e.g. web.xml: <?xml version="1.0" encoding="UTF-8"?> <web-app> // ... <security-role> <role-name>admin</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/admin/login.xhtml</form-login-page> <form-error-page>/admin/login.xhtml?error=1</form-error-page> </form-login-config> </login-config> <security-constraint> <web-resource-collection> <web-resource-name>Modify questions section</web-resource-name> <url-pattern>/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>admin</role-name> </auth-constraint> </security-constraint> </web-app> (I’ve omitted the logging form source code as it’s not the main point here....

I like to keep my system clean and secured. Unfortunately, the GUI interface for iptables isn’t really matching my expectations. So I would like to create simple bash script which will execute iptables rules with every system boot-up. By default it blocks all incoming AND outgoing traffic also, so be careful :-) If you want to open another port – you just need to add it to the INPUT_OUTPUT list. Take a look at the source of the script:...