Skip to main content

You are currently viewing the Trifork Blog, to view our full website please go to Trifork.com

Session Timeout and Concurrent Session Control with Spring Security and Spring-MVC

Session Timeout and Concurrent Session Control with Spring Security and Spring-MVC

A web application me and my team are building recently underwent a security review. As usual, because you haven’t yet had time to put any real effort into it, some security risks did surface. We use Spring Security and Spring-MVC and I will talk about implementing a session timeout and concurrent session control: nice subjects […]

Web security; a haven for hackers if you’re not careful!

Web security is becoming more of more of an issue. In the Netherlands alone it’s at the heart of the daily news. For example the recent final report from a security company commissioned to investigate the DigiNotar attack shows that the compromise of the now-bankrupt certificate authority was much deeper than initially thought. Or the instance where a […]

Securing connections with TLS

In this article I’ll explore some ways to secure socket communication with TLS from a java application. To make it more concrete I’ll show you SubEtha SMTP (an excellent Java based bare bones SMTP server) and the recent TLS extensions I added to it. What you’ll get from this article: How to mix secure with […]