December 13, 2016

Create PublicKey and PrivateKey in Java 8


KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
keyPairGen.initialize(2048, SecureRandom.getInstanceStrong());
KeyPair keyPair = keyPairGen.genKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();

See also

November 23, 2016

How to Create Custom Launch Icon in Ubuntu

[Desktop Entry]
Comment=Perform calculations
Comment[fr]=Effectue des calculs compliqués

For details see

November 12, 2016

OpenID Connect explained

Or slides version

What is Encrypted in HTTPS and SSL Stripping

"Everything in the HTTPS message is encrypted, including the headers, and the request/response load." []


"A sophisticated type of man-in-the-middle attack called SSL stripping was presented at the Blackhat Conference 2009. This type of attack defeats the security provided by HTTPS by changing the https: link into an http: link, taking advantage of the fact that few Internet users actually type "https" into their browser interface: they get to a secure site by clicking on a link, and thus are fooled into thinking that they are using HTTPS when in fact they are using HTTP." []

SSL Stripping Mitigation

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

November 11, 2016

How to set Proxy for Java Process, e.g. JBoss

For all Java process you can set proxy settings from command line:

-Dhttp.proxyHost=localhost -Dhttp.proxyPort=8080 -Dhttps.proxyHost=localhost -Dhttps.proxyPort=8443

For details see: Java Networking Properties

For JBoss EAP 6 >, you can set this with:

<server xmlns="urn:jboss:domain:1.7">
        <property name="http.proxyHost" value="localhost"/>
        <property name="http.proxyPort" value="8080"/>
        <property name="https.proxyHost" value="localhost"/>
        <property name="https.proxyPort" value="8443"/>

Overview Apache Cordova

Apache Cordova is a mobile hybrid solution. You write you application in HTML, CSS and JavaScript.

When you build your application you will have a native package. The application will then run in a native WebView (on iOS Objective-C UIWebView class; on Android android.webkit.WebView.)

Slack for Ubuntu 16.04 64-bit

Download and install debian package from:

Google Recaptcha

To safeguard registration against bots you can integrate with Google reCAPTCHA.

OWASP Bean Validation Cheat Sheet

Bean validation is not only interesting for validation, but mixed with a unified domain model, you also get a uniform validation through out our application.


Reference for regexp validation (javax.validation.constraints.Pattern): OWASP Validation Regex Repository

OWASP Cheat Sheet Series

Simple HTTP Headers that Improves Web Security

X-Frame-Options: SAMEORIGIN

What is Clickjacking?

See also:

Content-Security-Policy: frame-src 'self'

What is CSP, Content Security Policy?

See also:

X-Content-Type-Options: nosniff

This is a security feature that helps prevent attacks based on MIME-type confusion.

September 16, 2016

How To Read from a Text File in Java

BufferedReader reader = null;
try {
    reader = new BufferedReader(new InputStreamReader(new FileInputStream("filename.txt"), "UTF-8"));
    String string = reader.readLine();
} finally {
    if (reader != null) {

How To Write to a Text File in Java

Writer writer = null;
try {
    writer = new BufferedWriter(new OutputStreamWriter(new FileOutputStream("filename.txt"), "UTF-8"));
} finally {
    if (writer != null) {