Category Archives: Security

Spring Security in Google App Engine…

When delving into the Google App Engine (GAE) world, aside from NOSQL (Not Only SQL), there are a number of other unfamiliar paradigms you’ll encounter. If you’re used to a number of technologies, such as Spring, Hibernate, Sitemesh, you may … Continue reading

Posted in Google App Engine, Security | 1 Comment

Caching for the DaoAuthenticationProvider – don’t do it

It’s extremely hard to remember that everything is not a nail. Whenever I’m using Hibernate Core and/or Hibernate Search, I plan on caching frequently used entities, in order to remove unnecessary load on the data-store(s). Pretty standard performance move. I … Continue reading

Posted in Security | 2 Comments

hibernate spring secuirty implementation…

Almost two years ago, I said I would upgrade my my Hibernate-Acegi (Spring Secuirty) implementation to Spring Security’s new(er) ACL service paradigm. Here’s their suggested schema. Below is a class diagram of that paradigm. Back then, none of projects required … Continue reading

Posted in Security | 7 Comments

you want acegi on that wall, you need acegi on that wall…

Just a little under 2 years ago, I became more aware of security as an important part of implementing a complete system. I know that many simply rely on the role based ACL-paradigm of the Sun Servlet spec. they’re using. … Continue reading

Posted in Security | 2 Comments

WebWork 2.2.6 released (Security Fix)

If you are a Webwork/XWork user, you may have heard of the critical security issue found in XWork. Well, no fear the WebWork team has a backwards compatible with WebWork 2.2.5 release. Pick it up.

Posted in Security | 2 Comments