Skip to main content

Home/ SoftwareEngineering/ Group items matching "Repository" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

AuthorizationInfo (Apache Shiro :: Core 1.1.0 API) - 0 views

127.0.0.1/...AuthorizationInfo.html

security ApacheShiro authorization AuthorizationInfo

shared by kuni katsuya on 03 Sep 12 - No Cached
  • Interface AuthorizationInfo
  • AuthorizationInfo represents a single Subject's stored authorization data (roles, permissions, etc) used during authorization (access control) checks only
  • Roles are represented as a Collection of Strings (Collection<String>)
  • ...3 more annotations...
  • Permissions are provided in two ways: A Collection of Strings, where each String can usually be converted into Permission objects by a Realm's PermissionResolver A Collection of Permission objects
  • most Realms store both sets of data for a Subject
  • a Realm implementation to utilize an implementation of the Account interface instead, which is a convenience interface that combines both AuthenticationInfo and AuthorizationInfo
kuni katsuya

AuthenticationInfo (Apache Shiro :: Core 1.1.0 API) - 0 views

127.0.0.1/...AuthenticationInfo.html

security ApacheShiro authentication AuthenticationInfo

shared by kuni katsuya on 03 Sep 12 - No Cached
  • Interface AuthenticationInfo
  • AuthenticationInfo represents a Subject's (aka user's) stored account information relevant to the authentication
  • difference between this interface and the AuthenticationToken interface.
  • ...7 more annotations...
  • AuthenticationToken
  • represents data submitted for any given login attempt
  • AuthenticationInfo
  • implementations represent already-verified and stored account data
  • Since Shiro sometimes logs authentication operations, please
  • ensure your AuthenticationInfo's toString() implementation does not print out account credentials (password, etc)
  • as these might be viewable to someone reading your logs
kuni katsuya

Quick start with GraniteDS | Granite Data Services - 0 views

granitedataservices.com/...quick-start-with-graniteds

graniteds tutorial eclipse-plugin quickstart example

shared by kuni katsuya on 05 Jun 12 - No Cached
  • install the GraniteDS wizard and builder plugins in Eclipse
  • graniteds-tide-cdi-jpa
  • you don’t need to have a Flex SDK installed as it will be retrieved from the Maven repository
  • ...12 more annotations...
  • 3 separate projects: a Java project, a Flex project and a Webapp project.
  • GraniteDS archetypes
  • archetypeGroupId: org.graniteds.archetypes archetypeVersion: 1.1.0.GA archetypeArtifactId:
  • Maven 3.x required
  • mvn archetype:generate    -DarchetypeGroupId=org.graniteds.archetypes    -DarchetypeArtifactId=graniteds-tide-spring-jpa-hibernate    -DarchetypeVersion=1.1.0.GA    -DgroupId=org.example    -DartifactId=springgds    -Dversion=1.0-SNAPSHOT
  • cd springgdsmvn clean package
  • build the project
  • CDI archetype requires a Java EE 6 server and uses an embedded GlassFish
  • cd webappmvn embedded-glassfish:run
  • With the Eclipse Maven integration (the M2E plugin), you can simply choose one of the archetypes when doing New Maven Project.
  • mvn war:war
  • two very easy ways to quickly create a new GraniteDS project
kuni katsuya

Enterprise Architect - UML Design Tools and UML CASE tools for software development - 0 views

www.sparxsystems.com/...index.html

enterprise architect uml design tools

shared by kuni katsuya on 16 May 12 - Cached
  • Code Engineering Database Engineering Debug & Visualize Applications MDG Technologies (Create & Use)* Model Driven Architecture (MDA) Project Discussion Forum Replicate .EAP Projects Reverse Engineer Binaries (Java, .NET) Shared Models WSDL Engineering XML Schema (XSD) Engineering
  • Audit Model Changes Baseline Diff/Merge DBMS Repository** Floating Edition Available Lazy Load Scripting with JScript, VBScript and Javascript Security (Role-based) WAN Optimizer
  • BPEL Generation from BPMN diagrams Business Rules Composer Executable Code Generation from Behavioral Models Math Support built into Script Engines
  • ...5 more annotations...
  • Allocated Work Execution Analyzer Menu Test Points Win 32 User Interface Designs Business Process Simulation ***
  • Gap Analysis Model Mail Project Calendar Task Allocations TOGAF Gap Analysis
  • BPEL 2.0 Generation BPMN Simulation SysML 1.2
  • Eclipse Integration
  • Eclipse Link
  • kuni katsuya on 16 May 12
     
    Code Engineering Database Engineering Debug & Visualize Applications MDG Technologies (Create & Use)*
kuni katsuya

Plugins - Jenkins - Jenkins Wiki - 0 views

wiki.jenkins-ci.org/...Plugins

jenkins continuousintegration ci plugin hudson

shared by kuni katsuya on 07 Jun 12 - No Cached
  • Git Plugin — This plugin allows use of Git as a build SCM
  • Subversion Plugin — This plugin adds the Subversion support (via SVNKit) to Jenkins
  • Subversion Release Manager — This plugin allows you to set up a job in Hudson for building specific revisions of a project.
  • ...77 more annotations...
  • Subversion Tagging Plugin — This plugin automatically performs subversion tagging (technically speaking svn copy) on successful build.
  • ViewVC Plugin — This plugin integrates ViewVC browser interface for CVS and Subversion with Hudson.
  • Source code management
  • Build Pipeline Plugin — This plugin creates a pipeline of Hudson\Jenkins jobs and gives a view so that you can visualise it.
  • Build tools
  • JBoss Management Plugin — This plugin allows to manage a JBoss Application Server during build procedure
  • Maven 2 Project Plugin — Jenkin's Maven 2 project type
  • Phing Plugin — This plugin allows you to use Phing to build PHP projects.
  • Post build task — This plugin allows the user to execute a shell/batch task depending on the build log output. Java regular expression are allowed.
  • Promoted Builds Plugin — This plugin allows you to distinguish good builds from bad builds by introducing the notion of 'promotion'.
  • Publish Over SSH Plugin — Publish files and/or execute commands over SSH (SCP using SFTP)
  • Selenium AES Plugin — This plugin is for continuous regression test by Selenium Auto Exec Server (AES).
  • Vagrant Plugin — This plugin allows booting of Vagrant virtual machines, provisioning them and also executing scripts inside of them
  • Unicorn Validation Plugin — This plugin uses W3C's Unified Validator, which helps improve the quality of Web pages by performing a variety of checks.
  • Build wrappers
  • Android Emulator Plugin — Lets you automatically generate, launch and interact with an Android emulator during a build, with the emulator logs being captured as artifacts.
  • Artifactory Plugin — This plugin allows deploying Maven 2, Maven 3, Ivy and Gradle artifacts and build info to the Artifactory artifacts manager.
  • AWS Cloudformation Plugin — A plugin that allows for the creation of cloud formation stacks before running the build and the deletion of them after the build is completed.
  • Build Keeper Plugin — Select a policy for automatically marking builds as "keep forever" to enable long term analysis trending when discarding old builds - or use to protect logs and artifacts from certain builds
  • Build Name Setter Plugin — This plugin sets the display name of a build to something other than #1, #2, #3, ...
  • SSH plugin — You can use the SSH Plugin to run shell commands on a remote machine via ssh.
  • SeleniumRC Plugin — This plugin allows you to create Selenium server instance for each project build.
  • Vagrant Plugin — This plugin allows booting of Vagrant virtual machines, provisioning them and also executing scripts inside of them
  • Timestamper — Adds timestamps to the Console Output.
  • VirtualBox Plugin — This plugin integrates Jenkins with VirtualBox (version 3, 4.0 and 4.1) virtual machine.
  • Version Number Plugin — This plugin creates a new version number and stores it in the environment variable whose name you specify in the configuration.
  • VMware plugin — This plugin allows you to start a VMware Virtual Machine before a build and stop it again after the build completes.
  • AWS Cloudformation Plugin — A plugin that allows for the creation of cloud formation stacks before running the build and the deletion of them after the build is completed.
  • Desktop Notifier for Jenkins — This is useful for those who are looking for a Desktop Notifier for Jenkins builds to automatically notify you about failed builds directly from their desktops.
  • Email-ext plugin — This plugin allows you to configure every aspect of email notifications. You can customize when an email is sent, who should receive it, and what the email says.
  • Google Calendar Plugin — This plugin publishes build records over to Google Calendar
  • HTML5 Notifier Plugin — Provides W3C Web Notifications support for builds.
  • Jabber Plugin — Integrates Jenkins with the Jabber/XMPP instant messaging protocol. Note that you also need to install the instant-messaging plugin.
  • Build reports
  • Checkstyle Plugin — This plugin generates the trend report for Checkstyle, an open source static code analysis program. 
  • Clover PHP Plugin — This plugin allows you to capture code coverage reports from PHPUnit. For more information on how to set up PHP projects with Jenkins have a look at the Template for Jenkins Jobs for PHP Projects.
  • Crap4J Plugin — This plugin reads the "crappy methods" report from Crap4J. Hudson will generate the trend report of crap percentage and provide detailed information about changes.
  • Dependency Analyzer Plugin — This plugin parses dependency:analyze goal from maven build logs and generates a dependency report
  • Dependency Graph View Plugin — Shows a dependency graph of the projects using graphviz. Requires a graphviz installation on the server.
  • FindBugs Plugin — This plugin generates the trend report for FindBugs, an open source program which uses static analysis to look for bugs in Java code. 
  • Grinder Plugin — This plugin reads output result files from Grinder performance tests, and will generate reports showing test results for every build and trend reports showing performance results across builds.
  • JSUnit plugin — This plugin allows you publish JSUnit test results
  • Performance Plugin — This plugin allows you to capture reports from JMeter and JUnit . Hudson will generate graphic charts with the trend report of performance and robustness.
  • PerfPublisher Plugin — This plugin generates global and trend reports for tests results analysis. Based on an open XML tests results format, the plugin parses the generated files and publish statistics, reports and analysis on the current health of the project.
  • PMD Plugin — This plugin generates the trend report for PMD, an open source static code analysis program. 
  • Sonar plugin — Quickly benefit from Sonar, an open-source dashboard based on many analysis tools like Checkstyle, PMD and Cobertura.
  • testng-plugin — This plugin allows you to publish TestNG results.
  • Violations — This plug-in generates reports static code violation detectors such as checkstyle, pmd, cpd, findbugs, codenarc, fxcop, stylecop and simian.
  • xUnit Plugin — This plugin makes it possible to publish the test results of an execution of a testing tool in Jenkins.
  • Artifact uploaders
  • ArtifactDeployer Plugin — This plugin makes it possible to copy artifacts to remote locations.
  • Artifactory Plugin — This plugin allows deploying Maven 2, Maven 3, Ivy and Gradle artifacts and build info to the Artifactory artifacts manager.
  • Confluence Publisher Plugin — This plugin allows you to publish build artifacts as attachments to an Atlassian Confluence wiki page.
  • Deploy Plugin — This plugin takes a war/ear file and deploys that to a running remote application server at the end of a build
  • FTP-Publisher Plugin — This plugin can be used to upload project artifacts and whole directories to an ftp server.
  • HTML Publisher Plugin
  • Publish Over FTP Plugin — Publish files over FTP
  • Publish Over SSH Plugin — Publish files and/or execute commands over SSH (SCP using SFTP)
  • S3 Plugin — Upload build artifacts to Amazon S3
  • SCP plugin — This plugin uploads build artifacts to repository sites using SCP (SSH) protocol.
  • Hudson Helper for Android — Monitor your CI builds right from your Android device.
  • Hudson Mobi, the iPhone, iPod and Android client for Hudson CI — The iPhone, iPod and iPad client for Hudson CI monitoring on the road.
  • Hudson Monitor for Android — Monitor and display the status of your builds on your Android™ phone.
  • External site/tool integrations
  • Jira Issue Updater Plugin — This is a Jenkins plugin which updates issues in Atlassian Jira (by changing their status and adding a comment) as part of a Jenkins job.
  • JIRA Plugin — This plugin integrates Atlassian JIRA to Jenkins.
  • ChuckNorris Plugin — Displays a picture of Chuck Norris (instead of Jenkins the butler) and a random Chuck Norris 'The Programmer' fact on each build page.
  • UI plugins
  • Active Directory plugin — With this plugin, you can configure Jenkins to authenticate the username and the password through Active Directory.
  • Audit Trail Plugin — Keep a log of who performed particular Jenkins operations, such as configuring jobs.
  • JClouds Plugin — This plugin uses JClouds to provide slave launching on most of the currently usable Cloud infrastructures.
  • Checkstyle Plugin — This plugin generates the trend report for Checkstyle, an open source static code analysis program. 
  • FindBugs Plugin — This plugin generates the trend report for FindBugs, an open source program which uses static analysis to look for bugs in Java code. 
  • JIRA Plugin — This plugin integrates Atlassian JIRA to Jenkins.
  • M2 Release Plugin — This plugin allows you to perform a release build using the maven-release-plugin from within Jenkins.
  • PMD Plugin — This plugin generates the trend report for PMD, an open source static code analysis program. 
  • Meme Generator Plugin — Generate Meme images when a build fails (and returns to stable), and post them on the project page.
kuni katsuya

Session Management Cheat Sheet - OWASP - 0 views

www.owasp.org/...Session_Management_Cheat_Sheet

OWASP BestPractices CheatSheet SessionManagement

shared by kuni katsuya on 21 Sep 12 - No Cached
  • Session Management Cheat Sheet
  • should not be extremely descriptive nor offer unnecessary details
  • change the default session ID name of the web development framework to a generic name
  • ...50 more annotations...
  • length must be at least 128 bits (16 bytes)
  • Session ID Length
  • Session ID Name Fingerprinting
  • Session ID Properties
  • Session ID Entropy
  • must be unpredictable (random enough) to prevent guessing attacks
  • good PRNG (Pseudo Random Number Generator) must be used
  • must provide at least 64 bits of entropy
  • Session ID Content (or Value)
  • content (or value) must be meaningless
  • identifier on the client side
  • meaning and business or application logic associated to the session ID must be stored on the server side
  • session objects or in a session management database or repository
  • create cryptographically strong session IDs through the usage of cryptographic hash functions such as SHA1 (160 bits).
  • Session Management Implementation
  • defines the exchange mechanism that will be used between the user and the web application to share and continuously exchange the session ID
  • token expiration date and time
  • This is one of the reasons why cookies (RFCs 2109 & 2965 & 6265 [1]) are one of the most extensively used session ID exchange mechanisms, offering advanced capabilities not available in other methods
  • Transport Layer Security
  • use an encrypted HTTPS (SSL/TLS) connection for the entire web session
  • not only for the authentication
  • process where the user credentials are exchanged.
  • “Secure” cookie attribute
  • must be used to ensure the session ID is only exchanged through an encrypted channel
  • never switch a given session from HTTP to HTTPS, or viceversa
  • should not mix encrypted and unencrypted contents (HTML pages, images, CSS, Javascript files, etc) on the same host (or even domain - see the “domain” cookie attribute)
  • should not offer public unencrypted contents and private encrypted contents from the same host
  • www.example.com over HTTP (unencrypted) for the public contents
  • secure.example.com over HTTPS (encrypted) for the private and sensitive contents (where sessions exist)
  • only has port TCP/80 open
  • only has port TCP/443 open
  • “HTTP Strict Transport Security (HSTS)” (previously called STS) to enforce HTTPS connections.
  • Secure Attribute
  • instructs web browsers to only send the cookie through an encrypted HTTPS (SSL/TLS) connection
  • HttpOnly Attribute
  • instructs web browsers not to allow scripts (e.g. JavaScript or VBscript) an ability to access the cookies via the DOM document.cookie object
  • Domain and Path Attributes
  • instructs web browsers to only send the cookie to the specified domain and all subdomains
  • “Domain” cookie attribute
  • “Path” cookie attribute
  • instructs web browsers to only send the cookie to the specified directory or subdirectories (or paths or resources) within the web application
  • vulnerabilities in www.example.com might allow an attacker to get access to the session IDs from secure.example.com
  • Expire and Max-Age Attributes
  • “Max-Age”
  • “Expires” attributes
  • it will be considered a
  • persistent cookie
  • and will be stored on disk by the web browser based until the expiration time
  • use non-persistent cookies for session management purposes, so that the session ID does not remain on the web client cache for long periods of time, from where an attacker can obtain it.
  • Session ID Life Cycle
‹ Previous 21 - 28 of 28
Showing 20 items per page