Domain Driven Design for the Win?

When I think about domain driven design, I also tend to think about the book written by Erik Evans (Domain Driven Design – Tackling Complexity in the Heart of Software).  It is a fantastic book and I would recommend every software engineer to read it. The book explains how you can design your software so that it […]

Read More

How to be successful at Agile

Agile software development is a development method that tries to solve a lot of the issues of plan-driven development methods like the waterfall model. Although Agile can be the solution to these issues, there are many pitfalls that can prevent teams from being succesful at Agile. Plan-driven Approach Issues In order to develop using a […]

Read More

Data Validation Strategy for Web Applications

Implementing data validations can be complex and time consuming. It is also important once you implemented everything, you can modify it easily. So you need to design your validations for change. The difficult thing about validations is that they can be implemented in different places throughout a web application. First we need to make a […]

Read More

Creating an Authorization Server using JWTs

The aim of this post is to illustrate how to build a simple authorization server using JWTs. The source code of this project is available at my GitHub account: https://github.com/nille85/auth-server. About JWTs JWTs are self-containing tokens. In contrast to opaque tokens, all the necessary information about a user or client is present in the token […]

Read More

One-time Pad Implementation In Java

In this post you can find an implementation of the one-time pad cipher in Java. This cipher uses a symmetric key, which means that the same key is used to encrypt and decrypt. The same function is applied in the encrypt and decrypt function. It is basically a xor operation between a byte from the […]

Read More

Creating and Reading Public and Private Keys

Working with public and/or private keys can be very confusing. When you search for documentation how touse  these in Java, it can be overwhelming. DER, PEM, CRT, CER, KEY, X.509, ASN.1, PKCS1, PKCS8, PKCS12, PKI…What can be used for public keys? What can be used for private keys? What is the encoding? X.509 certificate When searching […]

Read More

Pushing a Maven Project to the Central Repository

niels

August 4, 2016

DevOps, Java, Maven

No Comment

A couple of weeks ago, I started working on a new open source project in my spare time. The aim of the project is my own implementation of an authorization server. The architecture will be inspired by OAuth 2.0, OpenID Connect and JSON Web Tokens. The project itself is build using Maven. Now I have […]

Read More

Is Random always random enough?

At the moment, I am working at a project where I need to implement a simple authorization server. The authorization server needs to generate random words at some point. Future users will be able to register by filling in among other things, an application name and scopes (for example read or write). The server will respond with a […]

Read More

Introduction to the Java Cryptography Architecture

Architecture The Java Cryptography Architecture or JCA was designed around the follwing principles: implementation independence and interoperability algorithm independence and extensibility Algorithm independence can be achieved by defining types of cryptographic engines or services. Other defined classes provide the functionality of these cryptographic engines. These classes are called engine classes. Some examples are the MessageDigest, […]

Read More

How to use a Message Authentication Code

A Message Authentication Code or MAC is a cryptographic primitive that can be used to protect a message against forgery. It uses a symmetric key, which means that the sender and the receiver use the same secret key. Calculating the MAC The following is an example how you can calculate MAC using Java given an input […]

Read More