How to: Password-Manager Friendly Login Forms
In this article, I explore the importance of creating password-manager friendly login forms for a seamless user experience and enhanced web security.
Learning AssertJ: Null ain't Blank
This AssertJ bug could lead to severe issues: In Java, a blank String is a CharSequence that is empty, null or whitespace only โ except when you use AssertJ!
The Purpose of JWT: Stateless Authentication
JSON Web Token (JWT) allow you to establish stateless authentication. I explain why this is important and what's the fundamental difference to stateful authentication.
On Making Spring Security OAuth RFC-compliant
On Fixing Spring Security OAuth: I fixed a small HTTP header extractor for the Spring Security OAuth open source project recently. Here's what happened & what I learned...
Weak Crypto, Github SAML Attack & Twitter Security UX
Want to use JWT for password-reset or email activation? Turn app state into HMAC-keys to guarantee one-time use of JWTs! This is how it works โฆ