Archive for category JavaRanch
finding out when Oracle changes the certification objectives
November 29th, 2014 by Jeanne BoyarskyAs Scott and I noted in the introduction of our book, Oracle tends to fiddle with the duration, number of questions and passing score of their certification exams. They also fiddle with the exam objectives themselves on occasion. And as you might imagine, these aren’t well publicized. First attempt I originally thought that I would […]
Posted: 29 November, 2014 in Development Process, Java Certification, JavaRanch.
Tags: maven, objectives, oca, ocajp, oracle
Comments: -
contrast security plugin for eclipse
November 2nd, 2014 by Jeanne BoyarskyI recently learned that Contrast Security has a free plugin that tests your application against the OWASP Top 10. We’ve tried to fix these already. You can read about how we fixed Clickjacking, CSRF and XSS in JForum. Installing I started out by installing the Contrast plugin from the Eclipse Marketplace. After restarting Eclipse, a Contrast view automatically […]
Posted: 2 November, 2014 in Java/Java EE, JavaRanch.
Tags: contrast, eclipse, owasp, security
Comments: 1
fixing clickjacking and brute force login for jforum
September 28th, 2014 by Jeanne BoyarskyI’ve been blogging about some of the security fixes we’ve made in the CodeRanch fork of JForum such as XSS with quotes and CSRF. Today it is time to write about Clickjacking and preventing brute force logins. Clickjacking Clickjacking is an attack where someone includes your site in transparent frames and the attacker intercepts anything […]
Posted: 28 September, 2014 in Java/Java EE, JavaRanch.
Tags: clickjacking, security
Comments: -