- December 22, 2015 | By Paul Ambrosini
While adjusting some environment variables recently, I came across an odd issue with Docker, Spring Boot and JAVA_OPTS. JAVA_OPTS comes from the Tomcat/Catalina world and when searching for "Docker and javaopts" on Google you'll find many references to just adding JAVA_OPTS to the Docker…Read Article
- November 11, 2015 | By Paul Ambrosini
Today we would like to announce the discovery of a vulnerability in the Spring Social Core library. Spring Social provides Java bindings to popular service provider APIs like GitHub, Facebook, Twitter, etc., and is widely used by developers. All current versions (1.0.0.RELEASE to 1.1.2.RELEASE) of…Read Article
- April 26, 2015 | By Paul Ambrosini
RabbitMQ has become a staple for building job queues between the myriad of spring boot micro-serivces I've built at SRC:CLR. The Spring abstraction has allowed for quick and mostly painless development. What I hadn't found a need for was RabbitMQ's "Dead Letter Exchange" setup. Multiple times there…Read Article
- January 15, 2015 | By Paul Ambrosini
In December of 2014 researchers found that the RC4 cipher being used in common TLS implementations could be easily broken. As of January 15 2015 the recommended predefined security policy for AWS Elastic Load Balancers still permits the use of RC4 ciphers and will need to be custom configured to…Read Article
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.