The Journal (Page 3)
Brennenstuhl on Security Engineering
![How to Make Your Login Forms Password-Manager Friendly](https://www.jbspeakr.cc/password-security-manager-friendly/effortless-login_hu1ed70e5b45bdc5bf778a652bfec5cc33_482062_1270x620_resize_q75_h2_box_3.webp)
![Learning AssertJ: Null ain't Blank](https://www.jbspeakr.cc/assertj-null-not-blank/java-assertj-blank_hu4d6577f6f53aa66a4627065c19e70604_720230_1270x620_resize_q75_h2_box_3.webp)
Learning AssertJ: Null ain't Blank
This AssertJ bug could lead to severe issues: In Java, a blank String is a CharSequence that is empty, null or whitespace only – except when you use AssertJ!
![The Purpose of JWT: Stateless Authentication](https://www.jbspeakr.cc/purpose-jwt-stateless-authentication/stateless-authentication_hu324d5324ab1db060dd9ce3b496ed88ca_369064_1270x620_resize_q75_h2_box_3.webp)
The Purpose of JWT: Stateless Authentication
JSON Web Token (JWT) allow you to establish stateless authentication. I explain why this is important and what's the fundamental difference to stateful authentication.
![On Making Spring Security OAuth RFC-compliant](https://www.jbspeakr.cc/spring-security-oauth-rfc/open-source-inspiration_hufcefe4d50e7f7ea68c4f77cb45686e72_554780_1270x620_resize_q75_h2_box_3.webp)
On Making Spring Security OAuth RFC-compliant
On Fixing Spring Security OAuth: I fixed a small HTTP header extractor for the Spring Security OAuth open source project recently. Here's what happened & what I learned...
![Weak Crypto in Google Cloud Platform, Github SAML Attack & Twitter Security UX](https://www.jbspeakr.cc/weak-google-crypto-github-saml/readme-web-security-news_hubef1a5ec3d0290a258feb17914d753be_249402_1270x620_resize_q75_h2_box_3.webp)
Weak Crypto in Google Cloud Platform, Github SAML Attack & Twitter Security UX
Want to use JWT for password-reset or email activation? Turn app state into HMAC-keys to guarantee one-time use of JWTs! This is how it works …
![Single-Use JWT: Unlocking the Power of Stateless One Time Token](https://www.jbspeakr.cc/howto-single-use-jwt/jwt-one-time-token_hu622b25e7d789d4c4e218e842da050ad6_510615_1270x620_resize_q75_h2_box_3.webp)
Single-Use JWT: Unlocking the Power of Stateless One Time Token
I delve into the transformative potential of JWTs as one-time tokens, exploring their advantages, implementation considerations, and real-world use cases.
![Secure Your AWS DynamoDB Data: A Backup & Recovery Strategy for Uninterrupted Business Operations](https://www.jbspeakr.cc/aws-dynamodb-backup-recovery/aws-dynamodb-backup-recovery_huf5c8eaffbc3d26fd36feabedffa587ea_673990_1270x620_resize_q75_h2_box_3.webp)
Secure Your AWS DynamoDB Data: A Backup & Recovery Strategy for Uninterrupted Business Operations
In this article, I outline a DynamoDB backup and recovery strategy based on Datapipelines, S3 & AWS Lambdas.