Cross Site Request Forgeries (CSRF) and Grails
I recently had to come up with defenses against cross-site request forgery (CSRF) attacks for a grails application. This goes along with hand-in-hand with XSS injection protection to make your site as...
View ArticleLogging Spring Security Events in Grails
The grails spring-security-core plugin is great way to get full featured authentication in a web application with minimal effort. It mostly just works out of the box, and in combination with the...
View ArticleEncrypting a Database Column in Grails
Grails and hibernate user types make it easy to encrypt tables on a column by column basis. Note that this approach has some limitations. Most importantly, you won’t be able to make queries based on...
View ArticleDownloading a Server’s HTTPS Certificate with Groovy
If you ever need to access a web service with HTTPS as a client in Java or groovy, and the service uses a self-signed certificate, you might need to import the SSL certificate into your local keystore....
View Article
More Pages to Explore .....