Blog archief

Proxying authentication using JBoss

Wouldn’t it be nice if the connection to the database is done using the same username as the username used to login to a (JEE) application? Oracle has a solution for that: proxy authentication.  When using proxy authentication, every application

Geplaatst in Technology Getagd met , , ,

Breaking SMS security

I wrote some time ago about false sense of security in many secure applications such as internet-banking. Now one of the predictions I made have become reality, as you can read on this (Dutch) article on webwereld: Onderzoekers kapen tan-code

Geplaatst in Various Getagd met

False sense of security in https

Like most Internet users, I use https a lot. Whenever I login to a, say, my bank, Firefox shows a nice picture of the bank and a message the communication is secured and authorized. Should for any reason the communication

Geplaatst in Various Getagd met