A new version of obov is available for download. Some nice new features were added:
Go get it!
obov stands for OATH Based OTP validator. It’s a 100% pure Java library that provides simple to use methods to validate (and related utilities) one time passwords generated by OATH compliant devices.
More »
The folks at IBM have a nice API to use i5/OS (AS400) stuff from Java code. Check it out at http://www-03.ibm.com/systems/i/software/toolbox/index.html.
What I particularly find very useful and have used often is to validate user names and passwords with the AS400 authentication services. The following code validates a userName and password.
More »
It’s usually very nice, and sometimes a requirement, to validate usernames and passwords using existing credentials. And in most situations big frameworks or single sign-on systems are just damn overkill and complex.
If you need to check your users credentials via an existing Unix system (that supports PAM) or a Windows domain controller check out More »
If you ever deployed an application in a corporate environment, where an IT Security officer likes to keep a tight leash on who knows each system password, you probably needed to figure out some sort of security mechanism to store the passwords your application needs to connect to some database, access a web service, etc.
The most obvious and straightforward approach is to use a symmetric algorithm, like 3DES or AES, with an encryption password hard coded in your application to decrypt/encrypt the sensitive credentials. This has several cons:
And these are just the 3 most important issues that come to mind in 5 minutes…