This article describes how to bundle a database driver and the datasource configuration into an enterprise archive (EAR). In my case I used WildFly 15 and MariaDB JDBC Client as the database driver for MySQL. The Java MySQL JDBC driver is under the GPL… more
This blog post solves an error I encountered while trying to display some data in a PrimeFaces line chart graph (Version 6.2). Each time I opened the page with the graph, the Browser crashed with an “Out of Memory” message in the… more
In this article I will describe how to prevent Saxon from parsing external entities to avoid XXE attacks. Basically you should be very careful when parsing XML files from untrusted sources. Otherwise this can lead to serious security issues.
This post describes how to fix the PrimeFaces Expression Language Remote Code Execution bug (CVE-2017-1000486) when an update to the latest / fixed PrimeFaces version is not easily possible. This solution also needs no patching of the PrimeFaces library itself. The preferred /… more
This article describes how a typical browser file download can be triggered using the Angular HttpClient. Typically you can simply introduce a link to the endpoint of the file download into the page and this will work just fine. However, if you… more
In this article I will describe how to add a Http Authentication Bearer token to each request done from Angular via HttpClient by implementing a Angular 5 HttpInterceptor. This way the bearer token has not be added to each request separately while doing… more
This article describes how to disable authentication for ASP.NET Core 2.0. ASP.NET Core JWT Authentication I have some Rest API which I want to protect via JwtBearer token in production e.g.
public void ConfigureServices(IServiceCollection services)
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
o.Authority = authority;
o.Audience = audience;
o.RequireHttpsMetadata = false;
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
However in order to test the API, for development I… more
Hack Attempt on JSF ViewState This article explains why the error java.lang.StringIndexOutOfBoundsException: String index out of range: -1 in the class ServerSideStateHelper in the method getState (313) might be someone trying to hack your application server. It is getting quite technical in here… but… more