Security is a wide ranging topic which operates on many levels and covers many technologies. The technologies involved include networks, operating systems, database systems, and application servers as well as manual procedures.
Application level security in the context of Java EE applications is provided by web and EJB containers. This article by Michael Sikora will be mostly concerned with EJB container security. However, as EJBs are often invoked from the web-tier we will take a brief look at web container security later in this article.
We will cover the following topics:
- Java EE container security
The aim of this article by Javier Collado is to show how tasks may be automated using Python together with STAF (Software Testing Automation Framework) by means of an example. We will first see a problem and then derive its solution using classical Python-only as well as Python+STAF. The implementation of the solution will evolve in different stages. This will help us in comparing both the solution in terms of simplicity and efficiency.Read Automation with Python and STAF/STAX in full
This article by Tarek Ziadé focuses on a repeatable process to write and release Python packages. We will focus on how to install, uninstall, develop, test, register, and upload a package.Read Writing a Package in Python in full
The re-architecture approach reduces the mainframe costs and legacy risks by migrating the application off the mainframe and re-structuring it using all the modern software tools and capabilities at our disposal. However, this very process of re-structuring the application, and essentially re-building it using knowledge and business rules mined from existing code, introduces certain risks. How can we ensure that the new application maintains functional equivalence, and operational characteristics of the original? Can we meet the performance and scalability requirements not only of the current environment, but future growth needs as well? Can we deliver the new application within the time and budget constraints agreed to at the beginning of the project? The older the application, the larger its scope and volume of code, and the fewer original developers available, the higher these risks may be.
This article by Jason Williamson, Tom Laszewski and Mark Rakhmilevich, takes a look at an alternative approach that attempts to balance these risks in a different way. Re-host-based modernization approach is focused on migrating the application off the mainframe to a compatible software stack on an open-systems platform, preserving the language and middleware services on which the application has been built. It protects legacy investment by relying on a mainframe-compatible software stack to minimize any changes in the core application, and preserve the application's business logic intact, while running it on an open-system platform using more flexible and less expensive system infrastructure. It keeps open the customer's options for SOA enablement and re-architecture, by using an SOA-ready middleware stack to support Web services and ESB interfaces for re-hosted components. And using an extensible platform with transparent integration to J2EE components, BPM-based processes, and other key tools of the re-architecture approach means you can start to re-architect selected components at will, without requiring changes to the re-hosted services running the remainder of the business logic.Read Introduction to Re-Host based Modernization Using Tuxedo in full
Joomla!, a very popular content management system (CMS) is as you may know an easy-to-deploy-and-use content management system. This ease of use has lent itself to rapid growth of both the CMS and extensions for it. You can install it on almost any host, running Linux or Windows. This highly versatile software has found itself in such lofty places as large corporate web portals, and humble places such as the simple blog.
Joomla! itself is inherently safe, but misconfigurations of the CMS, vulnerable components, hosts that are poorly configured, and weak passwords can all contribute to the downfall of your site. Hence, it's always better to ensure the security of your site.
In this article by Tom Canavan, we will take a look at how SQL injection attacks can occur to your Joomla website, how we can test for SQL injection attacks, and how to stop SQL injection.
Read Preventing SQL Injection Attacks on your Joomla Websites in full