News AggregatorSet Up AWS EC2 Instance: RedHat Enterprise Linux 8 (RHEL 8)Aggregated on: Amazon EC2 instances are the most widely used Virtual Machines. In general, EC2 or Elastic Compute Cloud instances run on the hypervisors, it's like a remote computer running a Windows or Linux OS on which you can install whatever software you want, including a Web Server running PHP application and a Database Server. In this article, I'm gonna show you how to set up an AWS EC2 instance - RedHat Enterprise Linux (RHEL8) and to access it remotely using SSH client from a local computer. View more...Top 5 Visualization Tool Types for 2020Aggregated on: Visualization involves the imagination to create various scenarios in our minds. Thus, whenever an individual visualizes any task, he/she creates a mental context about it. Today, visualization technique has become a significant thing associated with web development and an effective way to pass any message to draw the attention of prospects or to clear ambiguous terms and patterns based on presenting any data in a visual manner. Hence, in order to narrate any story or explain any specific pattern, experts of the web development industry have come up with popular visualization technologies and visualization tools to make the entire job of web development an easy task. Here we will discuss 5 such visualization technologies that will make the web development job easy. View more...Go Doesn't Need GenericsAggregated on: Summary A recent survey (https://blog.golang.org/survey2019-results) suggests that 79% of respondents felt that generics are a "critical" missing feature of Go. I can only assume these programmers must: View more...How to Overcome File Transfer Security RisksAggregated on: Individuals are constantly transferring files to their colleagues and trading partners, whether those files are Word documents, reports and spreadsheets, or shipping notices and acknowledgments. Most of the time, people simply assume these file transfers are safe. But in reality, hidden risks abound. View more...4 Self-Deployable Ways to Digitize Your BusinessAggregated on: Migrating to the cloud has always been an onus for organizations looking to step ahead of competitors. Given the current situation, where every business activity is forced to slow down, cloud platforms might bring harmony. The question that arises here is how? When the entire workforce is isolated and at distant locations, dealing and tackling a whole new environment, let alone setting it up, seems inappropriate. But do you know you can still move on with cloud transformations with ease? View more...Jenkins Pipeline With Sonarqube and GitlabAggregated on: In this guide, we are going to deploy a continuous integration process between Jenkins, GitLab, and SonarQube. The end goal will be to review the code quality through SonarQube for GitLab repository using Jenkins. Following is the process flow we need to manage: View more...Direct EDI Software vs. EDI VANAggregated on: Throughout the world, companies large and small alike are increasingly adding, expanding, and modernizing their electronic data interchange (EDI) communications. If you need to meet partner EDI mandates or wish to capture the many benefits afforded by EDI connectivity with more of your partners, you can take several approaches to EDI. Two of the most popular include value-added networks (VANs) and direct EDI (typically via AS2). If you're new to EDI, you may be wondering what these options entail and which is right for your business. If you've been operating EDI for some time, you may be considering whether now is the time to switch. Let's dive in and explore the advantages and disadvantages of direct EDI with AS2 vs. VANs. View more...A 4 Step Guide to E-CommerceAggregated on: Working from home has its benefits; going to work in your PJs, eating whenever (and whatever) you like and a shorter commute, to name a few. But if you’re used to selling products from a brick and mortar store, there’s not much work you can do from home unless you have an online store that […] The post A 4 Step Guide to E-Commerce appeared first on SiteCrafting. View more...Why Smart Cards Are SmartAggregated on: by Kyle Rankin If you use GPG keys, learn about the benefits to storing them on a smart card. GPG has been around for a long time and is used to secure everything from your email to your software. If you want to send an email to someone and be sure that no one else can read or modify it, GPG signing and encryption are the main method you'd use. Distributions use GPG to sign their packages, so you can feel confident that the ones you download and install from a package mirror have not been modified from their original state. Developers in many organizations follow the best practice of GPG-signing any code they commit to a repository. By signing their commits, other people can confirm that the changes that claim to come from a particular developer truly did. Web-based Git front ends like GitHub and GitLab let users upload their GPG public keys, so when they do commit signed code, the interface can display to everyone else that it has been verified. Yet, all of the security ultimately comes down to the security of your private key. Once others have access to your private key, they can perform all of the same GPG tasks as though they were you. This is why you are prompted to enter a passphrase when you first set up a GPG key. The idea is that if attackers are able to copy your key, they still would need to guess your password before they could use the key. For all of the importance of GPG key security, many people still just leave their keys in ~/.gnupg directories on their filesystem and copy that directory over to any systems where they need to use GPG. There is a better way. With OpenPGP smart cards, you can store your keys on a secure device that's protected with a PIN and not only store your keys more securely, but also use them more conveniently. Although some laptops come with integrated smart card readers, most don't. Thankfully, these devices are available as part of multi-function USB security token devices from a number of different vendors, and Linux Journal has published reviews of such products in the past. In this article, I discuss all the reasons OpenPGP smart cards are a better choice for storing your keys than your local filesystem. Reason 1: Tamper-proof Key Storage One of the main benefits of a smart card is that it stores your GPG keys securely. When you store your keys on a filesystem, anyone who can access that filesystem can copy off the keys. On a smart card, once keys go in, they never leave, neither accidentally nor from tampering. The smart card chips themselves are designed to be tamper-proof and resist attempts to extract key data even when someone has physical access. By putting keys on a smart card, you can have a reasonable assurance that your keys are safe, even from a determined attacker. Go to Full Article View more...WebAuthn Web Authentication with YubiKey 5Aggregated on: by Todd A. Jacobs A look at the recently released YubiKey 5 hardware authenticator series and how web authentication with the new WebAuthn API leverages devices like the YubiKey for painless website registration and strong user authentication. I covered the YubiKey 4 in the May 2016 issue of Linux Journal, and the magazine has published a number of other articles on both YubiKeys and other forms of multi-factor authentication since then. Yubico recently has introduced the YubiKey 5 line of products. In addition to the YubiKey's long-time support of multiple security protocols, the most interesting feature is the product's new support for FIDO2 and WebAuthn. WebAuthn is an application programming interface (API) for web authentication. It uses cryptographic "authenticators", such as a YubiKey 5 hardware token to authenticate users, in addition to (or even instead of) a typical user name/password combination. WebAuthn is currently a World Wide Web Consortium (W3C) candidate recommendation, and it's already implemented by major browsers like Chrome and Firefox. This article provides an overview of the YubiKey 5 series, and then goes into detail about how the WebAuthn API works. I also look at how hardware tokens, such as the YubiKey 5 series, hide the complexity of WebAuthn from users. My goal is to demonstrate how easy it is to use a YubiKey to register and authenticate with a website without having to worry about the underlying WebAuthn API. About the YubiKey 5 Series The YubiKey 5 series supports a broad range of two-factor and multi-factor authentication protocols, including: Challenge-response (HMAC-SHA1 and Yubico OTP). Client to Authenticator Protocol (CTAP). FIDO Universal 2nd-Factor authentication (U2F). FIDO2. Open Authorization, HMAC-Based One-Time Password (OATH-HOTP). Open Authorization, Time-Based One-Time Password (OATH-TOTP). OpenPGP. Personal Identity Verification (PIV). Web Authentication (WebAuthn). Yubico One-Time Password (OTP). In addition, the entire YubiKey 5 series (with the exception of the U2F/FIDO2-only Security Key model) now supports OpenPGP public key cryptography with RSA key sizes up to 4096 bits. This is a notable bump from the key sizes supported by some earlier models. Yubico's OpenPGP support also includes an additional slot for an OpenPGP authentication key for use within an SSH-compatible agent, such as GnuPG's gpg-agent. Figure 1. YubiKey 5 Series Go to Full Article View more...ADF : Scope VariablesAggregated on: Oracle ADF uses many variables and each variable has a scope.There are five scopes in ADF (Application, Request, Session, View and PageFlow).The below code snippest explains how to get value of each variable scope. AdfFacesContext adfCtx = AdfFacesContext.getCurrentInstance(); //Page Flow Scope Map pageFlowMap = adfCtx.getPageFlowScope(); Object pageFLowVariable = pageFlowMap.get("VARIABLE_NAME"); //View Scope Map viewMap = adfCtx.getViewScope(); Object viewVariable = viewMap.get("VARIABLE_NAME"); //Session Scope HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest(); HttpSession session = request.getSession(false); Object sessionVariable = session.getAttribute("VARIABLE_NAME"); //Request Scope Object requestVariable = request.getAttribute("VARIABLE_NAME"); //Application Scope Map applicationMap = FacesContext.getCurrentInstance().getExternalContext().getApplicationMap(); Object applicationVariable = applicationMap.get("VARIABLE_NAME");Thanks View more... |
|
|