Author Archives: khiem

About khiem

I am a fan of Java ecosystem. Love reading books, and sharing.

Apache Axis2 Client Service Timeout

I used the Apache Axis2 Client service to send a request to a service provider. However, the processes take too long, sometime up to 5 minutes at the service provider side. As result, my request is always timeout after 60 seconds. My application is written by Spring Boot and maven configuration to generate Java code… Read More »

Java Basic

1. What is Class, Object, State, Behavior? Class: A template that describes the kinds of state and behavior that objects of its type support Object: At runtime, when the Java Virtual Machine (JVM) encounters the new keyword, it will use the appropriate class to make an object which is an instance of that class. That… Read More »

Category: Q&A

Security checklist notes

The security checklist makes it possible for developers to learn and practice properly. Type Descriptions IDS Unrestricted File Upload like Exitf, shell script attack. References:– Owasp Unrestricted_File_Upload– 5 ways to File upload vulnerability Exploitation– Protect FileUpload Against Malicious File– Input Validation and Data Sanitization (IDS) HTTP Headers – Content-Security-Policy– X-Frame-Options– X-XSS-Protection– X-Content-Type-Options– Referrer-Policy– Feature-Policy e.g For… Read More »

What is the behavior of the annotation @Autowired with regards to field injection, constructor injection, and method injection?

The following are the types of dependency injections (DI) that could be injected into your application: Constructor-based dependency injection Setter-based dependency injection Field-based dependency injection The constructor injection pattern It is more suitable for mandatory dependencies, and it makes a strong dependency contract It provides a more compact code structure than others It supports testing… Read More »

Install JCE Unlimited Strength Jurisdiction Policy Files

1. Problem. In order to secure sensitive data such as card number, user account, email, etc..that meet PCI standard, people usually employe Advanced Encryption Standard – Symmetric Encryption Algorithms (Stalling, Cryptography and Network Security) to make the data safely. AES was designed to be efficient in both hardware and software and supports a block length… Read More »

JPA OneToMany Relationship

1. Introduction. The OneToMany relationship is the most common JPA association and foreign key is controlled by the child-side directly including unidirectional and bidirectional association. This note presents how to configure bidirectional @OneToMany association 2. Bidirectional ManyToOne / OneToMany Relationships. Assuming that: Event entity references a single instance of User entity User entity references a… Read More »

Get Client IP Address in HttpServletRequest

1. Problem. This note is to improve How to get client Ip Address in Java post to friendly display to clients and related issues. The display could be shown like a figure below: Client also want to see IP address in details as Google IP Address example: 2. Solution. In order to get a real… Read More »

JPA OneToOne Relationship

In JPA, two types of the @OneToOne relationships are bidirectional and unidirectional. In each type, we can use different mapping approaches: One-to-one association that maps a foreign key column. One-to-one association where both source and target share the same primary key values. One-to-one association from an embeddable class to another entity. 1. Bidirectional OneToOne association… Read More »

Asymmetric encryption by Java Cryptography

1. Overview In cryptography, there are two general categories of key based algorithms: Symmetric encryption algorithms: Symmetric algorithms use the same key for encryption and decryption such as the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) Asymmetric (or public key) encryption algorithms: Asymmetric algorithms use two separate keys for these two operations.… Read More »