Category Archives: Design

NTLM Authentication in Java

Many years back, I moved over into Java world and when I was asked to implement my very first security implementation, I realized that there was no easy way to do this and many clients would actually want us to use LDAP for authentication and authorization. For many years, I continued to use that. And, then one day in a discussion with a client, we were asked to provide SSO implementation and client did not have an existing setup like SiteMinder. I started to think about if we can go about using NTML based authentication. The reason that was possible was because the application we were asked to build was to be used within the organization itself and all the people were required to login into a domain.

Internet Filter Bubble

I have been a part of a project/product where we did have similar discussions and ensuring that people are getting information relevant to them. The filter bubble that Eli Pariser mentions in his talk is exactly what we did try to build in our product and are even trying to do so today. We pick up programs that people have selected and we then pass on content based on the selections.

The Architect’s Eye – Communicating Errors

In many of my projects, I have found architects guilty of preparing a design that leaves the error messages out of the question. And now, I come across an article that shows us 35 creative designs of showing a 404 page (http://www.onextrapixel.com/2011/03/09/the-secret-of-a-successful-error-page-with-35-amazing-404-page-designs/). As I was browsing some of these designs, I recall a designer I…

Who the hell needs Quality?

I will let you do the math, but what made me fell out of my chair was the fact that everyone in the room was accepting the fact that even before we were developing the application we would have 66% of the time spent in fixing defects. Not even once did anyone asked, how can we ensure that we do not have so many defects in the application. Now even once did anyone asked if we already have Unit testing how come we still have these many number of defects.

Top 25 Most Dangerous Programming Errors

The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or…