Apache Shiro 1.8.0 has been released. This article will give a short overview of what has changed since Apache Shiro 1.7.1. Changes in Apache Shiro…
Bens IT-Comments
Thoughts from and to the IT crowd
Bens IT-Comments Posts
When I recently switched to Manjaro, I was happy that I could use the native MuseScore app instead of the AppImage, and that performance issues…
For quite a while I was using a NUC and an IcyBox USB 2 disk enclosing. But the enclosing was not able to use acoustic…
A while ago, Sandra and I were working on the p2-maven-plugin, which helps you create Eclipse RCP projects via maven means. One of the tasks we faces was updating the Tycho dependency which is used to actually package and bundle the project.
As an Apache Shiro PMC member, I have occasionally contact to cryptographic functions. For example, Shiro 1.x allows hashed passwords in your shiro.ini configuration.
Now, everyone should know by now that just hashing (and salting) a password is not a good protection against brute force attacks. Even with hundreds or thousands of iterations, such a password can be prone to brute force attacks nowadays. This it is not a surprise that Lez Hazlewood (the original creator of Apache Shiro) had the idea to add an bcrypt implementation.
If you use OpenLiberty Java Application Server, you should be careful when maintaining a cipher list. See what happens if you are not careful. Now,…
The Release of Apache Shiro 1.7.1 is out. Why I blog about this? I have been a commiter for the Apache Shiro project for a while now and recently became PMC member. 😊
Read on for information what has changed in Apache Shiro 1.7.1.
The Apache Maven team is pleased to announce the release of the Apache Maven JLink Plugin, version 3.1.0.
This plugin is used to create a JLink distribution using Maven. It is as easy as creating a jar file, but will instead create a zip file containing a reduced Java Runtime along with a launcher script, as well as the actual application of course. A JLink zip file is therefore platform dependent.
Whenever you pull in SnakeYAML (either directly or via Jackson), you will break your modulear builds. The reason: SnakeYAML is a named automatic module. But then, automatic modules cannot be used in jlink images.
But this can be healed. You can rescue your builds using the moditect-maven-plugin. It is a little hard to use, as the documentation is very technical. It also has few examples, and the documentation does not explain when to use which goal, and how to proceed. So, if you want to see a simple example, read on! 🙂
If you want to integration-test your Maven project, you might already use GitHub Actions.
Testing with a Maven toolchain is a little more complex to set up. This tutorial will show how I did this for the maven-jlink-plugin.