Open in app

Sign In

Write

Sign In

Peter Locke
Peter Locke

267 Followers

Home

About

Published in

Lightrail

·Jul 7, 2017

Getting Token Authentication Right in a Stateless Single Page Application

Single page application architecture is becoming more prevalent, yet many established patterns to implement authentication security and user experience have not caught up. Patterns used by traditional web applications do not cross over well, or at all, to a true stateless architecture where there is no server-side web session. The…

Authentication

12 min read

Getting Token Authentication Right in a Stateless Single Page Application
Getting Token Authentication Right in a Stateless Single Page Application
Authentication

12 min read


Published in

Lightrail

·Jun 26, 2017

Prevent Business Intelligence Leaks by Using UUIDs Instead of Database IDs on URLs and in APIs

Let’s examine an innocuous looking URL that you may see when you are looking at your order history on some e-commerce site: https://www.yourfavsite.com/account/orders?orderid=5963 Speaking strictly from an application security perspective, there is no problem here. As long you’ve done your job on the back end checking that the order’s user…

Programming

6 min read

Prevent Business Intelligence Leaks by Using UUIDs Instead of Database IDs on URLs and in APIs
Prevent Business Intelligence Leaks by Using UUIDs Instead of Database IDs on URLs and in APIs
Programming

6 min read

Peter Locke

Peter Locke

267 Followers

Entrepreneur | Senior Technical Executive | Software Engineer — Builder of business focussed engineering teams and technology strategies.

Following
  • Nina P

    Nina P

  • Dick Hardt

    Dick Hardt

  • Medium

    Medium

  • Adam Jordens

    Adam Jordens

  • Tim Jordison

    Tim Jordison

See all (65)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech