Finding md5 hash of file

Fun tip I learned today. If you need to find the md5 hash of a file you can simply user the following command.

certutil -hashfile {path+filename} md5 

certutil is included in windows by default, so you aren’t required to have anything additional installed.

read more

Angular Loading JavaScript file in different environments

If you ever need to load two different files in production vs test, you can add some code to your main.ts file in your Angular project. The existing code includes the if statement and enableProdMode(), but you can easily add in the else to conditionally load a different file. In my case I don’t want google analytics posting to my production account.

import { environment } from './environments/environment';

//create a new element
const script = document.createElement('script');
if (environment.production) {
    enableProdMode();
    script.src = 'analytics.js';
} else {
    script.src = 'test-analytics.js';
}
//append that element into the dom
document.head.appendChild(script);

read more

Java setting tracking mode for session

If you avoid using xml for you configuration files like I do, but don’t want to pass the jsessionid around through the URL you can create a @Bean and use a lambda to set the tracking mode as follows

public class AuthProvidersSecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public ServletContextInitializer servletContextInitializer() {
      return servletContext -> {
        servletContext.setSessionTrackingModes(EnumSet.of(SessionTrackingMode.COOKIE));
      };
    }
}

read more

Java settting domain on a session cookie

If you need to override the domain on a session cookie you can add the following method to your AuthProvidersSecurityConfig class to do so. It’s not common you’d need to do this, but our domain wasn’t setting correctly in our cookie and this cleared the issue up.

public class AuthProvidersSecurityConfig extends WebSecurityConfigurerAdapter {

  @Bean
  public ServletContextInitializer servletContextInitializer() {
    return servletContext -> {
      servletContext.getSessionCookieConfig().setDomain("matthewbusche.com");
    };
  }
}

read more

I'm speaking at Iowa Technology Summit

I’m proud to announce I’ll be speaking at Iowa Technology Summit on October 2nd! The conference will be held at the Community Choice Credit Union Convention Center in down Des Moines.

I’ll be speaking on Secure by Design and how you can ensure security throughout development of your application. I’ll cover some of the OWASP top 10, best practices, and things I’ve implemented at work. I gave a similar talk at DevOpsDays Des Moines, but I have a lot of takeaways from that talk and my team at work has made a lot of progress that I’m excited to be able to share.

Registration is open now, so don’t delay in getting your tickets!

Iowa Tech Summit

read more