Blogs on Java

How GIT is different from other source control system? Git creates a snapshot of the working directory in the local repository for every commit unlike maintainig versions of the changed files in other source control systems like CVS. Users can create a copy of the remote repository into their local machines and work without the need of network connection In the local repository, users can perform all the operations as they can in remote. Changes can be pushed to the remote repository only when they have to be shared across the team. What are the different stages in git? Working directory  ->  Staging   -> Local repository  -> Remote Repository Except Remote repository, everything lies in a local machine. Working directory is where a developer makes code changes. Your IDE like Eclipse, Intellij Idea git add -> moves the working directory changes to the staging directory. git commit -m -> moves the staging directory changes to the local ...

  NIO - New IO package. Introduced in 1.4. It is buffer based and non-blocking. Hence, faster than IO package. It supports symbolic links, posix file attributes(works only on OS's which are POSIX compliant), ACL (Access control list). Paths and Files are the main classes Creating a potential file reference: Path path = Paths.get("c:/demo/"); //possible file reference Creating a directory, file, write to the file, read from the file: //create all the non existing directories in the path. Ignores creating a directory, if that directory already exists Path directories = Files.createDirectories("c:/demo/example1/properties/"); Path newFilePath = Files.createFile("c:/demo/README.txt"); //Creating a file //Writting bytes to the file Files.write(newFilePath, "This is a dummy text".getBytes(StandardCharsets.UTF_8)); //Reading bytes from file String readFile = new String(Files.readAllBytes(newFilePath), "UTF-8"); Files.readAllBytes reads all...

CSRF(Cross site request forgery) Attacker crafts a request to a website that the victim has access to. Victim is tricked to submit the request which he doesn't intend to. Victim tricked to changing  his personal information with attackers mobile/email. How To Fix: This attack can be protected by including csrf token in web forms which keeps changing for every request and every user. Referrer header is another option. Session fixation Attacker creates a session by accessing a malicious site. Persuades victim to login to the site with the same session id.  Attacker uses the same session and impersonate victim How To Fix: This attack can be prevented by creating a new session whenever user logs in. HSTS(HTTP Strict transport security) If the https protocol is omitted in the url, victim will be allowed to access the un-secured site. Since, the communication is not secured via http, victim will potentially be vulnerable to man in the middle attacks. Attacker can view the netw...

What is LDAP? LDAP is a protocol used by clients for accessing the directory server. What is a directory server? The directory server is a storage server which is widely used to store user's data of any organization. It uses LDAP protocol to listen to client requests for performing any read/write operations on it.  Since the directory servers support LDAP protocol for interacting with clients, they are also called as LDAP servers. Who are the clients to directory server? Directory clients can be anything which is capable of interacting with the directory server. Examples of directory clients can be a java application, Apacheds studio (Apache DS studio is similar to SQL developer or TOAD for Oracle), etc.  How data in LDAP servers gets stored? Data in LDAP server gets stored in a directory.  When we add entries to the LDAP, they get stored under the base directory. Some of the entries may contain subentries also. Eventually, This result in data stor...

Encryption & Decryption  A secret or disguised way of writing the actual data is encryption.  Deciphering(converting) the disguised data or secret back to the actual data is decryption. How to encrypt the data using encryption? Data can be encrypted using a encryption(cipher) algorithm associated with a secret key.  What is the purpose of a secret key in encryption?  It basically acts as a key to lock(encrypt) the data during encryption and unlock(decrypt) the locked data during decryption.  Symmetric encryption: If we use the same key for both encryption and decryption then we call the process as symmetric encryption. This process uses a single secret key. Asymmetric encryption: If we use a key pair(private key & public key) and use one key for encryption and the other key for decryption. we call this process as asymmetric encryption. What is the purpose of the encryption(Cipher) algorithm in encryption?  As the name suggest...

ThreadPool Creation Executors class provides several static methods to create various types of Thread pools in Java FixedThreadPool, CachedThreadPool, ScheduledThreadPool, WorkStealingPool are different variants of Thread pools available in java. A thread pool can be created by calling the below snippet. ExecutorService fixedPoolExecutorService = Executors . newFixedThreadPool ( 2 ); ThreadPool Management Thread pools are managed by ExecutorService Interface. We get the handle of ExecutorService while creating the Thread Pool. ExecutorService provides submit() method to submit your task. For submitting a task, y ou should create a task either by implementing Runnable or Callable and then pass the task's reference to the submit() method.  Submit() method is overloaded with submit(Runnable task) and submit(Callable Task) and returns Future in both the cases. Runnable version returns Null when we call future.get() whereas callable returns a value. The task of ...