Q:
Difference One-Way SLL and two-way SSL binding?
Answer:
One-way SSL authentication is if the client only
verifies the certificate of the server. This validation is done to make sure
that it is the expected server, i.e. no man in the middle attack.
Two-way SSL authentication (or better mutual
authentication or client authentication) is if the server also
verifies the certificate of the client.
2:
What is difference between Angular and Angular8?
Initially, Google started by introducing AngularJS in 2012.
AngularJS is based on the Javascript framework while Angular 8 and its
versions are typescript
frontend web application framework.
Currently, Angular 9 is the latest version.
Let’s see how they are different…
Language:
AngularJS is written in Javascript whereas Angular 8 is a
typescript framework.
Mobile Support
AngularJS does not build with mobile support while
angular 8 support mobile and desktop application.
Architecture
AngularJS is based on MVC architecture. Angular 8
architecture depends on certain fundamental concepts including the concept of a
component-based application.
Now, let’s look at Pros and Cons…
AngularJS
PROS:
• Faster and Scalable
Development
• Easy to Use
• Provide Simplest Routing
CONS:
• Javascript Dependent
• Not Secure
Angular 8
PROS:
• Good for single-page web
applications
• Reusability
• High Performance
CONS:
• Not SEO Friendly
• Hard to use
• Migration requires lots of
time
Both have certain pros &
cons. All depends on your requirements. Hopefully, now you have got some idea.
3. What is the difference between simple authentication
and Oauth2 Authentication?
4. How to provide security to web services?
Four Ways to Secure RESTful Web Services
·
2.1. BASIC
Authentication. It’s simplest of all techniques and probably most used
as well. You use login/password forms...
·
2.2. DIGEST
Authentication. This authentication method makes use of a hashing
algorithms to encrypt the password (called...
·
2.3. Client
CERT Authentication. This is a mechanism in which a trust agreement is
established between the server and...
·
2.4. OAUTH2
API Keys. If you have ever developed applications which interact other
with other applications over...
Difference
between Basic Authentication and OAUTH2 Authentication?
1st
Answer:
Yes, they both are different.
Http Basic:
This is for authentication
and user credentials are encoded then passed in HTTP header to the client
server. Basic example for HTTP Basic: Just like traditional web application
which asked user to provide credentials and these credentials sent to server in
HTTP header. Later server utilize those credentials to authenticate the user.
OAuth 2 :
This is for authorization, here the client server required authorization of
user data(resource owner) from authorization server. Basic example for OAuth 2
: Let say there is a online game application running on a server, the user
accessed the application which starts loading into user's browser. Now that
application asking grants from user to post data about games on his Facebook
account. Here user authorize his that application to access his Facebook posts
through OAuth Standard. Refer the internal mechanism https://tools.ietf.org/html/rfc6749
2ND
Answer:
Basic access authentication usage
is comparable to OAuth 2.0 Client Credentials Grant Type.
A session can be created using Basic
Authentication and services can be accessed using a sessionid in
a stateful environment.
But if you do not want to use the
session due to session limitations or stateless services, you can use the OAuth
2.0 Client Credentials Grant Type instead, which creates a token instead
of session and sessionid. This token provides access to the services.
5. In Spring Boot why we deploy jar
file not a war files?
Differences between jar and war in Spring Boot?
14
Spring Boot can be told to produce a 'fat JAR' which includes
all of your module/service's dependencies and can be run with java -jar <your jar>.
See "Create an executable JAR with Maven" here.
Spring Boot can also be told to produce a WAR file, in which case you'll likely choose
to deploy it to a web container such as Tomcat or Jetty.
Plenty more details on Spring Boot deployment here.
9
Depends on your deployment. If you
are planning to deploy your application to an existing Java EE Application
Server (e.g. Tomcat), then standard approach is to perform a war build.
When you use fat jar approach, your application will be
deployed on embedded application container provided by spring boot.
Conduct Deploying Spring Boot Applications for more
information.
Running spring-boot application
as fat *.jar
It is possible to build so called
fat JAR that is
executable *.jar file with embedded application container (Tomcat as
default option). There are spring-boot plugins for various build systems. Here is the one
for maven: spring-boot-maven-plugin
To execute the kind of
fat *.jar you could simple run command:java -jar *.jar
Or using
spring-boot-maven goal:mvn spring-boot: run
Building spring-boot application as *.war archive
The other option is to ship your
application as old-fashioned
war file. It could be deployed to any servlet container
out there. Here is step by step how-to list:
1.
Change
packaging to war (talking about maven's pom.xml)
2.
Inherit main
spring-boot application class from SpringBootServletInitializer and override SpringApplicationBuilder
configure(SpringApplicationBuilder) method
(see javadoc)
3.
Make sure to set the
scope of spring-boot-starter-tomcat as provided
One-sentence
definitions of OAuth 2.0 and OpenID Connect
OAuth 2.0 is a framework
where a user of a service can allow a third-party application to access his/her
data hosted in the service without revealing his/her credentials (ID &
password) to the application.
OpenID Connect is a framework
on top of OAuth 2.0 where a third-party application can obtain a user's
identity information which is managed by a service.
(Sorry, these definitions are excerpts from the overview page of my company)
What is Cross-Site –Scripting?
Cross-Site
Scripting is an attack on the web security of the user, the main motive of the
attacker is to steal the data of the user by running a malicious script in the
browser that is injected in the website content which is used by the user, as a
result of this attack, the attacker gains full control of the victims browser
which he can use to browse and send the worm to the user computer, this attack
is classified into two categories i.e. Stored XSS attack and Procedure XSS
attack.
Question: How to sort the
object using Lanbda using Java1.8 ?
Solution :
Sort List of Employee Objects in Ascending and Descending Order
using Lambda Expressions
In this example, we will see how to sort a list of employees by
name in ascending and descending order using Lambda Expressions:
package com.java.tutorials.sorting;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
import java.util.List;
public class SortList {
public static void main(String[] args) {
List < Employee > employees = new ArrayList < Employee > ();
employees.add(new Employee(10, "Ramesh", 30, 400000));
employees.add(new Employee(20, "Santosh", 29, 350000));
employees.add(new Employee(30, "Sanjay", 30, 450000));
employees.add(new Employee(40, "Pramod", 29, 500000));
Collections.sort(employees, new Comparator < Employee > () {
@Override
public int compare(Employee o1, Employee o2) {
return (int)(o1.getName().compareTo(o2.getName()));
}
});
// using lambda expression
// ascending order
Collections.sort(employees, (o1, o2) - > (o1.getName().compareTo(o2.getName())));
System.out.println("Ascending order => " + employees);
// descending order
Collections.sort(employees, (o1, o2) - > (o2.getName().compareTo(o1.getName())));
System.out.println("Descending order => " + employees);
// using Comparator.comparing() method
Collections.sort(employees, Comparator.comparing(Employee::getName));
}
}
class MySort implements Comparator < Employee > {
@Override
public int compare(Employee o1, Employee o2) {
return (int)(o1.getSalary() - o2.getSalary());
}
}
Note that the lambda expression we used to sort List of
employees:
// using lambda expression // ascending order Collections.sort(employees, (o1, o2) - > (o1.getName().compareTo(o2.getName()))); System.out.println("Ascending order => " + employees); // descending order Collections.sort(employees, (o1, o2) - > (o2.getName().compareTo(o1.getName()))); System.out.println("Descending order => " + employees);
Output:
Ascending order => [Employee [id=40, name=Pramod, age=29, salary=500000], Employee [id=10, name=Ramesh, age=30, salary=400000], Employee [id=30, name=Sanjay, age=30, salary=450000], Employee [id=20, name=Santosh, age=29, salary=350000]]Descending order => [Employee [id=20, name=Santosh, age=29, salary=350000], Employee [id=30, name=Sanja
Question :SOAP message Format?
Answer:
·
Envelope − Defines the start and the end of the message. It is a
mandatory element.
·
Header − Contains any optional attributes of the message used in
processing the message, either at an intermediary point or at the ultimate
end-point. It is an optional element.
·
Body − Contains the XML data comprising the message being sent.
It is a mandatory element.
·
Fault − An optional Fault element that provides information about
errors that occur while processing the message.
Question: Difference between Interface and Abstract class?
Question : What is difference between GROUPID & Artifact
ID?
The main difference between groupId and artifactId
in Maven is
that the groupId specifies the id of the project group while the artifactId specifies the id of the project.
It is
required to use third
party libraries when developing a project. The programmer can download
and add these third-party libraries to the project, but it is difficult to
update them later. Maven provides a solution to this issue. It helps to include
all the dependencies required for the project. Moreover, the programmer can
specify the required dependencies in the POM.XML file. It has the configuration
information to build the project. Furthermore, this file consists of
several XML elements,
and two of them are groupId and artifactId.
No comments:
Post a Comment