Re: A book of Struts

Martin Gainty Wed, 17 Oct 2018 08:33:27 -0700

i agree with johannes
It seems AWS-cloud json sends YOUR_AWS_ACCOUNT_ID as cleartext
since Authorization header is allowed:


 "x-amazon-apigateway-integration": {
          "responses": {
            "default": {
              "statusCode": "200",
              "responseParameters": {
                "method.response.header.Access-Control-Allow-Methods": 
"'GET,OPTIONS'",
                "method.response.header.Access-Control-Allow-Headers": 
"'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'",
                "method.response.header.Access-Control-Allow-Origin": "'*'"
              }
            }
          },

to avoid MIM interception..could we populate username+password to the AWS 
service using Node.js ?

var requestPromise = require('request-promise');var user = 'user';var password 
= 'password';var base64encodedData = new Buffer(user + ':' + 
password).toString('base64');

requestPromise.get({
  uri: 'https://example.org/whatever',
  headers: {
    'Authorization': 'Basic ' + base64encodedData
  },
  json: true})

https://stackoverflow.com/questions/18264601/how-to-send-a-correct-authorization-header-for-basic-authentication

[https://cdn.sstatic.net/Sites/stackoverflow/img/[email protected]?v=73d79a89bded]<https://stackoverflow.com/questions/18264601/how-to-send-a-correct-authorization-header-for-basic-authentication>

jquery - How to send a correct authorization header for 
...<https://stackoverflow.com/questions/18264601/how-to-send-a-correct-authorization-header-for-basic-authentication>
Join Stack Overflow to learn, share knowledge, and build your career.
stackoverflow.com

?
________________________________
From: Johannes Geppert <[email protected]>
Sent: Wednesday, October 17, 2018 4:30 AM
To: Struts Users Mailing List
Subject: Re: A book of Struts

+1 for new Struts2 book! Count on me for any help as well.

Maybe Struts2 as micro service could be a topic as well?
I made some experiments with Struts2 as AWS Lambda functions in the last
time and it will be soon hopefully supported by AWS itself.

See:
http://www.jgeppert.com/2018/05/serverless-aws-lambda-performance-of-apache-struts2-vs-spring-boot/
https://github.com/awslabs/aws-serverless-java-container/issues/149
https://github.com/struts-community-plugins/struts2-cloud-support

Best Regards

Johannes



Am Mi., 17. Okt. 2018 um 10:05 Uhr schrieb Yasser Zamani <
[email protected]>:

> Wow! No idea but please feel free to count on me (if you liked) on any
> aspect of the book where I'm able to assist (if you needed or wished any).
>
> Kind regards.
>
> >-----Original Message-----
> >From: Lukasz Lenart <[email protected]>
> >Sent: Wednesday, October 17, 2018 11:08 AM
> >To: Struts Users Mailing List <[email protected]>
> >Subject: A book of Struts
> >
> >Hi everyone,
> >
> >I would like to (finally ;-) write a book about the latest version of the
> Apache
> >Struts, probably targeting Struts 2.6. I wonder what kind of book this
> should be:
> >- an introduction from zero to a full blown app
> >- a 101 good practices/examples
> >- any other idea
> >
> >I hope you will give me some positive feedback to start working on this
> task :)
> >
> >
> >Kind regards
> >--
> >Łukasz
> >+ 48 606 323 122 http://www.lenart.org.pl/
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: [email protected]
> >For additional commands, e-mail: [email protected]
>
>

Re: A book of Struts

Reply via email to