Blockchain explained in Java

Quoting from Wiki

A blockchain, originally block chain, is a growing list of records, called blocks, which are linked using cryptography. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data (generally represented as a merkle tree root hash).

How about a functional code written in Java to understand Blockchain actual working.

We will create a Crypto Wallet
We will send amount from a wallet to another.

What are the basic Objects i can think of in the Crypto transactions ?

A Block which holds the valid transactions that are hashed and encoded.
A Wallet holding with the address and basic properties.
A Transaction which will happen when one send or receive.

Transaction input and output.

Classes created as below:


Continue reading

Email notification service-email Bombing-example

Now a days every app has a module for notifying users through email. The same email module/service when written less carefully can lead to serious misuse by the attacker. Attacker can spam the inbox of any user when the app is vulnerable to this issue. Below is the example of vulnerable webapps test with explanation.

Suppose the reset password functionality is vulnerable to email bombing.

url –

Open it and you see a form to notify you by email. try putting email and send. Monitor and capture the request.

For now i take below headers:

POST /lost-password HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.04
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cookie: lang=en; xyz
Connection: keep-alive
Upgrade-Insecure-Requests: 1

POST data

Looking at the header and body , we can see that their is no way for the web server to track user or to validate the genuine request. So we can replay the same request with different POST data using any client.

Continue reading

New and enhanced feature in JDK family [covered jdk 1.5 to 1.8]

What’s new in JDK 1.5 over 1.4 !

1. Generics {Compile}
2. Annotations {suppress ,override, deprecated….}
3. Enumerations
4. Variable arguments{void test(String…)}
5. Changes in concurrency utilities.Now includes high-level concurrency APIs.{ java.util.concurrent}
6. Autoboxing and Unboxing
7. Static imports {less keystrokes/time and the same outcomes.}
8. forEach loop {Beautify the existing for loop usage while iterating over collections}

Continue reading

Form submission using LifeRay MVC

Came around a task to raise Jira tickets and view existing Jira tickets using Liferay Framework. Started with creating two POC.

First POC is Portlet with Task submission that goes directly into schema on MYSql using Liferay MVC.

Liferay Portlet Form
Liferay MVC Data Layer with MYSql

Project structure screenshot at the bottom.
Lets Create a new Portlet named IssueLiferayMVC.
Follow link to create one. Creating a new Portlet


Lets create jsp form containing inputs related to a task/Bug. Make the entries by replacing view.jsp with raise_issue.jsp

Continue reading

Switching from HSQL to MySQL or any other DB in Liferay

Lets Switch from existing HSQL to MySQL.

Simplest way of switching database is to use a property file named to override the existing features can be written into this file.

Go to Liferay tomcat directory->WEB-INF->classes. Their you find the file
In case you don’t find it,create a new file named
Add the below database configuration parameters to run LFRay on MySQL.

Continue reading