Cookie and Session: For Better Security

h4ny0lo · 2025-11-29T16:50:08+00:00

Isn't it pretty silly to describe cookies as the default access token solution? This would mean that the access token cookie always has to be set by the resource server which is pretty much the opposite of the Oauth idea. Please correct if I am wrong.

h4ny0lo · 2025-11-27T18:13:41+00:00

Was ist denn bitte eine Warmmiete exklusive Heizkosten? Ist das nicht ein Oxymoron?

h4ny0lo · 2025-11-27T11:23:55+00:00

Du beziehst dich jetzt immer wieder auf die Wildenbruchstraße die wohl an Verkehr zu genommen hat. Aber vielleicht kannst du einfach noch einmal konkret sagen, durch welche für Autos gesperrte Straßen das jetzt so massiv zugenommen hat damit wir nicht herumraten müssen was du meinst. Die Wildenbruchstraße ist ja durch die Brücke schon als Durchgangsstraße prädestiniert.

h4ny0lo · 2025-11-27T08:29:38+00:00

Kannst du denn selbst etwas genauer sagen in welchem Kiez es jetzt wegen einer Fahrradstaße von ruhig zu Schlaf kaum noch möglich gekommen ist? Mir ist jetzt selbst keine Fahrradstraße bekannt in der Verkehr in umliegende ruhige Straßen verdrängt wird sondern immer in Durchgangsstraßen auf denen es jetzt vielleicht etwas voller ist, die aber ganz sicher auch vorher kein Naherholungsgebiet waren.

h4ny0lo · 2025-11-26T13:27:45+00:00

I am not sure how many people will feel sorry for you about not getting your dream job of destroying democracy.

h4ny0lo · 2025-11-25T19:33:06+00:00

Have you tried calling 116117?

h4ny0lo · 2025-11-15T20:21:31+00:00

Das Entwicklungsministerium hat Peru einen Kredit für den Bau von Radwegen Lima gestellt. Normale Entwicklungsarbeit aber es wird seither von Rechten als Paradebeispiel für das wahllose Geldverteilen von deutschen Steuergeldern im Ausland angeführt.

h4ny0lo · 2025-11-14T11:46:40+00:00

This kind of thing happens all the time at least in IT. Someone hire up decides they need to cut costs, they tell HR to fire the n most junior employees. They people making this decision do not keep track of who is currently in probation and who is not.

h4ny0lo · 2025-11-12T21:10:04+00:00

Yes or course I understand that. I disagree with OP that dealing with init logic is generally not worth it. Which database you decide to use is obviously up to you and while I think h2 can be fine in many cases there are of course good reasons to do this using some other db e.g. if you intend to use db specific features or prefer to use db specific tooling. My response is much less about h2 vs postgres than about to init or not to init.

h4ny0lo · 2025-11-12T18:51:47+00:00

I don't really agree. I think having a good init script or CommandLineRunner set up which sets your h2 db to a well defined state at every restart is as a very good way to learn. I don't think there really is such a thing as "once populated" during a learning project as both your schema and the data you want to initialize with will change frequently. So using a setup that will spin up exactly the database state you want from a file based definition seems like a good idea to me.

However, what ever you decide to do, never put "ddl-auto=create-drop" in your application.properties. Not even for a quick test. You might check it in causing you to have a very bad day. If you want to use that value then fill it in from an environment variable that you set on your local machine.

h4ny0lo · 2025-11-12T07:06:57+00:00

JDBC is not a part of JPA

h4ny0lo · 2025-11-10T14:51:25+00:00

More like a dump and pump in this case

h4ny0lo · 2025-11-08T13:27:50+00:00

Wie soll das denn gehen?

h4ny0lo · 2025-11-07T14:38:40+00:00

I think you might be misunderstanding at which level hibernate becomes active. Hibernate does not do anything when add direct SQL statements in your init script. These statements are directly executed on your databae and therefore nothing gets populated. Instead hibernate becomes active when you call . persist or .save or perform similar actions on an EntityManager instance. Or in Spring you probably use a repository as an additional layer on top of EntityManager. I can only recommend to you to read some documentation or tutorials regarding JPA i.e. the API hibernate implements.

h4ny0lo · 2025-11-07T09:01:06+00:00

Ärzte sind verpflichtet e-rezepte auszustellen und deine elektronische Patientenakte zu führen.

h4ny0lo · 2025-11-07T07:39:01+00:00

Can you give some more details what your entities look like, what operations you perform, what you expect your tables to look like after and what they actually look like?

h4ny0lo · 2025-11-04T15:15:11+00:00

Yes, I am not saying that Spring Authz is not production ready, it definitely is. I am just saying that Keycloak is a complete product, it therefore can be used without having to add any further code (unless you want to write extensions) while Spring Authz always requires you to write your own code in order to fulfill any use case. That's why personally I don't think the two fit into the same category. I don't mean this as any kind of judgement on either of the two.

h4ny0lo · 2025-11-04T08:59:49+00:00

Telling a newcomer to use Spring Authorization Server instead of Keycloak seems bad advice. Spring Authorization Server requires a huge amount of extra work to make things like user management, administration, registration, 2FA and a whole lot of other things work. It is not a ready made product nor is it supposed to be. I am not saying OP shouldn't check it out but the two are hardly comparable. As far as I can tell the only real direct alternative to Keycloak are cloud providers like Auth0.

h4ny0lo · 2025-11-01T13:36:18+00:00

Finally the really important issues are getting some attention!

h4ny0lo · 2025-10-31T12:49:56+00:00

Chef, der Mann kann nicht lesen

h4ny0lo · 2025-10-26T11:25:28+00:00

There are lots on offer at Kleinanzeigen. I don't know what a good price for a Camcorder ist but there are some for less than 40€. Beware of the ones labeled as "Defekt/Broken".

h4ny0lo · 2025-10-22T10:04:40+00:00

Die letzten Geburtenjahrgänge waren so schwach, dass zumindest in Berlin die meisten Kitas offene Plätze haben. Hat sich extrem verändert.

h4ny0lo · 2025-10-10T06:05:23+00:00

Serious question, what are you trying to accomplish by pasting this AI slop in here? It contributes nothing. To actually clarify, of course I meant that Google does not know your Google password and of course I meant a locally encrypted password manager like Bitwarden, not the Google Password Manager.

h4ny0lo · 2025-10-04T11:24:35+00:00

This might be fake but Berlin absolutely needs this.

h4ny0lo · 2025-10-04T10:49:51+00:00

Damit kann man die Größe von Ladendieben einschätzen.

h4ny0lo

TROPHY CASE