Tag Archives: security

Web security workshops in Saudi Arabia

I am off for few weeks delivering several 3-days trainings on web app security best practices in Saudi Arabia. It's my first training outside of Europe so I had to spend some time exploring the culture of the nation here which is pretty exciting.

Already had two trainings so far and few more to go. There is going to be another batch on November for another colleague of mine and I'm trying to sync my materials to serve as a good reference during the next batch of trainings. 

del.icio.us Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati ReadMe.ru Dobavi.com Dao.bg Lubimi.com Ping.bg Pipe.bg Svejo.net Web-bg.com

Digital signatures and PDF signing

 

I am working on a project that requires PDF signing through a website.

The current infrastructure includes Apache + PHP website available. What we need to achieve is integrate the digital signature module of a user visiting the website and sign the required files. One of the most appropriate solutions after the negotiations was signed applet that signs PDFs.

  1. The steps for the project creation are the following:
  2. Create an applet
  3. Create a certificate to sign the applet via keystore tool (if root CA's are not available)
  4. Sign the applet (allowing read/write access to users' hard drives)
  5. Create a REST implementation that could read/write to the server database via HTTP
  6. Implement the iText API
  7. Create an appropriate interface to list certificates and documents, too
  8. Sign each of the documents

Some useful materials on the topic:

How to sign a Java applet

How to sign an applet (and get it to work)

Oracle Signed applets tutorial

Creating PDF with Java and iText

How to sign a PDF using iText

LifeCycle ES PDF signing (the Adobe way)

del.icio.us Digg DZone Facebook Google Google Reader Magnolia reddit SlashDot Technorati ReadMe.ru Dobavi.com Dao.bg Lubimi.com Ping.bg Pipe.bg Svejo.net Web-bg.com