Patrycja Wegrzynowicz<\/a> is a software visionary and expert specialized in automated software engineering and Java technologies. She is the founder and CTO of Yonita, Inc., a California-based start-up focused on automated detection and refactoring of software defects, including security vulnerabilities, performance and concurrency anti-patterns, and database issues. Patrycja is a regular speaker at major academic as well as industrial conferences, including JavaOne, Devoxx, JavaZone, OOPSLA, ASE, and others. She is associated with University of Warsaw where she is finalizing PhD in Computer Science. Patrycja\u2019s interests focus on patterns and anti-patterns in software along with automated software engineering, particularly static and dynamic analysis techniques to support program verification, comprehension, and optimization.<\/p><\/blockquote>\nBroken authentication and session management is among the most prominent security vulnerabilities according to The Open Web Application Security Project Foundation (the OWASP Top 10). Many developers assume that it works out of the box in Java EE. Unfortunately that\u2019s not the case. Even though Java EE provides support for secure authentication and session management, it\u2019s still developers\u2019 responsibility to use it correctly. In live demos, you\u2019ll learn how to hijack a session by exploiting common security vulnerabilities on the client-side, on the server-side, and in transport. You\u2019ll also find out about common mistakes and omissions related to authentication and session management along with the ways to protect your applications using Java EE mechanisms.<\/p>\n","protected":false},"excerpt":{"rendered":"
Secure Authentication and Session Management in Java EE Patrycja Wegrzynowicz is a software visionary and expert specialized in automated software engineering and Java technologies. She is the founder and CTO of Yonita, Inc., a California-based start-up focused on automated detection and refactoring of software defects, including security vulnerabilities, performance and concurrency anti-patterns, and database issues. […]<\/p>\n","protected":false},"author":7816,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[46],"tags":[42,63,64,29],"acf":[],"yoast_head":"\n
Secure Authentication and Session Management in Java EE - Voxxed Days Greece<\/title>\n<meta name=\"description\" content=\"Secure Authentication and Session Management in Java EE -\u00a0learn how to hijack a session by exploiting common security vulnerabilities on the client-side, on the server-side, and in transport\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/voxxeddays.com\/greece\/2016\/01\/09\/secure-authentication-and-session-management-in-java-ee\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Secure Authentication and Session Management in Java EE - Voxxed Days Greece\" \/>\n<meta property=\"og:description\" content=\"Secure Authentication and Session Management in Java EE -\u00a0learn how to hijack a session by exploiting common security vulnerabilities on the client-side, on the server-side, and in transport\" \/>\n<meta property=\"og:url\" content=\"https:\/\/voxxeddays.com\/greece\/2016\/01\/09\/secure-authentication-and-session-management-in-java-ee\/\" \/>\n<meta property=\"og:site_name\" content=\"Voxxed Days Greece\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/voxxedbucharest\/\" \/>\n<meta property=\"article:published_time\" content=\"2016-01-09T21:43:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2016-01-28T19:57:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/voxxeddays.com\/bucharest\/wp-content\/uploads\/sites\/19\/2015\/08\/patricya-300x300.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@VoxxedBucharest\" \/>\n<meta name=\"twitter:site\" content=\"@VoxxedBucharest\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\">\n\t<meta name=\"twitter:data1\" content=\"alexproca\">\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data2\" content=\"1 minute\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/voxxeddays.com\/greece\/#website\",\"url\":\"https:\/\/voxxeddays.com\/greece\/\",\"name\":\"Voxxed Days Greece\",\"description\":\"Another Voxxed event\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/voxxeddays.com\/greece\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/voxxeddays.com\/greece\/2016\/01\/09\/secure-authentication-and-session-management-in-java-ee\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/voxxeddays.com\/bucharest\/wp-content\/uploads\/sites\/19\/2015\/08\/patricya-300x300.png\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/voxxeddays.com\/greece\/2016\/01\/09\/secure-authentication-and-session-management-in-java-ee\/#webpage\",\"url\":\"https:\/\/voxxeddays.com\/greece\/2016\/01\/09\/secure-authentication-and-session-management-in-java-ee\/\",\"name\":\"Secure Authentication and Session Management in Java EE - Voxxed Days Greece\",\"isPartOf\":{\"@id\":\"https:\/\/voxxeddays.com\/greece\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/voxxeddays.com\/greece\/2016\/01\/09\/secure-authentication-and-session-management-in-java-ee\/#primaryimage\"},\"datePublished\":\"2016-01-09T21:43:31+00:00\",\"dateModified\":\"2016-01-28T19:57:21+00:00\",\"author\":{\"@id\":\"https:\/\/voxxeddays.com\/greece\/#\/schema\/person\/3610fff738a03b155237ab4707e803eb\"},\"description\":\"Secure Authentication and Session Management in Java EE -\\u00a0learn how to hijack a session by exploiting common security vulnerabilities on the client-side, on the server-side, and in transport\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/voxxeddays.com\/greece\/2016\/01\/09\/secure-authentication-and-session-management-in-java-ee\/\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/voxxeddays.com\/greece\/#\/schema\/person\/3610fff738a03b155237ab4707e803eb\",\"name\":\"alexproca\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/voxxeddays.com\/greece\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/fb9bbcf4c88be28b95644b3697985fcb?s=96&d=mm&r=g\",\"caption\":\"alexproca\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/posts\/2131"}],"collection":[{"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/users\/7816"}],"replies":[{"embeddable":true,"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/comments?post=2131"}],"version-history":[{"count":0,"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/posts\/2131\/revisions"}],"wp:attachment":[{"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/media?parent=2131"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/categories?post=2131"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/voxxeddays.com\/greece\/wp-json\/wp\/v2\/tags?post=2131"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"patricya](\"https:\/\/voxxeddays.com\/bucharest\/wp-content\/uploads\/sites\/19\/2015\/08\/patricya-300x300.png\")
<\/p>\n