Java Garbage Collection

Tuning the garbage collector is the most important thing that can be done to improve the performance of a Java application. OpenJDK has three collectors suitable for production, with different performance characteristics. In order to study the GC behaviours in application, it is important to turn on GC logging. The detailed step is different in … Read moreJava Garbage Collection

Virtualization 1 of 4 – Hypervisor

In broad terms, virtualization of computing resource is about isolation of resources, at different levels. There are five levels of virtualization: Application level, such as JVM, .NET CLR Library (user-level API) level Operating system level, such as LXC, Docker, OpenVZ Hardware abstraction layer (HAL) level, such as VMware, Xen, etc Instruction set architecture (ISA) level … Read moreVirtualization 1 of 4 – Hypervisor

Setup WSL2 on Windows 10

This is not for Linux snobs, but rather for those who are stuck with a Windows work laptop, have to deal with Linux on a daily basis, and are not a fan of PuTTY. This posting provides the steps to setup Windows 10 so you get a work environment closer to a Linux one. The … Read moreSetup WSL2 on Windows 10

NTLM and Kerberos protocols

This article explains how two most common authentication mechanisms (NTLM and Kerberos) work. Both authentication protocols are based on symmetric key cryptography. The protocols themselves are platform independent. NTLM Authentication NTLM is the default authentication protocol prior to Windows 2000 and still prevalent today as backup to Kerberos. It is based on challenge/response mechanism. User … Read moreNTLM and Kerberos protocols

Introduction to Authentication Frameworks (PAM and SSPI)

This article gives a very brief high-level introduction to PAM (Pluggable Authentication Module) and SSPI (Security Support Provider Interface) as authentication frameworks in Linux and Windows respectively. PAM The Pluggable Authentication Module (PAM) architecture provides a powerful abstraction for user IAM using pluggable authentication model Unix platforms. It defines a generic API for authentication and … Read moreIntroduction to Authentication Frameworks (PAM and SSPI)

SASL Authentication Mechanisms

Introduction Authentication is used in many protocols (such as LDAP binding) and it usually involves sending password. Given the nature of authentication protocol, its traffic encryption is usually mandatory. Simple Authentication and Security Layer (SASL) is introduced to ensure the security during authentication. It is not a single protocol, but rather a framework for authentication … Read moreSASL Authentication Mechanisms

Lightweight Directory Access Protocol (LDAP)

Introduction Originally LDAP only refers to the connectivity protocol to the directory server. This term is being used loosely today and it also refers to the actual directory service that supports and complies with LDAP. LDAP v3 is the current version developed in RFC 2251. A directory is information about some set of entities such … Read moreLightweight Directory Access Protocol (LDAP)

Introduction to Active Directory (AD)

Workgroup, homegroup and Windows Domain A workgroup is a group of computers on the same local network. A Windows computer not joined to a domain is part of a workgroup. In a workgroup, no computer has control over any other computer and it does not require a password. Any computer can join or leave a … Read moreIntroduction to Active Directory (AD)