Skip to content

Santhosh Ponnam

Technology Blog

  • Home
  • About
  • Technology
    • Java
    • ORM
  • Privacy Policy
  • Toggle search form
  • Sonar Qube – Code Coverage and Code Quality Tool Installations and Configurations
  • Log4j Vulnerability / Version Upgrade to 2.16.0 by Apache Team Java
  • HikariCP Connection Pooling for Spring Boot for 1.x version Spring Boot
  • HikariCP Configurations – Database Connection Pooling Installations and Configurations
  • Fixing Log4j Vulnerability Java
  • JPA vs Hibernate – Specification Vs Implementation ORM
  • Unique Random ‘N’ digit Number generator Java
  • Windows Commands – kill port number Installations and Configurations

Author: Santhosh Ponnam

Another Log4j Bug – DoS

Posted on December 20, 2021December 22, 2021 By Santhosh Ponnam

Denial of Service (DoS) which is another Log4J Bug reported over the last couple of days after the fix for JNDI is provided. Apache Issues Fix and the new Log4j vulnerability is similar to Log4Shell but this DoS flaw has to do with Context Map lookups. Apache released another patch version 2.17.0 to address the…

Read More “Another Log4j Bug – DoS” »

Java

Log4j Vulnerability / Version Upgrade to 2.16.0 by Apache Team

Posted on December 14, 2021December 22, 2021 By Santhosh Ponnam

A new version of Log4j with 2.16.0 has been released to address the JNDI issue to further prevent the CVE-2021-44228 permanently. While release 2.15.0 removed the ability to resolve Lookups and log messages and addressed issues with how JNDI is accessed, the Log4j team feels that having JNDI enabled by default introduces an undue risk…

Read More “Log4j Vulnerability / Version Upgrade to 2.16.0 by Apache Team” »

Java

Fixing Log4j Vulnerability

Posted on December 11, 2021December 13, 2021 By Santhosh Ponnam

The easiest way to remediate this is to update to log4j version 2.15.0 or later, as this behavior is now disabled by default. In previous releases (>2.10) this behavior can be mitigated by setting the system property log4j2.formatMsgNoLookups to true by adding the following Java parameter: -Dlog4j2.formatMsgNoLookups=true Alternatively, you can mitigate this vulnerability by removing…

Read More “Fixing Log4j Vulnerability” »

Java, Spring Boot

Log4J (RCE) Vulnerability

Posted on December 11, 2021December 13, 2021 By Santhosh Ponnam

What is the Log4J Vulnerability (CVE-2021-44228 vulnerability) which is creating a panic over java based applications? Lets quickly start with what it is and the remediation’s to fix it on various versions. CVE-2021-44228 is a vulnerability classified under the highest severity mark, i.e. 10 out of 10. It allows an attacker to execute arbitrary code…

Read More “Log4J (RCE) Vulnerability” »

Java

JPA vs Hibernate – Specification Vs Implementation

Posted on August 13, 2021November 18, 2021 By Santhosh Ponnam

The Java Persistence Architecture API (JPA) is a Java specification for accessing, persisting, and managing data between Java objects / classes and a relational database. Let’s take a further look at this definition. As the API portion of the name implies, JPA is a specification, meaning it provides guidelines for developing an interface that complies…

Read More “JPA vs Hibernate – Specification Vs Implementation” »

ORM

Sonar Qube – Code Coverage and Code Quality Tool

Posted on November 18, 2020November 18, 2021 By Santhosh Ponnam

Introduction: SonarQube (formerly Sonar) is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. Lets directly jump into installation and Configuration for a java based application. Step 1: Download Sonarqube from…

Read More “Sonar Qube – Code Coverage and Code Quality Tool” »

Installations and Configurations

HikariCP Configurations – Database Connection Pooling

Posted on November 8, 2020November 18, 2021 By Santhosh Ponnam

For the Hikari connection pool configuration, we enable it by using spring.datasource.type and assigning it fully qualified name of the connection pool implementation in application.properties file as following. spring.datasource.type = com.zaxxer.hikari.HikariDataSource If we are using Spring Boot 2.0 and onwards, Spring Boot selects HikariDataSource by default and we need not to configure above line. Now to configure Hikari specific…

Read More “HikariCP Configurations – Database Connection Pooling” »

Installations and Configurations, Spring Boot HikariCP Connection Pooling

HikariCP Connection Pooling for Spring Boot for 1.x version

Posted on November 8, 2020October 11, 2021 By Santhosh Ponnam

Introduction In this article, we will learn the steps to configure Hikari with Spring Boot. We will cover steps to configure Hikari for both Spring Boot 1 and Spring Boot 2 application. Hikari is a JDBC DataSource implementation that provides a connection pooling mechanism. Compared to other implementations, it promises to be lightweight, reliable, high-performance…

Read More “HikariCP Connection Pooling for Spring Boot for 1.x version” »

Spring Boot, Spring Boot HikariCP Connection Pooling

Windows Commands – kill port number

Posted on March 29, 2020March 29, 2022 By Santhosh Ponnam

How do I kill the process currently using a port on localhost in Windows? Step 1: Open up cmd.exe (note: you may need to run it as an administrator, but this isn’t always necessary as long as you are trying to kill a port which is started within your user), then run the below command:…

Read More “Windows Commands – kill port number” »

Installations and Configurations, Spring Boot HikariCP Connection Pooling

Why to have a private constructor?

Posted on August 13, 2018September 1, 2021 By Santhosh Ponnam

In Java, it is possible to have a private constructor. When and why should we use private constructor is explained in detail below. Defining a constructor with the private modifier says that only the native class (as in the class in which the private constructor is defined) is allowed to create an instance of the…

Read More “Why to have a private constructor?” »

Java

Posts pagination

1 2 Next

Recent Posts

  • Another Log4j Bug – DoS
  • Log4j Vulnerability / Version Upgrade to 2.16.0 by Apache Team
  • Fixing Log4j Vulnerability
  • Log4J (RCE) Vulnerability
  • JPA vs Hibernate – Specification Vs Implementation

Categories

  • Installations and Configurations
  • Java
  • ORM
  • Spring Boot
  • Spring Boot HikariCP Connection Pooling

Archives

  • December 2021
  • August 2021
  • November 2020
  • March 2020
  • August 2018
  • November 2016
  • August 2016

Recent Posts

  • Another Log4j Bug – DoS
  • Log4j Vulnerability / Version Upgrade to 2.16.0 by Apache Team
  • Fixing Log4j Vulnerability
  • Log4J (RCE) Vulnerability
  • JPA vs Hibernate – Specification Vs Implementation

Categories

  • Installations and Configurations
  • Java
  • ORM
  • Spring Boot
  • Spring Boot HikariCP Connection Pooling

Archives

  • December 2021
  • August 2021
  • November 2020
  • March 2020
  • August 2018
  • November 2016
  • August 2016




Recent Posts

  • Another Log4j Bug – DoS
  • Log4j Vulnerability / Version Upgrade to 2.16.0 by Apache Team
  • Fixing Log4j Vulnerability
  • Log4J (RCE) Vulnerability
  • JPA vs Hibernate – Specification Vs Implementation

Categories

  • Installations and Configurations
  • Java
  • ORM
  • Spring Boot
  • Spring Boot HikariCP Connection Pooling
  • Another Log4j Bug – DoS Java
  • HikariCP Connection Pooling for Spring Boot for 1.x version Spring Boot
  • Log4J (RCE) Vulnerability Java
  • Log4j Vulnerability / Version Upgrade to 2.16.0 by Apache Team Java
  • Unique Random ‘N’ digit Number generator Java
  • Setting Environment Variables in Windows Java
  • JPA vs Hibernate – Specification Vs Implementation ORM
  • hashCode and equals methods in java Java

Copyright © 2025 Santhosh Ponnam.

Powered by PressBook News WordPress theme