# Application Security&#x20;

- [Securing React Native Applications with Java Microservices](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/securing-react-native-applications-with-java-microservices.md): Working in Progress
- [Securing WebView-Based Mobile Applications with Java Microservices](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/securing-webview-based-mobile-applications-with-java-microservices.md)
- [OAuth, SAML, and OpenID Connect: Key Differences and Use Cases](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/oauth-saml-and-openid-connect-key-differences-and-use-cases.md): April 2025
- [Secure Coding Principles](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/secure-coding-principles.md): August 2022
- [HTTP Header Security Principles](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/http-header-security-principles.md)
- [Mitigating Broken Object Level Authorization (BOLA)](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/mitigating-broken-object-level-authorization-bola.md): 10 November 2024
- [Spring Boot Validation](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/spring-boot-validation.md): Spring Boot Validation to Address Lack of Input Validation
- [Output Encoding in JavaServer Faces (JSF)](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/output-encoding-in-javaserver-faces-jsf.md)
- [Session Management Security Issues](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/session-management-security-issues.md)
- [Common API Security Problems](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/common-api-security-problems.md): Understanding and Mitigating Common API Security Problems
- [Broken Authentication](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/common-api-security-problems/broken-authentication.md)
- [Excessive Data Exposure](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/common-api-security-problems/excessive-data-exposure.md)
- [Lack of Resources & Rate Limiting](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/common-api-security-problems/lack-of-resources-and-rate-limiting.md)
- [Broken Function Level Authorization](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/common-api-security-problems/broken-function-level-authorization.md)
- [Unsafe Consumption of APIs](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/common-api-security-problems/unsafe-consumption-of-apis.md)
- [JAVA Exception Handling](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/java-exception-handling.md)
- [File Upload Validation](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/file-upload-validation.md)
- [OAuth 2.0 Security](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/oauth-2.0-security.md)
- [Insecure Storage of Access Tokens](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/oauth-2.0-security/insecure-storage-of-access-tokens.md)
- [Microservice Security](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/microservice-security.md): Application Security Issues in microservice at Multi-Service Provider Environments
- [Sample Coding Demo](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/microservice-security/sample-coding-demo.md): A sample code implementation illustrating how Spring Security can help address these challenges
- [Service Implementation](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/microservice-security/sample-coding-demo/service-implementation.md)
- [Client Interaction](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/microservice-security/sample-coding-demo/client-interaction.md)
- [Security Solution for Microservices Architecture](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/microservice-security/security-solution-for-microservices-architecture.md): Enterprise Security and Integration Solutions for Microservices Gateways solution
- [Modifying and Protecting Java Class Files](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files.md)
- [Modify a Class File Inside a WAR File](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/modify-a-class-file-inside-a-war-file.md)
- [Demo: 1. Create Java Web Application](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/modify-a-class-file-inside-a-war-file/demo-1.-create-java-web-application.md): July 2025
- [Demo: 2. Modify the Class file](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/modify-a-class-file-inside-a-war-file/demo-2.-modify-the-class-file.md): July 2025
- [Direct Bytecode Editing](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/direct-bytecode-editing.md)
- [Steps to Directly Edit a Java Class File](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/direct-bytecode-editing/steps-to-directly-edit-a-java-class-file.md)
- [Update: Java Bytecode Editing Tools](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/direct-bytecode-editing/steps-to-directly-edit-a-java-class-file/update-java-bytecode-editing-tools.md): April 2025
- [Techniques to Protect Java Class Files](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/techniques-to-protect-java-class-files.md)
- [Runtime Decryption in WebLogic](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/modifying-and-protecting-java-class-files/techniques-to-protect-java-class-files/runtime-decryption-in-weblogic.md)
- [JAVA Program](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/java-program.md)
- [Secure, Concurrent Web Access Using Java and Tor](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/java-program/secure-concurrent-web-access-using-java-and-tor.md): A Comprehensive Guide for developing a Secure, Concurrent Web Access Using Java and Tor:
- [Creating a Maven Java project in Visual Studio Code](https://calvin-lai.gitbook.io/calvin-lai-security/application-security/java-program/creating-a-maven-java-project-in-visual-studio-code.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://calvin-lai.gitbook.io/calvin-lai-security/application-security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.