Stephan Bruijnis .dev

Security

Anonymous users enabled? Check these 3 common security misconfigurations

Dec 7, 2021
Mendix
Security

Attackers are constantly on the lookout to exploit security vulnerabilities in applications and systems to gain access to or control of sensitive information. This post will discuss 3 security misconfigurations that often cause vulnerabilities in Mendix applications, even if you don’t have anonymous users enabled. #1 Constants - exposed to client # Constants are often used to define configuration values, these can differ per environment. Many developers use constants to store secrets, usernames or passwords. ...

Applying security to inheritance

Jun 1, 2017
Mendix
Security, Inheritance

Configuring the security of a Mendix application is an important but sometimes tedious task. Misunderstanding of how security is applied by the Mendix platform can lead to failing security with great consequences. It is the developers task to constrain each entity with access rules. This post is a quick guide to setting up security in the context of inheritance. Knowledge of How to: Create a secure app and Implement Best Practices for App Security is assumed. ...