aspose file tools*
The moose likes HTML, CSS and JavaScript and the fly likes Ajax for secure web apps? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "Ajax for secure web apps?" Watch "Ajax for secure web apps?" New topic
Author

Ajax for secure web apps?

Ludmila Snova
Greenhorn

Joined: Aug 31, 2006
Posts: 20
Hi All,

I think it�s a right place to ask general questions about AJAX. Currently we have VB6 client � server application. The application is login-based application and deals with money. As VB6 will be out of support soon, our manager is talking about rewriting the application to web using AJAX. I don�t have any experience with AJAX, but I have some with JS. And it�s not good. So I am wondering will it be appropriate to write client part of secure application that deals with money in AJAX? Is there any security issues? How about browser compatibility? How stable AJAX now and what future does it have?
[ September 24, 2007: Message edited by: Bear Bibeault ]
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61221
    
  66

Ajax has good browser support and is quite stable. But as with any other web application, all business logic and secure information must be handled on the server using the same security techniques that would be applied to a web app not using Ajax.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61221
    
  66

Also, please be sure to take the time to compose descriptive subjects for your posts; read this for more information.

I have adjusted the subject of this post for you.
Ludmila Snova
Greenhorn

Joined: Aug 31, 2006
Posts: 20
Thanks, Bear.
So, you are saying that there is not much difference between writing UI of web application in AJAX or in let�s say in plain JSP. Is that right?
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61221
    
  66

Not with regards to security implications.
Valentin Crettaz
Gold Digger
Sheriff

Joined: Aug 26, 2001
Posts: 7610
I'm backing Bear here. We've been developing a huge ebanking system for a famous private banking institution and there is a good load of Ajax in there Of course, there are more things to think about when using Ajax because there are more possible execution paths, but in the end if you do your analysis correctly, this should not be a problem.


SCJP 5, SCJD, SCBCD, SCWCD, SCDJWS, IBM XML
[Blog] [Blogroll] [My Reviews] My Linked In
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Ajax for secure web apps?