I have developed many websites, with servlet / jsp. My doubt is, are my websites hack-proof, how can i test it?. I am using simple architecture i.e. whenever user logs in i put his id in session , if user id is not in session than, he is not allowed to browse the site. Is there any loop hole in such a architecture? Can these type of sites be hacked? If yes how can i make it more secure?
waiting for reply.
Prakash Dwivedi (SCJP2, SCWCD, SCBCD)
"Failure is not when you fall down, Its only when you don't get up again"
Joined: Jan 23, 2002
Anything can be hacked. It's only a matter of making it difficult enough to eliminate the motivation for a cracker to do so.