GeeCON Prague 2014*
The moose likes Security and the fly likes How to develop a secure website Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Engineering » Security
Bookmark "How to develop a secure website" Watch "How to develop a secure website" New topic
Author

How to develop a secure website

Prakash Dwivedi
Ranch Hand

Joined: Sep 28, 2002
Posts: 452
I have developed many websites, with servlet / jsp. My doubt is, are my websites hack-proof, how can i test it?. I am using simple architecture i.e. whenever user logs in i put his id in session , if user id is not in session than, he is not allowed to browse the site.
Is there any loop hole in such a architecture? Can these type of sites be hacked? If yes how can i make it more secure?

waiting for reply.


Prakash Dwivedi (SCJP2, SCWCD, SCBCD)
"Failure is not when you fall down, Its only when you don't get up again"
Lasse Koskela
author
Sheriff

Joined: Jan 23, 2002
Posts: 11962
    
    5
Anything can be hacked. It's only a matter of making it difficult enough to eliminate the motivation for a cracker to do so.

If you really want a thorough picture of system security, I'm afraid you'll have to do some reading. I know a security consultant who's got literally over a hundred security-related titles on his bookshelf, but I'm sure most people suffice with just a few application-level security books like J2EE Security for Servlets, EJBs, and Web Services, Enterprise Java Security, Hacking Exposed: J2EE & Java, Hacking Exposed: Network Security Secrets & Solutions, and Hacking Exposed: Linux.


Author of Test Driven (2007) and Effective Unit Testing (2013) [Blog] [HowToAskQuestionsOnJavaRanch]
 
GeeCON Prague 2014
 
subject: How to develop a secure website