| Author |
How to develop a secure website
|
Prakash Dwivedi
Ranch Hand
Joined: Sep 28, 2002
Posts: 452
|
|
I have developed many websites, with servlet / jsp. My doubt is, are my websites hack-proof, how can i test it?. I am using simple architecture i.e. whenever user logs in i put his id in session , if user id is not in session than, he is not allowed to browse the site.
Is there any loop hole in such a architecture? Can these type of sites be hacked? If yes how can i make it more secure?
waiting for reply.
|
Prakash Dwivedi (SCJP2, SCWCD, SCBCD)
"Failure is not when you fall down, Its only when you don't get up again"
|
 |
Lasse Koskela
author
Sheriff
Joined: Jan 23, 2002
Posts: 11962
|
|
Anything can be hacked. It's only a matter of making it difficult enough to eliminate the motivation for a cracker to do so.
If you really want a thorough picture of system security, I'm afraid you'll have to do some reading. I know a security consultant who's got literally over a hundred security-related titles on his bookshelf, but I'm sure most people suffice with just a few application-level security books like J2EE Security for Servlets, EJBs, and Web Services, Enterprise Java Security, Hacking Exposed: J2EE & Java, Hacking Exposed: Network Security Secrets & Solutions, and Hacking Exposed: Linux.
|
Author of Test Driven (2007) and Effective Unit Testing (2013) [Blog] [HowToAskQuestionsOnJavaRanch]
|
|
 |
|
|
subject: How to develop a secure website
|
|
|
0
