File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JSP and the fly likes Security issue with my javabean Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Security issue with my javabean" Watch "Security issue with my javabean" New topic

Security issue with my javabean

Niklas Junel

Joined: Oct 12, 2002
Posts: 17
Is it possible for someone to download my javabean just by going to my webpage. Today you have to pass a login-page before the actual bean is instantiated.Since I use the bean in some security issues I am concerned if a hacker can get a copy of my bean from his RAM.
William Brogden
Author and all-around good cowpoke

Joined: Mar 22, 2000
Posts: 13024
Sun thought about this a long time ago. Thats why Java class files that are used by a servlet or JSP have to be stored under the WEB-INF subdirectory. Servers are forbidden to directly serve any file from WEB-INF.
Since JSP are entirely confined to the server, there is no transmission of code to the client browser during operation.
I agree. Here's the link:
subject: Security issue with my javabean
It's not a secret anymore!