This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes JSP and the fly likes Security issue with my javabean Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » JSP
Bookmark "Security issue with my javabean" Watch "Security issue with my javabean" New topic
Author

Security issue with my javabean

Niklas Junel
Greenhorn

Joined: Oct 12, 2002
Posts: 17
Is it possible for someone to download my javabean just by going to my webpage. Today you have to pass a login-page before the actual bean is instantiated.Since I use the bean in some security issues I am concerned if a hacker can get a copy of my bean from his RAM.
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12792
    
    5
Sun thought about this a long time ago. Thats why Java class files that are used by a servlet or JSP have to be stored under the WEB-INF subdirectory. Servers are forbidden to directly serve any file from WEB-INF.
Since JSP are entirely confined to the server, there is no transmission of code to the client browser during operation.
Bill
 
GeeCON Prague 2014
 
subject: Security issue with my javabean