This week's book giveaway is in the OCPJP forum.
We're giving away four copies of OCA/OCP Java SE 7 Programmer I & II Study Guide and have Kathy Sierra & Bert Bates on-line!
See this thread for details.
The moose likes JSP and the fly likes Security issue with my javabean Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Security issue with my javabean" Watch "Security issue with my javabean" New topic
Author

Security issue with my javabean

Niklas Junel
Greenhorn

Joined: Oct 12, 2002
Posts: 17
Is it possible for someone to download my javabean just by going to my webpage. Today you have to pass a login-page before the actual bean is instantiated.Since I use the bean in some security issues I am concerned if a hacker can get a copy of my bean from his RAM.
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12809
    
    5
Sun thought about this a long time ago. Thats why Java class files that are used by a servlet or JSP have to be stored under the WEB-INF subdirectory. Servers are forbidden to directly serve any file from WEB-INF.
Since JSP are entirely confined to the server, there is no transmission of code to the client browser during operation.
Bill
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Security issue with my javabean