This week's book giveaway is in the Android forum.
We're giving away four copies of Head First Android and have Dawn & David Griffiths on-line!
See this thread for details.
The moose likes JSP and the fly likes Security issue with my javabean Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Head First Android this week in the Android forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Security issue with my javabean" Watch "Security issue with my javabean" New topic
Author

Security issue with my javabean

Niklas Junel
Greenhorn

Joined: Oct 12, 2002
Posts: 17
Is it possible for someone to download my javabean just by going to my webpage. Today you have to pass a login-page before the actual bean is instantiated.Since I use the bean in some security issues I am concerned if a hacker can get a copy of my bean from his RAM.
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12982
    
    5
Sun thought about this a long time ago. Thats why Java class files that are used by a servlet or JSP have to be stored under the WEB-INF subdirectory. Servers are forbidden to directly serve any file from WEB-INF.
Since JSP are entirely confined to the server, there is no transmission of code to the client browser during operation.
Bill
 
Don't get me started about those stupid light bulbs.
 
subject: Security issue with my javabean
 
It's not a secret anymore!