wood burning stoves*
The moose likes Servlets and the fly likes Servlet Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Servlet Security" Watch "Servlet Security" New topic
Author

Servlet Security

Ezra Exposito
Ranch Hand

Joined: Apr 26, 2001
Posts: 34
I am working on a program that requires
high security and I was wondering if there
is any way a hacker can attack my servlets
and what can be done to protect them.
Example: If someone did a view source on one
of my jsp pages and saw:

What could potentially be done with this
information and how can I protect myservlet?
Thanks in advance,
E.E.
Marcus Howarth
Ranch Hand

Joined: Jan 04, 2002
Posts: 37
Hi Ezra,
not really servlet answer... but for starters disable the ability to view source by doing this in your body tag


Marcus<br /> <br />SCJP, March '02
Ezra Exposito
Ranch Hand

Joined: Apr 26, 2001
Posts: 34
Thanks a bunch!
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60782
    
  65

That hardly makes anything more secure (you'd need to start trapping all possible key mapping for view source for all browsers), it'll just annoy your visitors.
What are your particular security concerns? Do you have an authenticated site where every page should check for appropriate login?
bear


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Ezra Exposito
Ranch Hand

Joined: Apr 26, 2001
Posts: 34
I am just concerned about hackers somehow
crashing the servlet. Maybe doing something
like /servlet/myServlet?value=lots-of-junk-data.
I am not a hacker so I am not sure what types
of attacks a JSP/Servlet system is open to.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Servlet Security
 
Similar Threads
How to get server IP address?
How To Protect Your class file from Decompilation
Servlet ingheritance property
problem with mapping using servletrunner
Servlet- inheritance property