Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Servlet Security

 
Ezra Exposito
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am working on a program that requires
high security and I was wondering if there
is any way a hacker can attack my servlets
and what can be done to protect them.
Example: If someone did a view source on one
of my jsp pages and saw:

What could potentially be done with this
information and how can I protect myservlet?
Thanks in advance,
E.E.
 
Marcus Howarth
Ranch Hand
Posts: 38
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ezra,
not really servlet answer... but for starters disable the ability to view source by doing this in your body tag
 
Ezra Exposito
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks a bunch!
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64967
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That hardly makes anything more secure (you'd need to start trapping all possible key mapping for view source for all browsers), it'll just annoy your visitors.
What are your particular security concerns? Do you have an authenticated site where every page should check for appropriate login?
bear
 
Ezra Exposito
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am just concerned about hackers somehow
crashing the servlet. Maybe doing something
like /servlet/myServlet?value=lots-of-junk-data.
I am not a hacker so I am not sure what types
of attacks a JSP/Servlet system is open to.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic