aspose file tools*
The moose likes Security and the fly likes security in a web application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "security in a web application" Watch "security in a web application" New topic
Author

security in a web application

Ankit Tripathi
Ranch Hand

Joined: Oct 17, 2009
Posts: 199
Hiiiiiii freinds,
I am developing a web application in sevlets,Beans and JSPs.What type of security can i provide to my application such that performance might not be degraded?Please explain me clearly?
thanks in advance!
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61766
    
  67

Please take the time to choose the correct forum for your posts. This forum is for questions on HTML. For more information, please read this.

This post has been moved to a more appropriate forum.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42928
    
  68
Security is a big subject that can't be addressed adequately in a forum like this. The SecurityFaq links to a number of articles about what threats to watch out for, how to guard against those threats, and how you might use Java's features and 3rd party libraries to do that.
Ankit Tripathi
Ranch Hand

Joined: Oct 17, 2009
Posts: 199
i am talking in terms of secure login details authentication.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42928
    
  68
What question do you have about that? Are you familiar with servlet security (user names, passwords, roles) as defined in the servlet specification, and implemented by all conforming servlet containers like Tomcat?
Ankit Tripathi
Ranch Hand

Joined: Oct 17, 2009
Posts: 199
I am only familiar with servlet filters.I want to know how to configure SSL or other security means in web servers like tomcat such that login name and password from a login page would be authenticated to server via HTTPS or any other security mechanism which would be easily applied upon such type of authentication in a simple web application.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42928
    
  68
The details are specific to each server. For Tomcat, see http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html for SSL, and http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html for authentication.
Ankit Tripathi
Ranch Hand

Joined: Oct 17, 2009
Posts: 199
thanking you a lot,sir!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: security in a web application