Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Securing a servlet-JSP based website

 
M Burke
Ranch Hand
Posts: 401
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I would like to secure a web site, so I would like some opinions and advice on how to proceed. The site is in the public domain, so there are no company firewall safeguards.
I do have some security already built in. I use a filter to check each call. I make certain an active session is present and the relevant user data is bound to it. I also log the last IP someone logged in from.

I would like to do the following:
Secure the WWW transmission of the site's user's name-password.
Prevent bots from registering.
Safely reset passwords for users that request it.
 
Tim Moores
Bartender
Posts: 2739
36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You could read up on the usual security issues with web apps in general: http://www.coderanch.com/how-to/java/SecurityFaq#web-apps
 
M Burke
Ranch Hand
Posts: 401
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you, Tim. I will
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic