This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes JSP and the fly likes Hacking the JSP servlet Application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » JSP
Bookmark "Hacking the JSP servlet Application" Watch "Hacking the JSP servlet Application" New topic
Author

Hacking the JSP servlet Application

Pranit Sonawane
Ranch Hand

Joined: Jul 29, 2011
Posts: 155

Hi I'm planning to build a JSP - Servlet Online banking application. All I need to know I mean every single thing for providing the security to the application. like sql injection n all..!! please help me with this.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42042
    
  64
Security is a huge field, that we can't begin to cover in a forum post. Start reading here: https://www.coderanch.com/how-to/java/SecurityFaq#web-apps


Ping & DNS - my free Android networking tools app
kartik hedau
Greenhorn

Joined: Feb 12, 2013
Posts: 8
try this

http://www.roseindia.net/java/java-security.shtml
J. Kevin Robbins
Bartender

Joined: Dec 16, 2010
Posts: 983
    
  13

Don't waste your time with anything on roseindia.net. You'll just learn bad habits and pick up bad code.

As for the security issue, you're asking for a two year education in a forum post. I don't mean to sound harsh, but without an extensive background in security I can pretty much guarantee that anything you design will be so full of holes that a 12 year old could hack it in less than 30 minutes.


"The good news about computers is that they do what you tell them to do. The bad news is that they do what you tell them to do." -- Ted Nelson
Marshall Blythe
Ranch Hand

Joined: Feb 26, 2013
Posts: 32
As the others here have mentioned, security isn't trivial. It takes time, research, and experience (and patience!) to master. I recommend that you start by taking a look at the reference materials available at the Open Web Application Security Project (OWASP). Here are some examples:

  • OWASP Top 10 2013
  • Developer Guide
  • Cheat Sheets

  •  
    GeeCON Prague 2014
     
    subject: Hacking the JSP servlet Application