GeeCON Prague 2014*
The moose likes Other Application Frameworks and the fly likes Wicket Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Frameworks » Other Application Frameworks
Bookmark "Wicket Security" Watch "Wicket Security" New topic
Author

Wicket Security

Gareth Baker
Greenhorn

Joined: Aug 08, 2007
Posts: 4
I read an article recently stating that some financial institutions are using wicket due to its security. The article did not say how or why this is the case but in a nut shell could you give say a "top three" reasons to back this up?
Eelco Hillenius
author
Ranch Hand

Joined: Apr 23, 2008
Posts: 37
Originally posted by Gareth Baker:
I read an article recently stating that some financial institutions are using wicket due to its security. The article did not say how or why this is the case but in a nut shell could you give say a "top three" reasons to back this up?


The main difference with most other frameworks is that with Wicket you don't (at least not by default) transport state between requests; it all stays at the server side. Ids of data base objects and other information you might want to protect are hidden by default. The URLs are session relative and are very difficult to 'guess', and with a little more effort (if you need it) you can even encrypt them so that it is quite impossible for hackers to figure out.
 
GeeCON Prague 2014
 
subject: Wicket Security