Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Wicket Security

 
Gareth Baker
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I read an article recently stating that some financial institutions are using wicket due to its security. The article did not say how or why this is the case but in a nut shell could you give say a "top three" reasons to back this up?
 
Eelco Hillenius
author
Ranch Hand
Posts: 37
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Gareth Baker:
I read an article recently stating that some financial institutions are using wicket due to its security. The article did not say how or why this is the case but in a nut shell could you give say a "top three" reasons to back this up?


The main difference with most other frameworks is that with Wicket you don't (at least not by default) transport state between requests; it all stays at the server side. Ids of data base objects and other information you might want to protect are hidden by default. The URLs are session relative and are very difficult to 'guess', and with a little more effort (if you need it) you can even encrypt them so that it is quite impossible for hackers to figure out.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic