aspose file tools*
The moose likes Tomcat and the fly likes Security for my JSP site Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Security for my JSP site" Watch "Security for my JSP site" New topic
Author

Security for my JSP site

archana vishwanath
Ranch Hand

Joined: Mar 09, 2004
Posts: 39
Hello friends!
I require to implement a small amount of security for my website.Like the administrator password have to be secure.I do not know how to go about it.
Please advice me on
1.Using encryption techniques for this password,(OR)
2.How to start using https(Im totally ignorant about https)
Pls tell me any reference for using https along with JSP,tomcat
and does it involve quite amount of work?
Thanks in advance!
Kishore Dandu
Ranch Hand

Joined: Jul 10, 2001
Posts: 1934
I think there are not many security related guys roaming on the JSP forum. You may have better luck on the security forum.
Just a suggestion.


Kishore
SCJP, blog
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61413
    
  67

The first step in securing any password scheme, as you have guessed, is to institute an https protocol setup. That's beyond the scope of this forum -- since it is primarily a setup issue -- so I'm going to be moving this to the Tomcat forum.
How you secure the password on the server end depends a great deal on what you are doing and how. Is it ok to store the password in a clear text file? Does it need to be stored in a database? How secure from people with server access does it need to be?


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
wood burning stoves
 
subject: Security for my JSP site