Freelancer for life!
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
Freelancer for life!
Ekrem Dkyc wrote:Thanks Tim; I tried to implement it but wasn't very successful. I found this to be more straightforward but I will at some point try it again, perhaps after finish coding the application.
Too much documentation lying around but hard to find good tutorials
Thanks, leo
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
Like optimization, security should be allowed for when an app is designed
Thanks, leo
Freelancer for life!
leo donahue wrote:When you design a web application that will require security, you don't first define your user users, roles, realms (active directory vs database), authentication methods, navigation of the web app in general, etc? How would you know what you need to implement without first knowing where you are going?
I think you agree with me?Like optimization, security should be allowed for when an app is designed
I realize most of the items I just listed can be "added" by configuring the container, without any *code* at all, but you still have configuration/security of the container to think about. I'm just saying that security should not be an afterthought once your webapp is finished.
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
the security exists to support the business, not the other way around
Thanks, leo
leo donahue wrote:I rarely answer anyone's questions in this forum for over 7 years. It is mostly because for some reason I can not convey correctly what I'm trying to say and/or I just don't understand what people are asking.
Ekrem, I never used the word "crappy". That was your word. What I'm trying to suggest is that implementing security is not a "quick and dirty" process. There is alot of information to digest. If you have a specific quesiton about implmenting something you have read in the Servlet Spec, or in the Java EE Tutorial, please ask.
Freelancer for life!
leo donahue wrote:
Did I infer that that it was the othe way around? If I said that, I'm sorry. I dont' think I said that.
Ekrem Dkyc wrote:
And that's exactly why I choose this route, tehre is so much information to digest at once. Just did it like this for now, later I'll make the effort to make a real security.
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
To avoid criticism do nothing, say nothing, be nothing. -Elbert Hubbard. Please critique this tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
|