 |  |  |  |  |  |  |  |
Java Servlet Security Question
Please support our JSP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
 |
I have a passkey to authenticate access to a web service in the code of one of my java serlvets. How easy is it for someone to view the code for my java servlet when it is on my web server? It would pose a security risk to my entire web application if someone was able to find out my passkey. Should i try to find some way around putting this information in my servlet? Does it matter which folder on my web server I put the servlet?
•
•
Join Date: Oct 2008
Posts: 2,638
Reputation: 
Solved Threads: 472
kinger29,
Must Read - http://java.sun.com/javase/technologies/security/
Must Read - http://java.sun.com/javase/technologies/security/
Failure is not fatal, but failure to change might be. - John Wooden
•
•
Join Date: Jun 2008
Posts: 97
Reputation:
Solved Threads: 2
Junior Poster in Training
What do you mean you store your password in the servlet? Is it a field of the class or directly typed in the source code?
If so then maybe your not doing it the way it meant to be...
Use a doPost (not doGet )method do get the username and pass from a form that's located on the site. Save these in static class fields, or better, in a database!
The most secure way i can think of is getting your password and username from a database ant compare them with the form's input parameters.
If you don't know what is doPost, html form then i suggest googl'ing. Then tell me about your results.
Ps: hope you know about databases too.
If so then maybe your not doing it the way it meant to be...
Use a doPost (not doGet )method do get the username and pass from a form that's located on the site. Save these in static class fields, or better, in a database!
The most secure way i can think of is getting your password and username from a database ant compare them with the form's input parameters.
If you don't know what is doPost, html form then i suggest googl'ing. Then tell me about your results.
Ps: hope you know about databases too.
Fundamental law of life:
do{ ThingsToDo+=me.CompleteTask(ThingsToDo); }while(ThingsToDo); Die(me);
Law of the Spirit:
do{ Rebuke(me); }while(!me.Repented); LiveEternal(me);
PM me to know more why i wrote this or what it means.
do{ ThingsToDo+=me.CompleteTask(ThingsToDo); }while(ThingsToDo); Die(me);
Law of the Spirit:
do{ Rebuke(me); }while(!me.Repented); LiveEternal(me);
PM me to know more why i wrote this or what it means.
|
Similar Threads
- Java Servlet (JSP)
- Need Java 1.4 MCSE solved question parers (Java)
- Need help with Array sorting using Java Servlet (Java)
- Java Servlet Problem :( (Java)
- Java Tutorials (Java)
- Router Security Question... (Networking Hardware Configuration)
- ASP, Java and XML-RPC (ASP)
Other Threads in the JSP Forum
- Previous Thread: help me in interfaces
- Next Thread: how to create a hypertext link in servlet
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Latest JSP Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
apache array backbutton combobox comma connection csv database development directorystructure dropdownlist dynamicpagetitles eclipse frames glassfish ie8 imagetodatabse imageupload integer internet java javaee javascript jsf jsp jsppagetitles levels mvc2 mvcmodel2 mysql netbeans network parameters passing ping printinserverinsteadofclient read redirect request.getparameter response seperated servlet servletdopost()readxml sessions software sql ssl state_saving_method stocks sun tomcat tutorial update values video web write
