Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
3
Hi Friends,
I am developing a web application in Java/JSP/Servlets with Oracle as back-end. I need to know what all security measures can be provided/implemented for this application. Pointers/Links for any helpful sites will be great :)
2 replies to this topic
Back to top|
|
|
#2
Posted 08 August 2011 - 10:28 PM
Alexander
-
- Moderators
-
- 4,118 posts
It's Science!
- Location:Vancouver, Eh! Cleverness: 200
Your main concern, if you've a standard servlet container that has been set up correctly is to verify all user input and actions. You must look at every single little thing that the user sends, or enacts in your application and ensure they cannot do more than they "should". This could be access control, resource usage, database calls (always ensure speaking with the database is properly sanatized from malicious injection and alike.)
Your question is fairly broad.
Your question is fairly broad.
Be sure to read the updated FAQ! || Health is achieved through the same 10,000 steps.
If a suggested code/method fails, informing us is less important than telling us why or what errors occurred.
If a suggested code/method fails, informing us is less important than telling us why or what errors occurred.
#3
Posted 09 August 2011 - 04:12 AM
haltox
-
- Members
-
- 29 posts
Newbie
On the oracle database you should set roles to modify important tables and then define plsql procedures to do so. This way, you could call the procedures with the "lower" applicative role and you get an extra layer of protection.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
