Re: Java Enterprise Safe ??



Hi!

IMHO, java projects have better security. Variable binding and no
dynamic sql significantly improves sqli strength.

2008/10/7 Mattias Hemmmingsson <mattias@xxxxxxxxxxxxxx>:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

God morning

We are now working with java enterprise at the glassfish server.
And a come of thinking how secure is java really ?


If you look att OWASP home page you can find the ten most common
security risk against java,

So with XSS how mutch damiage can you do to the system ore can you
only change the clients view ?

Sql injection is it poosible to do with java enterprise ?

And the big one JAS ( java auth system or somthing like that) How safe
is it realy ?


// matte

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI6wZUNJQJ1TN4TrgRAi90AJwJJxGG1fdpNrJWMGShU+kEpf2GmACfaeSs
T0OutNQWyeyb6bu4kbiVOn8=
=ZJBA
-----END PGP SIGNATURE-----






--
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
http://www.linkedin.com/in/gpaharenko



Relevant Pages