Hey guys,
I have a question related to web security with Java.
Currently, I'm reading the chapter on security issues for the scwcd exam.
My quesion is what is the best way to develop a website with login feature?
I always thought that when users register with a website, their username and password are stored in a database and then anytime they login, their username and password will be matched with the ones in the database. So, now that I'm reading topics about security and the elements of web.xml descriptor, I'm getting confused. How does this add extra security to a website, than just merely using a database to identify users?
Could someone please clarify this.
Thanx
I have a question related to web security with Java.
Currently, I'm reading the chapter on security issues for the scwcd exam.
My quesion is what is the best way to develop a website with login feature?
I always thought that when users register with a website, their username and password are stored in a database and then anytime they login, their username and password will be matched with the ones in the database. So, now that I'm reading topics about security and the elements of web.xml descriptor, I'm getting confused. How does this add extra security to a website, than just merely using a database to identify users?
Could someone please clarify this.
Thanx