posted 16 years ago
I am writing an application using JSP, Servlets & Beans (no EJB). One of its first pages is the validation of a user and password. How safe is it to store sensitive information such as passwords, credit card details etc in a bean? Is there anyway that other processes "can get to it". I would imagine scope is important. What guidelines can anyone offer here?