Win a copy of The Journey To Enterprise Agility this week in the Agile and Other Processes forum! And see the welcome thread for 20% off.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Jeanne Boyarsky
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Paul Clapham
  • Junilu Lacar
  • Knute Snortum
Saloon Keepers:
  • Ron McLeod
  • Ganesh Patekar
  • Tim Moores
  • Pete Letkeman
  • Stephan van Hulst
  • Carey Brown
  • Tim Holloway
  • Joe Ess

web application security  RSS feed

Ranch Hand
Posts: 43
Firefox Browser Java Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello ranchers. Hope yall doing great. So I have been trying to figure out the best way to secure a web application and i don't know if to go with Declative or Programatic Security. Anybody care to explain to me the advantages and disadvantages of each. And my other question is, if i choose Form based Authentication, how will i have to add each user that registers on my site manually to the server or are there ways i can use to check the username and password from the database? Please bear with me if this is a stupid question :)
Posts: 42975
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Declarative security is great in that it's already debugged and working and secure, something that can not necessarily be said of whatever you intend to put in place. But it's only the beginning, there's much more to securing a web app than that. Start reading at for all the other things you need to do, like preventing SQL injection and XSS attacks. A library like Apache Shiro can do a lot of the things that you'll likely need to do in that respect.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!