1. Securing a web application stackoverflow.com
What steps can be taken to make sure a web application using Hibernate, Spring and JSF is secure? What vulnerabilites can exist and what security framework if any is standard?
2. Problem with JSF forwarding and security constraint stackoverflow.com
3. Jsf ActionListener for custom security implementation stackoverflow.com
I've developed custom ActionListener:
4. Does JSF1.2 has buit in CSRF protection? stackoverflow.com
I have tested a JSF application with the CSRFtester tool, and the tool didn't report any CSRF problems. But I had read in the "OWASP_Top_10_2007_for_JEE.pdf", that all Java EE web application ...
5. Book Suggestion About JSF 2.0 Security Implementations stackoverflow.com
i am looking for a book which has JSF 2.0 security topics and decent amount of tutorial/examples how to implement those security features (e.g session management, roles, limited number of login ...
6. Are filters or phase listers a good way to do security in Java EE 6? stackoverflow.com
I've been doing it like this lately and find it so much better than XML hell(Spring security) or Glassfish security(because I don't need to have groups or set the tables up ...
7. How to secure webpages when user is not logged in stackoverflow.com
I have some XHTML pages. When I run the project, I can view the page even if I am not logged in. When I type directly in the adress bar, I ...
8. What are the security concerns for JSF? stackoverflow.com
I am steeped in Struts, and I am starting to learn JSF 2.0. Can I keep using what worked in Struts to reduce attack vectors, or are there new attack vectors ...
9. Security (framework?) for JSF 2.0 stackoverflow.com
I have implemented some pages for my webproject. However, now I would like to add security. I will have a couple of roles, like admin, user, other and some pages shall only ...
10. Access Security level (ACL) with Java EE 6? stackoverflow.com
I am developing a web application where there are few roles like Admin,Reporter,Manager,Customer.Agent.Based on Role, some menu item need to be displayed . Admin can give permission (dynamically) to user say ...
11. j_security_check vs Programmatic Security stackoverflow.com
I'm building a Web application using jsf, ejbs and jpa. I currently use form based j_security_check to handle authentication. I need to implement support for cookies ie "Remember me" option. Also I want ...
12. JAAS web-security on jboss 5 stackoverflow.com
hello i'm trying to perform a based form authentication on jboss: these are my configuration files. login-config.xml:
13. JSF J_security_check How to get number of connected users and their role? stackoverflow.com
I get the username of the connected user (using j_security_check) this way, through a managed bean:
And then display it in a jsf page ...
14. Security frameworks with JSF ? Which all are there? stackoverflow.com
Spring Security is a choice, I know, but I dont know how good it is with JSF 2.0 ! But, I do know, it is too complex. Apache Shiro is also an ...
15. Securing JSF applications stackoverflow.com
I've been asked by a freelancer friend of mine to join him on a JSF 2.0 project, and I'm slowly picking up speed and putting the pieces together. Coming from a ...
17. Access control on web app stackoverflow.com
I am making a web app that has a login page (Using Facelets with JSF 2.0) which checks credentials before redirecting to a isLoggedIn or error page. I have access to ...
18. Evaluating container managed security for implementing security in a web application? stackoverflow.com
I have been looking into several possible security solutions in the past days, in an attempt to secure my JSF application & came across several frameworks (like JAAS, Shiro, ...
19. Access Control in JSF using a PhaseListener - a generic version - what do think of this idea stackoverflow.com
I have been looking for simple security for a simple JSF web site. I found this solution http://http://devgrok.blogspot.com/2009/07/access-control-using-phaselistener.html#comment-form Many of the idea in here is taking from the above link ...
20. Simple Security coderanch.com
21. implement Role based security in JSF coderanch.com
Most of my security is handled in a servlet filter. That basically controls who can visit what page. Now what you probably want to know more about is how to display or not display certain components on a form depending on the role of the user viewing the page. So the security filter has already been hit and now it's up ...
22. Anyone is willing to look at security-constraint ? coderanch.com
23. AJAX, JSF and security coderanch.com
24. Using https: for security coderanch.com
The following code <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %>
25. Simple custom security in JSF app coderanch.com
I have an app which is currently being used by my company. It uses container based security with only one role (sufficient for now). I now have to come up with a new release that will allow our clients to use it as well, with a complex set of rules defining what they can and can't do with it. At the ...
26. JSF and security coderanch.com
27. custom security and HttpSession access coderanch.com
Ok, I think I have a question for someone with alot more knowledge of JSF than me. I'm creating an app with custom security and I want to make sure that there will only be one session per account at a time (or one session per account if it's an privileged account of some sort). I was thinking of scanning a ...
28. JSF, roles and security-constraint coderanch.com
29. JSF Security Issue coderanch.com
30. JSF and Security coderanch.com
31. Security in JSF coderanch.com
Hey guys, Ive just had a search over the boards about implementing security in JSF and Im still a little unsure about the best way to go about implementing security... My situation is that we are going to have a large number of users for our system...in the region of 400 we expect. Each user will have access to defined sections ...
32. Security in JSF coderanch.com
33. j_security_ckeck problem coderanch.com
34. Encrypting Client State with a Security Constraint coderanch.com
35. Security in JSF 2.0 coderanch.com
36. [Facelet & JSF Security] What do you think of this? coderanch.com
37. manage users for programmatic security coderanch.com
Programmatic security is not considered the optimal way to secure applications. Programs can have bugs and the last place you want bugs is in security. Plus changing the security architecture requires rewriting the security code, and that often means modify the application logic. Declarative security is preferable, where possible. Because, unlike program code, declarations have a fairly small number of possibilities, ...
38. Security coderanch.com
39. JSF security question coderanch.com
40. Log In Security coderanch.com
41. roll based security setup in jsf forums.oracle.com