Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
783 views
in Technique[技术] by (71.8m points)

security - How to secure my java web application?

I have a web application in which when users login they reach the mainjsp.jsp page.

In this page there are few text-box for dates and based on dates and selection from another drop-down, data is submitted. This data is retrieved by a servlet and brought back to the mainjsp page.

My concern is about security. Now when I copy paste the mainjsp.jsp page's URL and paste it in any browser this page appears as it is. I don't want this to happen. I want the users to login first and hence I want my web application secure.

I don't have any idea how to do this. Could you please tell me how can I achieve this?

Also please tell me how do I achieve this for any of the pages in the web-application. Users should not be able to access any page if they haven't logged in.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

You should have Form based authentication. Here is the snippet which should be added to your web.xml

<security-constraint>
    <web-resource-collection>
        <web-resource-name>pagesWitUnrestrictedAccess</web-resource-name>
        <description>No Description</description>
        <url-pattern>*.jsp</url-pattern>
    </web-resource-collection>
    <user-data-constraint>
        <description>No Description</description>
        <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
</security-constraint>


<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
        <form-login-page>/login.jsp</form-login-page>
        <form-error-page>/loginerror.jsp</form-error-page>
    </form-login-config>
</login-config>

Some References:


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...