Unanswered 'web-security java' Questions

3

votes

1answer

158 views

Is escaping the Accept header necessary?

I have a Jersey app that has been run through our corporations website vulnerability tool. It came back with a vulnerability that is quite odd. If you send in this header: ...

asked Sep 24 '12 at 15:28

markthegrea
567415

2

votes

1answer

561 views

Using Spring Security Without Cookies

I need to implement session management in a Spring app for a mobile browser that doesn't support cookies. Can this be done by putting the session id in the querystring of a GET request? How do you ...

java spring session spring-security web-security

asked Jun 14 '11 at 18:18

Adam J.R. Erickson
485512

2

votes

0answers

61 views

How to switch from web.xml based authorization to authorization via annotations in a JAX-RS application

I hava a working (web.xml based) container authentication and authorization. Due to the limitation of <url-pattern> I need to switch to javax.annotation.security annotations. I found out that I ...

java jboss authorization web-security resteasy

asked May 23 at 23:09

My-Name-Is
423110

1

vote

0answers

81 views

Java Servlet security annotation @ServletSecurity (value=@HttpConstraint)

I'm preparing to Java EE 6 Web Component Developer exam and came accross the following question. Given the annotation for MyServlet: @WebServlet{"/abc") @ServletSecurity (value=@HttpConstraint) ...

java servlets web-applications web-security servlet-3.0

asked Apr 23 at 12:51

miller.bartek
47529

1

vote

0answers

28 views

Java applet authenticity issue

I implemented an applet in java to authenticate users at my website by the usage of MIFARE cards and everything is working good. However I am concerned about the applet's authenticity, in other words, ...

java applet web-security reverse-engineering japplet

asked Mar 27 at 22:45

Winter
322418

1

vote

0answers

183 views

org.jboss.web.tomcat.security.JBossWebRealm Error during authenticate java.util.ConcurrentModificationException

I got below exception when I try to restart my server. 2012-06-07 17:46:14,872 ERROR [http-0.0.0.0-8080-25]-[org.jboss.web.tomcat.security.JBossWebRealm] Error during authenticate ...

java security jboss web-security jboss5.x

asked Jun 8 '12 at 4:50

user1443684
62

0

votes

0answers

12 views

External Control of File Name- security flaw

I am forming file path in java code like below: String strFileName1 = "/base/reports/Main.pdf"; String strSubReportPath = context.getRealPath(strFileName1); strSubReportPath = strSubReportPath + ...

java web-security code-access-security

asked Jun 6 at 20:16

swapnil chorghe
84

0

votes

0answers

28 views

doFilter in the formfilter is not calling the next filter (LoginFilter)

I am facing the problem while doFilter in the formfilter is called. I am expecting this to call the next filter i.e.. LoginFilter, but it's neither returning an exception not calling the next filter ...

java struct websphere web-security

asked Jun 5 at 20:32

Venkat
12

0

votes

0answers

27 views

How do you define a LDAP security domain definition in a deployment descriptor on Jboss 7

I'm using jboss 7.1.1 and the security domain definition is placed in the standalone.xml file <security-domain name="XXX"> <authentication> <login-module code="LdapExtended" ...

java jboss ldap web-security jboss7.x

asked May 30 at 1:34

Navs
465

0

votes

0answers

38 views

Do I Have a Java security-role-mapping Conflict

I have a customer service application that has various URLs. However one URL (adminquery) is reserved strictly for customer service admins, not reps on the floor. However, the entire app is only ...

java web-security

asked Feb 26 at 19:30

EdgeCase
753412

0

votes

0answers

43 views

Make jetty aware of custom authenticated user

I am using jetty 7. For security we have a custom mechanism by using which I will get authenticated javax.auth.Subject instance. No I want to attach or make jetty aware of this authenticated subject ...

java web-applications jetty web-security

asked Feb 25 at 7:26

user2106379
11

0

votes

0answers

67 views

Tomcat equivalent for IBM security provider com.ibm.crypto.provider.IBMJCE

I have to migrate application for IBM Websphere to Tomcat and in the java, there is a code that uses IBM Security Provider. Security.addProvider(new com.ibm.crypto.provider.IBMJCE()) This may be a ...

java java-ee tomcat web-security

asked Feb 21 at 8:01

Tharindu Vishwanath
345

0

votes

0answers

144 views

How to create a secure web service client in android(Mutual Certificates Security)

I have successfully tested a simple soap web service using ksoap2 in android.But actually what i need is to access a web service which implements secure web service given in this example .I have ...

java android web-services web-security ksoap2

asked Sep 26 '12 at 10:20

sampathpremarathna
1,5651717

0

votes

0answers

44 views

Get the all parameter name and its default value on form submit in java

i want to Get the all parameter name and its default value on form submit.i will give web url and it will search the form on that page and if page have any form then it will get the all param name ...

java security web-security

asked Jul 21 '12 at 18:42

user1047873
65110

0

votes

0answers

140 views

Using Java SecurityManager, Policy to deny access to certain resources for certain classes

I have the following problem: I have a web application and there are several classes that receive and/or meddle with user input (uploading/downloading files etc.). Well, while building some class ...

java security web-security policy restriction

asked Jul 10 '12 at 13:27

Scis
15411

Tagged Questions

Related Tags