Solved

security for jsp's

Posted on 2004-04-23
1
167 Views
Last Modified: 2010-04-01
Hi,

I just started learning JSP. I am writing a simple JSP which has a form and asks the user for a username and password, the username and password are pre-defined in a hashmap. I was wondering, are people able to download the JSP file on my server and see the whole source code of it? If they are how can i prevent people from downloading a JSP file off my server and not allowing them to look at the code.

I have noticed that when you run a JSP page through a browser (e.g. IE) and click on view - source it shows just the HTML markup rather than the Java. This is great. But are people able to download the JSP file and view its full source (including the java scriptlets, directives and expressions)?
0
Comment
Question by:Ravi Singh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 19

Accepted Solution

by:
Kuldeepchaturvedi earned 50 total points
ID: 10905021
no if you have directory listing off on your server....
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
Multi-threading long-running processes can have a significant increase in overall performance and drastically decrease over time it takes for a process to complete. Unfortunately, not all applications support native multi-threading, some by design a…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question