Solved

security for jsp's

Posted on 2004-04-23
1
162 Views
Last Modified: 2010-04-01
Hi,

I just started learning JSP. I am writing a simple JSP which has a form and asks the user for a username and password, the username and password are pre-defined in a hashmap. I was wondering, are people able to download the JSP file on my server and see the whole source code of it? If they are how can i prevent people from downloading a JSP file off my server and not allowing them to look at the code.

I have noticed that when you run a JSP page through a browser (e.g. IE) and click on view - source it shows just the HTML markup rather than the Java. This is great. But are people able to download the JSP file and view its full source (including the java scriptlets, directives and expressions)?
0
Comment
Question by:Ravi Singh
1 Comment
 
LVL 19

Accepted Solution

by:
Kuldeepchaturvedi earned 50 total points
ID: 10905021
no if you have directory listing off on your server....
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
web service Rest Client creation 4 81
spring AOP 6 79
oracle fusion vs MQ 2 109
struts exact match support 3 51
In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
When rebooting a vCenters 6.0 and try to connect using vSphere Client we get this issue "Invalid URL: The hostname could not parsed." When we get this error we need to do some changes in the vCenter advanced settings to fix the issue.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now