Web application Security mechanism

Hi,

Authentication is prime and important part/phase of any web application. Decision has to be made based on the type you want.

Three mechanism available to do so.

1. Agent base
2. Container based
3. Application based

#1 you can use JAAS based mechanism to add agent based authentication in your web app.

#2 Form based authentication is the famous container based authentication. remembered j_security_check action we use to write in action attribute of <form> tag.

#3 This one is the pragmatic approach (as compare to #2 which is declarative), where developer starts getting the data from form and starts security mechanism i.e. custom.


NOTE: You can try all the above with simple tomcat web server.

Comments

Post a Comment

Popular posts from this blog

Cloud Architecture Notes

Image
The architectural priorities and needs of every app are different, but the four pillars of architecture are an excellent guidepost you can use to make sure that you have given enough attention to every aspect of your application: Security : Safeguarding access and data integrity and meeting regulatory requirements Performance and scalability : Efficiently meeting demand in every scenario Availability and recoverability : Minimizing downtime and avoiding permanent data loss Efficiency and operations : Maximizing maintainability and ensuring requirements are met with monitoring A layered approach to security Defense in depth is a strategy that employs a series of mechanisms to slow the advance of an attack aimed at acquiring unauthorized access to information The common principles used to define a security posture are confidentiality, integrity, and availability, known collectively as CIA. Confidentiality - Principle of least privilege. Restricts access to informa
Read more

Qlik Sense Important Links

Qlik Sense learning https://learning.qlik.com/ https://www.qlik.com/us/services/training/self-paced-learning Qlik sense pricing   https://www.capterra.com/p/145530/QlikSense/#pricing https://www.qlik.com/us/pricing/qlik-sense-client-managed Qlik Sense Server Installation Document preview of Qlik Sense Server Installation Step By Step Guide.pdf https://community.qlik.com/t5/Documents/Qlik-Sense-Server-Installation-Step-By-Step-Guide/ta-p/1480562 https://community.qlik.com/t5/New-to-Qlik-Sense/how-to-download-Qlik-Sense-server/td-p/869140 Support Portal https://support.qlik.com/QS_Home_Page Qlik FIPS Support FIPS mode is not supported out of the box for Qlik Sense, QlikView, and Qlik NPrinting. Workarounds exist for NPrinting and Sense.  For general information about FIPS and Microsoft's statement around it, see  Microsoft's Security Guidance blog. https://community.qlik.com/t5/Knowledge-Base/Qlik-Software-and-FIPS-mode/ta-p/1717239 https://docs.microsoft.com/en-US/windows/securi
Read more