Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

WO JavaClient apps security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

WO JavaClient apps security

Subject: WO JavaClient apps security
From: Andrus Adamchik <email@hidden>
Date: Wed, 9 Mar 2005 23:17:05 -0500

Hi folks,

I was wondering if there are any daring souls on this list who created WO JavaClient apps for public use beyond the corporate intranet?

I am not very optimistic on the whole idea, but still wanted to check. I am aware of various security techniques that can be applied (SSL, partitioning business logic, and so on), but nothing seems to fully address one fundamental limitation - unauthorized elevating of database privileges by a "trusted" user. A client app can be decompiled, sticking an arbitrary fetch spec and suddenly a user becomes a superuser...

How many people use Java Client anyways ... ?

Cheers,
Andrus

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


Follow-Ups:

Re: WO JavaClient apps security
From: Ryan Poling <email@hidden>
Re: WO JavaClient apps security
From: email@hidden


Prev by Date:
can iText convert my HTML content to PDF ?

Next by Date:
Re: Tomcat and WO System Properties...

Previous by thread:
Re: can iText convert my HTML content to PDF ?

Next by thread:
Re: WO JavaClient apps security

Index(es):

Date
Thread