RE: How to create a secure JSP?

I am interesed in creating a web application using the J2EE standard with one of the pages being a page where credit card info will be entered by the user and then stored in our DB. Everything will run server side with this app.
Could someone please let me know how to achieve the highest security for such an application. I want to ensure that the information the user will enter could NEVER get into the wrong hands. I know that NEVER is a strong word here, but I want to achieve the best security possible.
Could you please make any suggestions possible that would assist me in doing this?
Thanks in advance for your assistance!

This will be an Internet application and it doesn't matter that much if the application is slowed down. It is a good trade off for good security as long as it is not too slow.
How easy is it to add SSL security to the site? Is this the best method? In regards to ensuring the mySQL DB is secure - what methods are used to do this?
I appreciate your comments.
Thank you!
You could start by using SSL, this will slow down the
application.
Also make sure the data is secure in your database.
Will this be an intranet or internet application?

Similar Messages

  • How to create a secure & non editable PDF? So that it cannot be modified by any of the secondary too

    How to create a secure & non editable PDF? So that it cannot be modified by any of the secondary tools available online for security breaks and editing of PDF document
    I put all the security options but still there are tools to break the security (even password) leading to editing of document
    Need to avoid any such situation

    If the document is important, and there is something to be gained by modifying it - then someone will just make a new copy of it (e.g. print and scan, screen capture), and make a new document, then change it.
    If protecting the integrity of the document - proving it is unchanged - is the thing, look at digital signatures. Forget security, the signed file can be freely edited, but the signature will always show it is changed.

  • How to create a secured MBeanServer

    Hi
    I would like to create a secured MBeanServer(control the access to my MBeanServer with a login and password)
    i tryed this code but when i test, my MBeanServer dosn't require a login and password:
    MBeanServer mbs = MBeanServerFactory.createMBeanServer();
    JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://localhost:1022/server");
    Map environment = new HashMap();
    String[] credentials = new String[] {"uu","pp" };
    environment.put(JMXConnector.CREDENTIALS, credentials);
    jmxConnectorServerDestinataire = JMXConnectorServerFactory.newJMXConnectorServer(url, environment, mbs);
    jmxConnectorServerDestinataire.start();How could i make access to my MBeanServer controlled by a login and password?

    [This document|http://java.sun.com/j2se/1.5.0/docs/guide/management/agent.html#auth] tells you everything you need to know about connecting to remote JMX servers, including how to set up password authentication.

  • How to create a security group to manage a Distribution list in exchange 2013

    Hi folks,
    We have AD synced with Online Exchange 2013. Dirsync is installed on AD. We would like to create a security group for a Distribution list(for instance: distribution list name is [email protected] and it is managed via a security group named "abc" ).
    How can this be achieved? I do see an option under Online Exchange console using browser-> Groups to create a new security group but it doesn't allow me to add the group created in AD-instead it ask us to create a new one. If we create a new one in Exchange
    online console- will it publish to our local AD?

    Hi TR,
    Thank you for your question.
    Are there any errors when we could not add group which is in local AD.
    When we could not add group which was created In AD, there are following options we could check:
    If current user who logon Exchange server has enough permission to add it
    The connection between Exchange server and AD
    If we create a new DG in Exchange online, it will be published to local AD.
    We could run the following command to create DG for abc.com:
    New-DistributionGroup -Name "abc" -Alias abc -Type "Security" -MemberJoinRestriction open
    We could refer to the following link to learn more about distribution group:
    https://technet.microsoft.com/en-us/library/bb124513%28v=exchg.150%29.aspx
    If there are any questions regarding this issue, please be free to let me know. 
    Best Regard,
    Jim
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
    Jim Xu
    TechNet Community Support

  • How to create session in JSP & Servlet

    Hi All
    I'm really new to JSP & Servlet. So I want to know how to create sessions and how to pass details to another web page
    Thanks
    Padma

    You can easily pass objects from one jsp or servlet to another.
    On your servlet execute method (for example), you can do this as follows:
    HttpSession session = request.getSession();
    User u = new User();
    session.setAttribute("user", u);And get it again on other servlets:
    HttpSession session = request.getSession();
    User user = (User) session.getAttribute("user");I hope this helps you.

  • How to create table with jsp in mysql

    Hi, every one,
    I just want to know how to create a table with jsp in mysql, please.
    Thanks in advance

    I have got the same question. I tried to pass sql "Create table" statement, but the servlet engine (tomcat4) threw an error "could not manipulet statement.execute". It works for normal SQL select statement.
    Anyone got the same problem ? or got a solution for this ? someone told me that PHP can do it, but just want to get it works with JSP.

  • How to create graph by JSP

    How to create graph by JSP

    Create an image [ http://java.sun.com/j2se/1.5.0/docs/api/java/awt/Image.html ], draw on image [ http://java.sun.com/j2se/1.5.0/docs/api/java/awt/Graphics.html ], output image in png format [ http://java.sun.com/j2se/1.5.0/docs/api/javax/imageio/ImageIO.html ].

  • How to create customized security rolesfrom scratch?

    We want to allow developers to certain iviews (or
    other objects).
    There is no existing SAP roles available.
    Would you share your experience how to create
    such kind of roles?
    Thanks!

    Hi,
    i have H4 Help problem.
    how can i restrict an attributes of infoobject in H4 Help value.
    Please help me
    Madhu

  • How to Create a Secure Application in Air?

    I have an web application that we want to convert to be
    accessible in AIR. Is there a way to create an AIR application that
    will not allow users to access OS components (such as ALT-TAB,
    Windows Key, etc.)? I would want a non-windowed application that
    listens for these keys and would alert the user that this is not
    possible. Basically creating a secure browser application... any
    help would be appreciated.

    Hi,
    Intercepting keys such as Alt+Tab meant for the OS and
    preventing their default behavior is not possible with AIR.

  • How to create graphs on JSP page in JDeveloper 10.1.3

    Hi all,
    Is there an easy way to create graph objects with JDeveloper 10.1.3? I have taken a look to some tutorials, but it looks like they all use the "drag/drop graph from the data control palette" method.
    E.g. I got example 88 to work from http://radio.weblogs.com/0118231/stories/2004/09/23/notYetDocumentedAdfSampleApplications.html, but I have no idea how to get the BIGraphDef1.xml object and how to link it to a set of data.
    Are there some tutorials to show how graphs can be used in JDev 10.1.3?

    Frank,
    This is what I did to implement the graphic manual, but I think, I forgot something...
    1. create a new application with projects DataModel and UserInterface
    2. in the DataModel I created a similar master/detail view as the one of Steve, this is named:
    TestModuleDataControl
    \--DepView
    __\--Deptno
    __\--Dname
    __\--Loc
    __\--EmpView1
    ____\--Sal
    3. I created a new jspx page and added a graph tag:
    <f:verbatim>
    <graph:Graph data="${bindings.DepartmentsEmployeesInDepartmentGraph}"
    imageHeight="200" imageWidth="400"/>
    </f:verbatim>
    4. in the page definitions I added
    <graph id="DepartmentsEmployeesInDepartmentGraph"
    IterBinding="EmployeesInDepartmentIterator"
    ControlClass="oracle.dss.graph.Graph"
    SeriesLabel="Ename"
    GraphPropertiesFileName="userinterface.BIGrap1hDef1"
    SeriesType="SINGLE_SERIES">
    <AttrNames>
    <Item Value="Sal"/>
    </AttrNames>
    </graph>
    5. I added also the iterator:
    <iterator id="EmployeesInDepartmentIterator" Binds="EmpView1" RangeSize="10"
    DataControl="TestModuleDataControl"/>
    6. I copy/pasted the BIGraphDef1.xml from Steve's project into 'Application Sources'\userinterface.
    7. in the web.xml file in WEB-INF I added:
    <servlet>
    <servlet-name>GraphGeneratorServlet</servlet-name>
    <servlet-class>oracle.jbo.html.jsp.graph.GraphGeneratorServlet</servlet-class>
    </servlet>
    <servlet-mapping>
    <servlet-name>GraphGeneratorServlet</servlet-name>
    <url-pattern>/GraphGeneratorServlet</url-pattern>
    </servlet-mapping>
    8. when I run the page, I can't see the graph and there are also no errors. I think I mis a global setting somewhere...
    Is there anything I forgot to do?
    note: if I add a new jsp page into steve's application, I do can see the graph if I perform the steps mentioned above...
    I just found out that, If I create the graph on a page which is in the root directory, then it works. If I put it in a subdirectory, it doesn't:
    - create graph as mentioned above on a page: web content/myGraph.jspx --> works
    - create graph as mentioned above on a page: web content/app/myGraph.jspx --> doesn't work...
    Does somebody know where to put a setting/parameter to get the Graph visible in the subdirectory app?

  • How to create a security role to delegate package creation and deployment?

    Hi,
    I am new to SCCM 2012 and I would like to delegate packaging and deployment based on an AD container and user. For example, I have a US-SCCM-Admin account created in the US OU in Active Directory. I also have computers in the US Computers OU in AD. I am
    not sure what settings I need so that the US-SCCM-Admin account only has rights to create and deploy packages to the US OU and no where else? I added US-SCCM-Admin security group from AD to the "Administrative Users" group in SCCM. But now I need
    to configure a role for this group but I am not sure which one to copy or import? I tried copying the "Application Deployment Manager" role and renaming it appropriately but when I login to SCCM as this user, they dont have the option to create or
    deploy packages? Does anyone have a simple step by step on this or explanation on what to do to delegate package creation and deployment based on the user in an AD group? TIA

    The Application Deployment Manager role is only allowed to deploy an already existing application. You would have to use the
    Application Administrator role instead.
    Torsten Meringer | http://www.mssccmfaq.de

  • How to create a secure photo gallery in Muse or other options?

    I am looking at working with a phtotographer and she would like to have a secure (require login) photo gallery for her clients and also she wants to be able to upload these photos. I would like to know what the options are to do this that others have done. Is it capable to do within Muse or are there some good off site links she could use and I just link them?

    You can copy and paste an image gallery out of any of the pre-built template pages;
    A video visual:
    http://youtu.be/wHVVtJ7Ka4o?t=12m3s

  • How to creating a secure flash drive

    I would like to encrypt a flash drive; or preferably a folder within the flash drive.  Please advise about the proceedure.
    Thank you.

    Setting up an encrypted disk image is a no brainer. I don't know how much these hardened flash drives cost. It may be they are no more expensive than the usual suspects, but I would imagine they cost more and being restricted to these will limit choice.
    http://support.apple.com/kb/HT1578

  • How do i Create charts using JSP/Servlet & Database

    I have to create charts which shows the graph of stock exchange.
    i have a database that keeps the data for creating charts.
    But i did not know how to create charts using jsp-servlet.
    Any Example might help me to go forward.
    Any help will be really appreciated.
    Please Advice me.

    JFreeChart - You can generate the charts then convert them to image formats (PNG and JPEG) all using the JFreeChart API
    http://www.jfree.org/jfreechart/

  • How to create Reports and Forms using JSP

    Hi,
    How to create reports using JSP. And how many types of reports can be created using JSP.Can anyone explain with example please.
    Thanks,
    Vijayalakshmi.M

    Here is some code that creates xml for any SQL that returns a ResultSet. Note this uses my default out-of-the-box XML template, but you can quickly create and use your own templates to generate xml to look anyway you desire.
    FormattedDataSet fds=FormattedDataSet.createInstance();
    Map miscData=new HashMap();
    map.put("rootElement", "musicgroups");
    String xml=fds.getFormattedDataSet("select * from groups", miscData, "xml1");
    String xml has the value:
    <musicgroups>
    <row rowID='1'>
      <group_id>1</group_id>
      <group_name>Rolling Stones</group_name>
      <type>Rock</type>
    </row>
    <row rowID='2'>
      <group_id>2</group_id>
      <group_name>Beatles</group_name>
      <type>Rock</type>
    </row>
    <row rowID='3'>
      <group_id>3</group_id>
      <group_name>Led Zepplin</group_name>
      <type>Rock</type>
    </row>
    </musicgroups>steve -
    http://www.fdsapi.com - The easiest way to generate dynamic HTML and XML
    http://www.jamonapi.com - A performance tuning and scalability measuring API

Maybe you are looking for