What login security&encription are good for struts...?

hello friends,
I am developing a struts+hibernate application which
contains a login page. I am not sure of which tools or API's to use for logn
Authentication and encription.
Can any bady suggest me which is best for login Authentication and what way
can i proceed for secured login for WebApplication.
Ajay

HANRAM wrote:
hello friends,
I am developing a struts+hibernate application which
contains a login page. I am not sure of which tools or API's to use for logn
Authentication and encription.
Can any bady suggest me which is best for login Authentication and what way
can i proceed for secured login for WebApplication.
AjayFor JSP you can use JAAS or form based.

Similar Messages

  • Need advice on what antivirus/security measures are recommended for Macs

    Between us my husband and I have a MacBook Pro and a MacBook Air.
    I'm looking for guidance on what might or might not be useful, beyond what is standard on a Mac, to protect against viruses and improve security on our system.
    Thanks in advance!

    Linc Davis wrote:
    (1) Don't install any commercial anti-virus software. It's all useless garbage.
    Not true, at least if you email or send files to Windows users. It won't do you much good if your Mac isn't compromised but theirs is by something you pass along to them. Any info about you on their computers is put at risk of exploitation. We live in a connected world, & like it or not we are all in this together.
    (2) Use your administrator account (the first one you created) only for administrative tasks such as installing software.
    This offers reasonable protection but some malware is potentially capable of exploiting unpatched vulnerabilities that allow privileges to be escalated to admin or even root level without a user's knowledge. And even if an exploit is confined to the domain of a regular user account it can still do damage or compromise information.
    NEVER enter your administrator password when prompted to do so by an application UNLESS it's a built-in application, such as the Installer.
    That would preclude the use of a great deal of commercial software that doesn't use Apple's Installer.app, including most Adobe products.
    NEVER install any third-party software except by drag-and-drop into your Applications folder, or by download from the App Store.
    Same as above: not everything users want or need uses Apple's installer or can be installed by a simple drag & drop. And obviously, if the system is already infected all bets are off: you can no longer trust Installer.app to be what it says it is.
    NEVER run any program you receive as an unsolicited email attachment, even if you know and trust the apparent sender.
    This does not apply only to attachments containing executable code, or even just to email. Apple has provided security updates to patch vulnerabilities that can be exploited just by clicking on links to maliciously formed web pages. This kind of attack is becoming more popular, in part because browsers send info about the client computer to the server that can be used to tailor the attack to the specific vulnerabilities of the platform, & in part because browsers increasingly rely on executing scripts & other instructions provided by web pages to render them.

  • What security products are suggested for scrubbing rootkits from a Mac? There are good articles on similar repair for PCs and it makes me want to see if I can save this machine. It's in forensic recovery right now so I myself have not done anything yet.

    What security products are suggested for scrubbing rootkits from a Mac? There are good articles on similar repairs for other makes online. I would like to investigate whether a machine can be truly scrubbed or if it's best to retire it. I haven't done anything yet as it is a candidate for more extensive forensic recovery.
    Also, I am not sure if various malicious spoofing and cloaking tricks (making Wi-Fi appear off when it is on, hiding unauthorized sharing/remote access, falsifying System Preferences preference panes, etc.) are resolved by a thorough drive erase or are more similar to APTs?
    Finally, is there any emerging information regarding APT hiding places other than the recovery partition? I have heard mention of the EFI, for example, but it seems unproven and unlikely. Some people have also mentioned the RAM.
    This is an upsetting topic to some people, including me, so I appreciate circumspect, measured responses. Thanks! And don't try to answer all my questions if you really just want to comment or answer one. All thoughts are appreciated.

    Hi, Lincoln,
    A straightforward question. You are correct in recognizing the difference between tentative conclusion and certainty. Here are our main reasons:
    1. Incoming items noted on the console (or console sub logs) and Activity Monitor after defenses are overcome, and which are brought in by an unwelcome remote user, often have a process name and the word "kit." (Bear with me.) We soon observe the process is under attack, from terminal evidence and soon, decreased or lost functionality of the process. The terminal generally reports alteration of specific kernel behaviors. A simple example (that may or may not be accompanied by kernel changes and may simply alter permissions) is modifying Disk Utility such that key uses are unavailable. You can see how an attacker might value disabling partition views, mounting and permission repair. In retrospect, DU might not be a root alteration. I was thinking that its relation to fsck flagged it as a possible ring 0 item. I may need to know core parameters of a good example to pick strong ones.
    2. Incoming folders hidden for possible later use contained bundles of similar root kits, including some not applicable to Macs. From what I have read from reasonably credible sources, root kits are sold and traded both singly and in bundles.
    3. Root kits are a logical next choice for our attackers, as various prior techniques hindered us but did not paralyze us.
    4. One of the most authoritative articles I found was about PCs not Macs. I noted the assertion, undocumented, that an estimated one million computers are infected by root kit manipulations, and underscored that the kits can be used by people with low computer skills.
    5. MacAfee lists root kits (by description, not name) as a top pop five threat prediction in the coming year, though again, the emphasis is on PCs.
    Linc, I am trying to show a spectrum of observations and info that have shaped my thinking. To retrieve better captured evidence requires significant legwork at this time, but it is something I am willing to do if you can be patient. Understand this long attack has been like a natural disaster to us.
    I have not linked a few articles of interest because I forget if that's allowed. If so, I'd be glad to.
    After reviewing this partial answer, you may form another hypothesis. If so, please share it. I am comfortable with my position but not clinging to it.
    Thanks for your interest. Looking forward to your thoughts.
    Oh, yeah: some material is out for analysis, so we should have credible opinions pretty soon. Not positive exactly when.

  • Edge and Next are good for the corporations but are they good for the consumer?

    Ok so I have never paid full price upfront for a phone!  Ever since my first phone from VoiceStream I have opted for what ever phone was "free" because way back then (I blush as I type) I actually thought the phone was "free!!!" Ah, to be naive again!! But as we all know the phones never were nor will they ever be free. 
    However I say programs like Verizon's Edge and AT&T's Next are good for the corporation if they weren't they would not exist.  The first reason I say this is because Edge and Next allow the cellular service provider to easily recoup the entire cost of the phone in a clear way unlike with subsidized phones that muddy the profit water.  For example, the Verizon 64GB iPhone 5s retails for $849.99, currently with a two year contract you pay $399.99 for that 64GB iPhone 5s.  The EFT for that phone is $350 (minus $10 per month of post paid service).  If you on the 15th the day after you got your phone you paid the EFT but kept service you only paid $749.99 for that $849.99.  Sure you still pay for service but you can leave when ever and Verizon cannot say hey you owe us $100 more for you phone.  Its yours and they can't take it back and the only way Verizon will get that $100 back is though another customer  that subsidized a much lower cost phone that at the completion of that contract Verizon will  more than recoup the cost of that lower priced unit. To top that off you could turn around and sell the phone for $800 go back to Verizon or another provider buy a $450 phone and break even.  I'm not suggesting that people do that or that it may prove to be a big hassle for some that went through all the trouble.  Its just a point to show that subsidized phones make the profits less clear for the service provider to see at first glance.
    Second reason these programs are good for the corporation is they allow the service providers to get a better grasp on the true cost of maintaining their networks and providing us the consumer access to their networks.  Third reason it good for the corporation is the people that feel the need to upgrade every six months to a year are required to pay at least 50% of the retail cost of the phone at the same time they must surrender that device in exchange for the new device.  So the service provider then has the phone refurbished certified to be in "like new condition" and sell it again potentially making more than retail cost when the profits of both sales of the same handset are factored together. 
    That being said what will the impact of programs like Edge and Next have on cost of future cellular service plans and smartphones?  Over time will the service provider give us the best per line access fee (not likely but maybe)? Or will people upgrading their smartphones at faster intervals cause the cost of the smartphones to drop over time? What are your thoughts?

    Go to the link I provided and click on "Check upgrade eligibility"

  • What internet security do you recommend for apple products

    What Internet security do you recommend for apple products

    None.  The best security is to backup your data frequently, and using WPA2 encryption on wireless routers.    Otherwise basic good practices include:
    1. Do not download sites that suggest installing cleanup software.
    2. Do not do things that might slow your Mac down:
    https://discussions.apple.com/docs/DOC-6921
    3. Do not install updates except directly from reputable vendors websites, and the Apple Mac Store.
    4. Do not follow instructions of popup windows or banner ads.
    5. Do not use peer2peer or torrent software.
    6. Do not open .scpt, .sct, .app attachments.
    7. If you use Windows on your Mac, the same security rules for Windows on a non-Apple machine apply as an Apple machine.

  • I can't change my appleID password as I have no idea what my security questions are! HELP!!!! I am not getting any messages to nmy new, awesome Samsung S4

    I can't change my appleID password as I have no idea what my security questions are! HELP!!!! I am not getting any messages to nmy new, awesome Samsung S4

    Hello Jaded1234,
    The steps in the articles below will guide you in setting up your rescue email address and resetting your security questions:
    Rescue email address and how to reset Apple ID security questions
    http://support.apple.com/kb/HT5312
    Apple ID: All about Apple ID security questions
    http://support.apple.com/kb/HT5665
    If you continue to have issues, please contact our Account Security Team as outlined in this article:
    Apple ID: Contacting Apple for help with Apple ID account security
    http://support.apple.com/kb/HT5699
    Thank you for using Apple Support Communities.
    Best,
    Sheila M.

  • Which DVD are good  for burning

    I tried many different dvd/cd for burning movies and music, but they are not all working very well.
    Does somebody knows which dvd are good for burning movies and music.

    Hi Sue,
    Thanks for your answer. I bought them also before, but it seems that not all working very good.
    I burned dvd's and play them on my Home theather. Beginning good, later it gave reading problems. What I also know is: Dvd players from 40 euro's works better then one from 1600 euro's.
    I shall buy the -R this week and hopefully the work better.
    Ray

  • HT201303 How can I find out what my security answers are? I am trying to purchase an app on a new device and it won't let me without answering and I have totally forgotten

    How can I find out what my security answers are? I am trying to purchase an app on a new device and it won't let me without answering and I have totally forgotten

    Welcome to the Apple Community.
    You might try to see if you can change your security questions. Start here, change your country if necessary and go to manage your account > Password and Security.
    I'm able to do this, others say they need to input answers to their current security questions in order to make changes, I'm inclined to think its worth a try, you don't have anything to lose.

  • I am a male, and am looking at buying an ipod touch 5, i do not know what color i should get, does anyone have any suggestions on what ipod touch colors are best for guys

    I am a guy and i am looking at buying an ipod touch 5, i do not know what color i should get, does anyone have any suggestions on what ipod touch colors are best for guys?

    The Product Red model

  • What kind if tables are suitable for partitioning?

    What kind of tables are suitable for partitioning?
    I have several tables in same schema. Each of them is bigger than 200MB. DML commands are executed continuously against these tables. After diagnosis, I know than the sequential read wait is the root cause. Should I partition each of them?
    Edited by: jetq on Jul 16, 2009 8:04 PM

    jetq wrote:
    What kind of tables are suitable for partitioning?The question to answer your question is: What will be gained by partitioning and why? When you understand this, then you can decide if it is suitable for partitioning.
    BTW sequential read wait has to do with index scans, not table scans. Table scan waits are reported as scattered reads, not sequential.
    Regards,
    Greg Rahn
    http://structureddata.org

  • What compressor settings settings are best for 1080i  to output to DVD using DVD Studio pro?

    What compressor settings settings are best for 1080i  to output to DVD using DVD Studio pro? I used FCP 6, exported using Quick Time.

    DVDs are only SD. There was at one time HD-DVDs, which DVD SP and Compressor can make, but HD-DVDs will only play in Macs and, now obsolete HD-DVD players. HD-DVDs will not play back in standard DVD players or Blu-Ray players. If you want to make a "DVD will be played on DVD player for TV" disc, your only choice is SD.
    If you want HD video on a disc, then you want Blu-Ray. You will need a Blu-Ray burner (Apple does not make a Blu-Ray burner so you will have to buy a third-party Blu-Ray burner), Blu-Ray discs and software that will make a Blu-Ray disc. That could be the latest version of Compressor, or FCPX, or Toast, or Encore.

  • What free - 5 £ apps are there that are good for business

    Hi,
    Just wondering if anyone knows any apps that i can download that is good/useful to use in business
    please could you state the name
    Greatly Appreciated.

    Good for what sort of business? To do what? There are hundreds if not thousands of free or inexpensive apps that might be useful to you, so without any sort of parameters on which to base suggestions, making recommendations is all but impossible. Search the web for "iphone business apps" and you'll find a number of articles with suggestions and opinions; you might find those a useful place to start.
    Regards.

  • Componentlist and what the components are good for

    Hello,
    I am searching for an overview of the NW's '"standard" component and it's meaning to recognize which components I need to update and what they are used for.
    Has someone seen something like this?
    Thank you, Maximilian

    Hi,
    As per my understanding you are trying to find and update the software components in the SAP system.
    You can find ABAP side components in SPAM display all packages.
    If for java the go to http://ipaddress:5xx00\index.html
    Then navigate to system info it will show you all the java components present in your system,
    And you have to aptch all this components.
    Regards,
    Vamshi.

  • Which Practice exams are good for 1z0-047 & 1z0-007?

    What is the price for oca voucher?

    Self-Test CDs are good. For both exams you can get hundreds of practice questions with explanations.
    Also the SYBEX and Oracle Press books have quite good revision questions and additional exams.
    All in all I think I paid around $200 for the Self Test and around $80 for both books.
    Compare that to the $13000 I am still paying off for a Certificate in vb.NET from Maryland University.
    DA

Maybe you are looking for