In the instance an application was receiving some sensitive piece of data from a form submittal how could someone handle the issue of the information being in memory for some uncertain amount of time.
I say this, due to the fact that tomcat will definitely store posted data into inmutable String objects. Even if from that point it is converted into a char[] array and handled securely it continues to live in the request object and who knows exactly when that would be get garbage collected. Is there any simple way currently or planned for the future to handle such a situation so that the application could destroy all instances of a sensitive piece of information at will? Thanks beforehand for any help / ideas View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3913644#3913644 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3913644 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
