One comment. Make sure your ActionServlet intercepts all URL patterns so any HTTP request need to get session validated first.
Yuanbo -----Original Message----- From: Frank Zammetti [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 08, 2004 3:34 PM To: [EMAIL PROTECTED] Subject: RE: design security issue To really do security properly, you really should externalize it using a product like Netegrity's SiteMinder. That would be my first suggestion, but there is considerable cost in something like that, so it's not right for everyone or every situation. So, you can do some more minor things within your aop that should give you decent results: (1) Don't do anything within any action unless a valid session is found. This will keep quite a few people out of your app on it's own since they won't be able to just hack together a URL with a query string. I accomplish this in one app I did by having an ActionHelpers class, and the first thing any of my Actions do is call a validateSession() static method. If no session is present, forward right then and there to the logon page. You must be careful also that there is one and only one place in your code that creates a session, your logon Action most likely. (2) Make sure your running through SSL. Takes care of packet sniffing, more or less. (3) Encrypt the passwords in your database with a one-way hash encryption. Makes administration a little bit of a pain (no way to read the password), but it also makes hacking the system a little tougher. (4) Have good policies with regard to session timeouts and password structure. A 5-minute timeout might be too short depeneding on the app, but it's good security-wise. Make sure you have solid rules for what a password must look like (i.e., 6-10 characters in length, at least one non-alphabetic character and one non-alphanumeric character, must be chaged once a month, etc.). These are all easy to implement, and will lead to a fairly secure system. Not perfect, but reasonably secure. Depending on your environment, it might be plenty. Frank >From: "Zhang, Larry (L.)" <[EMAIL PROTECTED]> >Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Subject: design security issue >Date: Tue, 8 Jun 2004 15:14:36 -0400 > >I have an web application on which the manager can view his manage tree >and >select his employee for transactions (such as Perfromance Rating, putting >on Leave of absence). Definitely it is very vital in this case to keep the >security or make sure one data for one employee is submitted not for >another employee. Another thinking is that if the user come to a page via a >bookmark or come to the page without visiting the previous page, we should >catch this event and disallow the further action. I need to come up some >design solutions so that this security is handled elegantly. Any ideas? If >you know some sites discussing this, please let me know. > >Thanks. > >Larry Zhang > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > _________________________________________________________________ Watch the online reality show Mixed Messages with a friend and enter to win a trip to NY http://www.msnmessenger-download.click-url.com/go/onm00200497ave/direct/ 01/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
