Normally we talk about preventing direct access to a JSP, but, in contrast, have a question regarding direct access to an action. Consider the following scenario:
A portal application hosts several portlet modules. Each of the modules is passed certain parameters from the portal when the user selects that module. Some of these parameters determine the security restrictions of the user (such as what components are visible to the user). However, if the user changes one of these GET parameters, the user could exploit greater access. Up to this point, a servlet filter was checking that the "referer" field was non null. I know that this form of security is highly discouraged (as it can be faked). How can one be sure that the information passed from page to page can be trusted? My guess is that the advice given is that the parameter must be validated against the database for the current user, not just trusted. In this case, the referer field is irrelevant. Dan -- Open Source Advocacy http://www.mojavelinux.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
