Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.security > #83
| From | "Speedo" <speedo@THRWHITE.remove-dii-this> |
|---|---|
| Subject | Re: Applet security |
| Message-ID | <a605de77-9338-47c6-bc10-bae26aea56ca@s12g2000prg.googlegroups.com> (permalink) |
| Newsgroups | comp.lang.java.security |
| References | <47e8166c$0$14550$ec3e2dad@news.usenetmonste |
| Date | 2011-04-27 16:08 +0000 |
| Organization | TDS.net |
To: comp.lang.java.security The normal applet security mechanisms of Java, as far as I can tell, is to protect users instead of restrict them. No matter what kinds of tricks and traps you place in your code, an experienced user can always decompile the code, reverse engineering the protocol, and bypass all kinds of restrictions. So pay less attention on the client applet, and add real security to the communication protocol and your server infrastructure. That's the correct approach. Speedo On Mar 25, 5:00 am, "Kenneth P. Turvey" <kt-use...@squeakydolphin.com> wrote: > I'm going to be implementing an applet for a customer over the next month > or so that interfaces with the customers phpFox installation and > downloads, updates, and uploads images. > > The problem of course, is that I don't want just anyone to be able to > perform these tasks, but only the logged in user of phpFox. So how is > this best implemented? Can an applet get access to the cookies stored by > the surrounding browser? Is there some other way to handle this? > > Thanks, > > -- > Kenneth P. Turvey <kt-use...@squeakydolphin.com> --- * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet! --- Synchronet 3.15a-Win32 NewsLink 1.92 Time Warp of the Future BBS - telnet://time.synchro.net:24
Back to comp.lang.java.security | Previous | Next | Find similar
Re: Applet security "Speedo" <speedo@THRWHITE.remove-dii-this> - 2011-04-27 16:08 +0000
csiph-web