table of contents
MSAJSP

Source Code Archive

More Servlets and JavaServer Pages


Chapter 8: Programmatic Security

To view source code for other chapters in this book, mouse over the table of contents bar on the left.

Source Code from Chapter

Note: right-click or shift-click on the links to download the associated file.

  • employee-pay.jsp. A JSP page that augments the internal Web site for hot-dot-com.com. The page shows plans for employee pay. Because of entries in web.xml, the page can be accessed only by users in the employee or executive roles. Although both groups can access the page, they see substantially different results. In particular, the planned pay scales for executives is hidden from the normal employees.
  • web.xml. Deployment descriptor for the hotdotcom-internal application.
  • tomcat-users.xml. Tomcat-specific password file.
  • company-styles.css. Style sheet used by almost all JSP pages in the hotdotcom-internal application.
  • hotdotcom-internal.war. The entire hotdotcom-internal application bundled in a WAR (Web ARchive) file.
  • StockTip.java. Servlet that gives very hot stock tips. So hot that only authorized users (presumably ones who have paid the steepreasonable financial advisory fee) can access the servlet.
  • stocks.war. The entire stocks application bundled in a WAR (Web ARchive) file.
  • SecurityInfo.java. A servlet that redirects non-SSL requests to a URL that is identical to the URL of the original request except that http is changed to https. When an SSL request is received, the servlet presents a page that displays information on the URL, query data, key size, encryption algorithm, and client certificate.
  • securityInfo.war. The entire securityInfo application bundled in a WAR (Web ARchive) file.

URLs Referenced in Chapter

More Information

Java

JSF (JavaServer Faces)

Servlets & JSP
Ajax, GWT, & JavaScript

Spring, Hibernate, & JPA

Struts