Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
71727374757677787980
Chapter 2: Security Measures
2-10
Security Measures for the Servlet Service
This section explains the following topics:
Notes on the Use of Sessions
Notes on Web Application Development
Notes on Deployment of Web Applications
Notes on the Root Directory of the Web Application
Notes on Communication Data
Notes on the Use of Sessions
Session information is embedded in cookies or URL parameters.
When the Web server is connected to a Web browser via the Internet, the contents of communication
are in danger of interception or alteration.
Therefore, SSL encryption is recommended.
Notes on Web Application Development
For notes on web application development, refer to "Common Notes for Interstage" in the Product Notes.
Notes on Deployment of Web Applications
It is recommended to give write permissions only to users who execute the Servlet container to prevent
alteration by end users.
Notes on the Root Directory of the Web Application
If a directory open to the public on the Web server is the same as the root directory of the Web
application, the body of the Web application including the class files and Jar files may be accessible
through the Web browser.
To prevent this problem, it is recommended to make the directory made open by the Web server
different from the root directory of the Web application.