Servlets cannot be trusted they have information about the clients. They have access to HTTP specific authentication data and peer identities can be determined. Strong security policy support is present in Java servlets. Access to network files and services needs to be restricted for a servlet. Security manager provided by Java can be used to control the level of security.
Category:Servlet Interview Questions
No comments:
Post a Comment