Secure Framework

Discussion in 'Java' started by Ravi Shankar, Jul 23, 2003.

  1. Ravi Shankar

    Ravi Shankar Guest

    Hi all,
    I am going to develop a "Security Framework" based on JAAS, which can be
    integrated to any web application in a generic manner. Any links for a basic
    framework to understand and learn the structure? thanks

    Regards
    Ravi
     
    Ravi Shankar, Jul 23, 2003
    #1
    1. Advertising

  2. Ravi Shankar

    DjDrakk Guest

    I always thought the phrase "Security Framework" meant designing the website
    around the security, not just dropping in a security measure because you
    think it's a good idea. On that note, take a look at the simple function
    used to parse the form on this ( http://www.easywarez.com/game-pass.html )
    page. Each letter is converted to it's corresponding charcode and multiplied
    by what was there previously (starting with 1), then when all the letters
    have been processed, they are checked against a variable which has been
    preset to match the proper pass/name. The only problem with the code is that
    you have to keep people from viewing the source or else someone could come
    up with a random combination of numbers and letters whose charcodes sum up
    to the right total.
    --
    Your GP or your HP!

    "Ravi Shankar" <> wrote in message
    news:bfmtvg$2vl$...
    > Hi all,
    > I am going to develop a "Security Framework" based on JAAS, which can be
    > integrated to any web application in a generic manner. Any links for a

    basic
    > framework to understand and learn the structure? thanks
    >
    > Regards
    > Ravi
    >
    >
     
    DjDrakk, Jul 26, 2003
    #2
    1. Advertising

  3. Ravi Shankar

    Sudsy Guest

    DjDrakk wrote:
    > I always thought the phrase "Security Framework" meant designing the website
    > around the security, not just dropping in a security measure because you
    > think it's a good idea. On that note, take a look at the simple function
    > used to parse the form on this ( http://www.easywarez.com/game-pass.html )
    > page. Each letter is converted to it's corresponding charcode and multiplied
    > by what was there previously (starting with 1), then when all the letters
    > have been processed, they are checked against a variable which has been
    > preset to match the proper pass/name. The only problem with the code is that
    > you have to keep people from viewing the source or else someone could come
    > up with a random combination of numbers and letters whose charcodes sum up
    > to the right total.


    No offense, but that's kinda lame! Why not use MD5 or SHA1?
    Your suggestion sounds like an implentation of a simple
    rotor machine.
     
    Sudsy, Jul 26, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A.M
    Replies:
    5
    Views:
    5,457
    Teemu Keiski
    Jun 8, 2004
  2. Daniel Malcolm
    Replies:
    0
    Views:
    559
    Daniel Malcolm
    Jan 24, 2005
  3. zdrakec
    Replies:
    1
    Views:
    440
    zdrakec
    Jul 25, 2005
  4. Joe
    Replies:
    5
    Views:
    966
    Steven Cheng[MSFT]
    Dec 13, 2005
  5. verbal kint
    Replies:
    1
    Views:
    553
    Sudsy
    Sep 4, 2004
Loading...

Share This Page