tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Price <epr...@ptc.com>
Subject Re: INSECURE to rely on sendRedirect (??)
Date Fri, 24 Jan 2003 19:05:49 GMT


Mike Jackson wrote:
> There's always something that can be done to make systems more secure, but
> you
> realistically need to balance the time and effort (both to secure it and to
> use it),
> with the environment.  My systems typically are installed on secure networks
> where
> all users are given fairly intense background checks.  So my balance is more
> towards
> the ease of use for the end user.

Agreed.  I'm pretty satisfied with the SecurityFilter so I'm going to 
shelve that for now and get to work on the main problem domain of my 
application for now.  Fortunately this is going to be a relatively 
low-traffic application, and it'll only be accessible from within our 
intranet, so security is not a huge concern.

Erik


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message