Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
12345678910
Security System Guide: Table of Contents
x
Security Measures for Operation of the Web Server (Interstage HTTP Server) ............................2-4
Notes When Making Access......................................................................................................2-4
Notes on Communication Data..................................................................................................2-4
Threats of Denial of Service Attacks (DoS) ...............................................................................2-4
Leakage of Password Information .............................................................................................2-5
Unauthorized Access to Resource Files....................................................................................2-5
Risk of Exploiting the HTTP TRACE Method.............................................................................2-6
Threat that the UNIX account name will be discovered.............................................................2-7
Security Measures for Operation of the Web Server (InfoProvider Pro) ........................................2-9
Notes on Permissions of Contents ............................................................................................2-9
Notes on the Permissions of the Environment Definition File ...................................................2-9
Notes on User Authentication ....................................................................................................2-9
Security Measures for the Servlet Service....................................................................................2-10
Notes on the Use of Sessions .................................................................................................2-10
Notes on Web Application Development .................................................................................2-10
Notes on Deployment of Web Applications..............................................................................2-10
Notes on the Root Directory of the Web Application ...............................................................2-10
Notes on Communication Data................................................................................................2-11
Security Measures for the EJB Service ........................................................................................2-12
Resources to be Protected ......................................................................................................2-12
Resources to be Protected .................................................................................................2-12
Possible Threats to Resources................................................................................................2-13
Countermeasures Against Threats ..........................................................................................2-13
Confining Operation to Specific Users................................................................................2-13
Periodic Backup..................................................................................................................2-14
SSL Encryption ...................................................................................................................2-14
Security Measures for J2EE Deployment Tool .............................................................................2-15
Unauthorized Access to Resource Files..................................................................................2-15
Security Measures for the J2EE Resource Access Definition ......................................................2-16
Leakage of Password Information ...........................................................................................2-16
Security Measures for Interstage JMS..........................................................................................2-17
Unauthorized Access to Resource Files..................................................................................2-17
Security Measures for CORBA Service ........................................................................................2-18
Unauthorized Access to Resource Files..................................................................................2-18
Notes on Communication Data................................................................................................2-19
Notes on the Port Number used by CORBA Service...............................................................2-19
Notes on Creation and Operation of Java Applets ..................................................................2-19
About Authorization Settings...............................................................................................2-19
About Errors and Exceptions..............................................................................................2-19