Monday, March 2, 2009

Filtering, the security method of the discerning secure app.

So, Brian and I talked and emailed about security, and the method we singled out was "use the fancy filtering architecture of tomcat/jboss/any-servlet-container to basically screen all requests and bump any that are not authenticated to a login page". Thus, I have written a little class to test that a filter is being used and with the help of Brian, set up the web.xml of the Quicksilver web app to use the filter. Tomorrow I plan to deal with redirects and writing a little login page and probably create a new little simple authentication project so that anyone wanting to add (very) basic authentication to their app can.

Otherwise, the NPDS service underwent a small change over the weekend, so while staging wasn't undergoing any errors and some data was being returned, the data was all cached and I had to do a quick update of my code in order to handle the change.

Cheers, I hope everyone had a good weekend!

No comments: