| With the development of Information Technology, more and more people like to do businesses on the Web site. But many website are still under the threats of the hacker, modification, un-trust access. So how to protect the web security is becaming a very important issue for many web administrators.JSP (Java Server Pages) is a dynamic web design technology which is proposed by Sun Microsystems Company and other company. With its advantages on cross-platform, strong manage on memory and events dealing, JSP is welcoming by many developers. Although JSP inherit the security form J2EE language, the security problems remain exit on JSP Website. Today many web site are becoming more complexity and more enormous, and the development of website need more people than before, so none can confirm the absolutely security. We must pay more attention on how to construct a security JSP website integrately.Under this situation, the paper will discuss how to build a security Web with the network technology and coding technology. The part of network technology will detailedly mention theory and deployment of various network devices, include the Firework, IDS, Anti-modification, and the setting of web server. This part is the foundation knowledges for web security, but these devices prevent most of hacker attacks.Coding technology part is the hardcore of this paper, this part start from J2EE architecture, and discusses the JSP characteristic, the inner security framework of J2EE and the certificate model. At the end of this part, JAAS framework will be introduced to realize the certificate Model.At the last, a JSP website is demonstrated to show how to deploy the above security technologies. After the construction, we carry on an evaluation on the web safety and stability, the result of evaluation are also satisfied. |
PDF Full Text Request