|
|
|
|
@ -4,6 +4,21 @@
@@ -4,6 +4,21 @@
|
|
|
|
|
|
|
|
|
|
<part id="general"> |
|
|
|
|
<title>General</title> |
|
|
|
|
|
|
|
|
|
<faq id="other-concerns"> |
|
|
|
|
<question>Will Spring Security take care of all my application security requirements?</question> |
|
|
|
|
<answer> |
|
|
|
|
<p>Spring Security provides you with a very flexible framework for |
|
|
|
|
your authentication and authorization requirements, but there are many other considerations |
|
|
|
|
for building a secure application that are outside its scope. Web applications are |
|
|
|
|
vulnerable to all kinds of attacks which you should be familiar with, preferably before you |
|
|
|
|
start development so you can design and code with them in mind from the beginning. |
|
|
|
|
Check out the <a href="http://www.owasp.org/">OWASP web site</a> |
|
|
|
|
for information on the major issues facing web application developers and the countermeasures |
|
|
|
|
you can use against them. |
|
|
|
|
</p> |
|
|
|
|
</answer> |
|
|
|
|
</faq> |
|
|
|
|
<faq id="web-xml"> |
|
|
|
|
<question>Why not just use web.xml security?</question> |
|
|
|
|
<answer> |
|
|
|
|
|
Luke Taylor
18 years ago