Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

how to prevent hacker from hacking a JSF web site?

843844Aug 28 2008 — edited Aug 31 2008

hi i have a big problem with my JSF web site
i have deployed my website on a very famous Server and suddunly hackers start to hack it
this is what i have noticed

1/for example suppose i have two pages login.jsp and welcome.jsp
when they were deployed when a user enter my website by typing http://localhost:8080/mywebsite
he will be redirected to page http://localhost:8080/mywebsite/login.faces
and he must identify him self next if he was recongized he will be redirected to http://localhost:8080/mywebsite/welcome.faces

but

....
i have a freind of mine who write in the explorer http://localhost:8080/mywebsite/welcome.faces
how can i prevent that?(i want that he must log in then go to that page)

2/are JSF prevent SQL injection?

3/ are JSF prevent SQL XSS?
thank you

Locked Post

New comments cannot be posted to this locked post.

Locked on Sep 28 2008

Added on Aug 28 2008

#javaserver-faces

7 comments

1,204 views