radioAe6rt

Profiling a Java application’s security needs

leave a comment »

Writing up in a bit more detail the recent work on Java app security profiling.

5 Nov 2006 update. I now believe this method is unworkable. See the updated tutorial preamble.

6 Nov 2006 update. On again, off again. I think I got it working. The joys of discovery.

21 Nov 2006 update: I added a simple cache to ProfilingSecurityManager to suppress the writing of duplicate rules during profiling. This saves a considerable amount of I/O.

[tags]java security, java security managers,tomcat,webapps[/tags]

Written by radioae6rt

November 2, 2006 at 6:48 pm

Posted in Internet

«
»

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.