[WEB SECURITY] RE: [Webappsec] Java 2 Security Standards
Larry Pingree
Larry.Pingree at safeway.com
Fri Mar 23 17:55:06 EDT 2007
Hi Daniel,
Thanks, we're looking for some sort of either standardization, or automated policy file creators. Something that will help us automatically create the most secure Java 2 policy files during our development cycle in pre-prod, this way we don't have to spend as much time debugging Java 2 Security Errors.
-----Original Message-----
From: Daniel Fernández Garrido [mailto:daniel.fernandez.garrido at gmail.com]
Sent: Friday, March 23, 2007 1:36 PM
To: Larry Pingree
Cc: webappsec at lists.owasp.org; websecurity at webappsec.org
Subject: Re: [Webappsec] Java 2 Security Standards
Well... I don't know which your security requirements are and what specific functionalities you need which so this may not fit but, if I can do some self-marketing... maybe you should have a look at jasypt (http://www.jasypt.org).
Regards,
Daniel.
Larry Pingree wrote:
> Hi Folks,
> Had a question around Java 2 security. Is there anything that you
> folks are aware of that would assist our developers in streamlining
> the development when using Java 2 security? The complaints are that
> Java 2 is complex to troubleshoot and navigate and that development
> with it turned on is too difficult. Any ideas?
> Best Regards,
> Larry Pingree
> Sr. Security Analyst
> Information Security Department
> 'Instead of worrying about bad things that might happen, get busy
> trying to create the kind of future you want. The best insurance
> policy for tomorrow is to make the most productive use of today.....and
> then ride the horse in the direction that it is going"
>
> "MMS <safeway.com>" made the following annotations.
> ----------------------------------------------------------------------
> --------
> Warning:
> All e-mail sent to this address will be received by the Safeway
> corporate e-mail system, and is subject to archival and review by
> someone other than the recipient. This e-mail may contain information
> proprietary to Safeway and is intended only for the use of the
> intended recipient(s). If the reader of this message is not the
> intended recipient(s), you are notified that you have received this
> message in error and that any review, dissemination, distribution or
> copying of this message is strictly prohibited. If you have received
> this message in error, please notify the sender immediately.
>
> ======================================================================
> ========
>
> ----------------------------------------------------------------------
> --
>
> _______________________________________________
> Webappsec mailing list
> Webappsec at lists.owasp.org
> http://lists.owasp.org/mailman/listinfo/webappsec
>
"MMS <safeway.com>" made the following annotations.
------------------------------------------------------------------------------
Warning:
All e-mail sent to this address will be received by the Safeway corporate e-mail system, and is subject to archival and review by someone other than the recipient. This e-mail may contain information proprietary to Safeway and is intended only for the use of the intended recipient(s). If the reader of this message is not the intended recipient(s), you are notified that you have received this message in error and that any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately.
==============================================================================
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
More information about the websecurity
mailing list