Channels ▼

Web Development

Securing the Java Core

Patterns Help

Several years ago, Sun Microsystems published Core J2EE Patterns: Best Practices and Design Strategies, by Deepak Alur, John Crupi, and Dan Malks. The book featured a collection of the most commonly occurring Java EE patterns, such as Intercepting Filter, Front Controller, and Session Facade. Since the book's publication, Java EE developers around the world have built applications that use the Core J2EE Patterns. Increasingly, developers have adopted open source frameworks that employ some of the Core J2EE Patterns such as Struts 1.x, Struts 2.x, Spring, and many others. Java EE frameworks, whether open source or proprietary, represent a major opportunity for application security. If we can secure these frameworks then we can start to make a major impact on application security in Java EE space. The problem is that securing the frameworks individually is time consuming and most security professionals have a tough time keeping up with the ongoing new Java technology explosion. We wrote the Security Analysis of the Core J2EE Patterns to address this problem. The analysis examines common security shortcomings and possible opportunities for implementing controls within the patterns rather than specific frameworks. For example, the ViewHelper pattern is the perfect place to add output encoding in order to mitigate cross site scripting; developers often forget to sufficiently authorize end users with Command objects in the Front Controller pattern; and developers should add protection against SQL injection in the Data Access Object pattern. The advice comes from years of examining large applications and noticing vulnerabilities occurring in the same patterns regardless of underlying web application framework.

A primary goal of the Security Analysis of Core J2EE Design Patterns project is to help framework developers make informed decisions about security. When the developers of the next Struts (or any other popular framework) begin design, we want them to address all the concerns raised in the paper so that people who use their framework will inherit many secure features by default and be able to add others with minimal configuration changes. It's important to recognize that this project does not overlap with Core Security Patterns. The book provides new patterns on how to develop security functions such as authentication and authorization whereas the Security Analysis of Core J2EE Design Patterns project analyzes existing patterns for security. Ultimately, we hope the pattern analysis spurs similar work on other popular patterns such as Martin Fowler's Patterns of Enterprise Application Architecture. We also hope people begin to analyze patterns in other popular domains such as scaffolding (e.g., Ruby on Rails), rich web client frameworks (e.g., Dojo), and messaging (e.g., Simple Object Access Protocol [SOAP] web services). By recognizing patterns and providing practical, positive security advice we can arm developers with the tools they need to build more secure frameworks from the start.

Related Reading

More Insights

Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.