«

Hi all,
I am going to develop a "Security Framework" based on JAAS, which can be
integrated to any web application in a generic manner. Any links for a basic
framework to understand and learn the structure? thanks

Regards
Ravi

I always thought the phrase "Security Framework" meant designing the website
around the security, not just dropping in a security measure because you
think it's a good idea. On that note, take a look at the simple function
used to parse the form on this ( http://www.easywarez.com/game-pass.html )
page. Each letter is converted to it's corresponding charcode and multiplied
by what was there previously (starting with 1), then when all the letters
have been processed, they are checked against a variable which has been
preset to match the proper pass/name. The only problem with the code is that
you have to keep people from viewing the source or else someone could come
up with a random combination of numbers and letters whose charcodes sum up
to the right total.
--
Your GP or your HP!

"Ravi Shankar" <> wrote in message
news:bfmtvg$2vl$...
> Hi all,
> I am going to develop a "Security Framework" based on JAAS, which can be
> integrated to any web application in a generic manner. Any links for a
basic
> framework to understand and learn the structure? thanks
>
> Regards
> Ravi
>
>

DjDrakk wrote:
> I always thought the phrase "Security Framework" meant designing the website
> around the security, not just dropping in a security measure because you
> think it's a good idea. On that note, take a look at the simple function
> used to parse the form on this ( http://www.easywarez.com/game-pass.html )
> page. Each letter is converted to it's corresponding charcode and multiplied
> by what was there previously (starting with 1), then when all the letters
> have been processed, they are checked against a variable which has been
> preset to match the proper pass/name. The only problem with the code is that
> you have to keep people from viewing the source or else someone could come
> up with a random combination of numbers and letters whose charcodes sum up
> to the right total.

No offense, but that's kinda lame! Why not use MD5 or SHA1?
Your suggestion sounds like an implentation of a simple
rotor machine.