WebApp Sec mailing list archives
Re: JSP Security - Limiting URL's
From: mlh () zip com au
Date: Wed, 11 Dec 2002 09:09:46 +1100
On Tue, 10 Dec 2002 09:48:02 -0500 Steve Posick <steve.posick () advansol com> wrote:
The idea of a Finite State Machine (FSM) is a good one for the example that the author used, an exam. It would fit nicely for any application that requires the user to follow a specific set of paths through the application and his use of XML as a state definition language is very elegant.
I don't see why an FSM enforces a particular path. In fact, it can enable arbitrary paths since you can define a behaviour from any given state to any other. e.g. 'no state' -> 'first visit state' for a page to enable bookmarkable urls. Matt
Current thread:
- JSP Security - Limiting URL's securityarchitect (Dec 09)
- Re: JSP Security - Limiting URL's Jeff Williams @ Aspect (Dec 09)
- Re: JSP Security - Limiting URL's Andrew Jaquith (Dec 10)
- Re: JSP Security - Limiting URL's Steve Posick (Dec 10)
- Re: JSP Security - Limiting URL's mlh (Dec 10)
- Re: JSP Security - Limiting URL's Jeremy Poteet (Dec 10)
- Re: JSP Security - Limiting URL's Jeff Williams @ Aspect (Dec 09)