摘要
对基于Struts框架的web应用的安全问题进行了分析和研究,通过扩展Servlet类和Struts Tag类建立了一种不影响系统性能、适应性广且能同时对web资源进行页面级和属性级安全控制的模型。在实现中,运用了Filter接口、TextTag类、web.xml配置文件和自定义的Security Helper接口。
Analysed and studied the security issues in struts-based web applications, built a kind of model through expan d ing servlet class and struts tag class,this model has no effect on application performance,has a good expansibility and can carry out page-level & field-level security control synchronously. In the realization,interface Filter,TextTag class, the web. xml file and customed interface SecurityHelper are used.
出处
《微计算机应用》
2006年第6期727-728,共2页
Microcomputer Applications