Chapter 11. Securing Seam applications
This chapter covers
While winding down after a round of golf, I came across a magazine ad for Microsoft Visual Studio 2005 that serves as an example of how not to treat security. The ad shows side-by-side shots of a software development scene in which two developers are discussing a web application, one before the product is introduced and one after. The developer paraphernalia and the to-do list on the whiteboard reflect the state of the project, with the before scene being far more cluttered and laden with stress. But the contrast reveals a critical oversight in the after scene. An outstanding item on the to-do list reads “TEST CODE FOR SECURITY!!” The items crossed off are personalization features, consistency review of UI, accessibility, and breadcrumbs. At least the application will look pretty while it’s being hacked.