You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cocoon.apache.org by Kiss Tibor <Ti...@Synergon.hu> on 2000/06/16 19:03:41 UTC

Cocoon 1.7.4 security

Hi everybody!

I am quite a newbie to cocoon (downloaded last week) but I am amazed.
I am already building a site with it.
However, can anyone suggest how to to include some kind of security into
cocoon?

Thanks
Tibor

Re: Cocoon 1.7.4 security

Posted by Vincent Dovydaitis <vi...@foliage.com>.

I am not sure what you are asking for. The security of Cocoon I believe is
largely dependent on the surrounding technologies. Cocoon is a servlet that
runs on an HTTP server (Apache, IIS, etc) that connects to a Java Servlet
server (Tomcat, JServ, etc) that uses a JVM (Microsoft, Sun, etc). I would
concentrate initially on determining the security of the environment that
Cocoon runs in. That said, and noting the Cocoon is entirely a server side
process, I am curious whether it is susceptible to buffer overflow attacks.

If you want to secure the HTTP server (using SSL on Apache, for example)
then see the discussion in http://www.apacheweek.com/features/ssl

Kiss Tibor wrote:

> Hi everybody!
>
> I am quite a newbie to cocoon (downloaded last week) but I am amazed.
> I am already building a site with it.
> However, can anyone suggest how to to include some kind of security into
> cocoon?
>
> Thanks
> Tibor
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: cocoon-users-unsubscribe@xml.apache.org
> For additional commands, e-mail: cocoon-users-help@xml.apache.org