5 Replies Latest reply on Mar 22, 2007 3:06 AM by Christian Bauer

    is link secure?

    John Newbie

      Hi!

      I'd like to know if the links generated by s:link s:button are secure.

      for example

      <s:link action="#{AA.method}" value="XXX">
       <f:param name="id" value="#{object.id}" />
      </s:link>
      


      is it possible for somebody to copy this link to the browser and modify the object id in the current session so that he could see the content of other objects?

      Thanks

        • 1. Re: is link secure?
          Norman Richards Master

          Seam does not verify the integrity of the URL. Your action should contain the appropriate security checks if that is important to the application.

          • 2. Re: is link secure?
            Gavin King Master

             

            I'd like to know if the links generated by s:link s:button are secure.


            They are just as secure as JSF form submissions. ie. Seam verifies that the method being invoked is really one that appears in an EL expression on the page.

            However, it is of course your job to make sure that the actual data passed in parameters is safe (just like in any web fwk).

            • 3. Re: is link secure?
              David Cracauer Newbie

              Any chance of having an s:secureLink tag, or secure="true' option on the link tag. When this is used, Seam would encrypt the parameter, then decrypt on the other side. This is what we currently do when we pass around ids in our struts app, and I'm going to need to find a simliar solution for our conversion to Seam.

              • 4. Re: is link secure?
                Gavin King Master

                Use a page parameter, and implement the encrypt/decrypt in a JSF converter.

                • 5. Re: is link secure?
                  Christian Bauer Master

                  That is also a novel approach to entity security. You should not obscure URLs but rather have a multi-layer approach, where at the lowest layer you can never even load an entity from the database you do not have the access rights for.