Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : All About Sun Microsystems -- Ignore unavailable to you. Want to Upgrade?

To: Stormweaver who wrote (18958)	8/27/1999 9:47:00 AM
From: Reginald Middleton	Read Replies (1) \| Respond to of 64865

Servlet's are very quick. You should try it. Performance is not noticeably downgraded either. Look into it. This is why I say that Java is starting to come of age. From the Javasoft site at java.sun.com Our Office product when used over the public Internet is more secure than MSFT Office when used over a private Intranet, and the servers will have much more physical protection than any average consumer can provide. What Does the Java Security API Provide? The Java Security API is a new Java core API, built around the java.security package (and its subpackages). The first release of the Java Security API, available in JDK 1.1, contains APIs for: Digital Signatures Digital signature algorithms, such as DSA (Digital Signature Algorithm). The functionality includes generating public/private key pairs as well as signing and verifying arbitrary digital data. Message Digests Cryptographically secure message digests, such as MD5 and SHA-1. These algorithms, also called one-way hash algorithms, are useful for producing "digital fingerprints" of data, which are frequently used in digital signatures and other applications that need unique and unforgeable identifiers for digital data. Key Management A set of abstractions for managing principals (entities such as individual users or groups), their keys, and their certificates. It allows applications to design their own key management systems, and to interoperate with other systems at a high level. Note that support for specific certificate formats is not available but will be part of a future JDK release. The cryptography framework in the Java Security API is designed so that a new algorithm can be added later on without much difficulty and can be utilized in the same fashion as existing algorithms. For example, although DSA is the only built-in digital signature algorithm in this release, the framework can easily accommodate another algorithm such as RSA. Vendors can develop their own algorithms and integrate their resulting provider) packages into the Java Security API so that clients can utilize them.

To: Stormweaver who wrote (18958)	8/27/1999 10:08:00 AM
From: Reginald Middleton	Respond to of 64865

More on security from jserv.javasoft.com:80/products/java-server/documentation/webserver1.0.2/servlets/api.html Security Features Servlets have access to information about their clients. When used with secure protocols such as SSL, peer identities can be determined quite reliably. Servlets relying on HTTP also have access to HTTP-specific authentication data. Servlets have the Java advantage: memory access violations and strong typing violations are not possible, so that faulty servlets will not crash servers the way that is common in most C language server extension environments. Unlike any other current server extension API, Java Servlets provide strong security policy support. This is because all Java environments provide a Security Manager which can be used to control whether actions such as network or file access are to be permitted. By default, all servlets loaded over the network are untrusted, and are not allowed to perform operations such as accessing network services or local files. Performance Features One of the biggest performance features of servlets is that they do not require creation of a new process for each request. In most environments, many servlets run in parallel within the same process as the server. When used in such environments with HTTP, servlets provide compelling performance advantages over both the CGI approach and the Fast-CGI approach. This is because servlets only require light weight thread context switches. Even Fast-CGI involves heavy weight process context switching on each request, and regular CGI requires even heavier weight process startup and initialization code on each request. Since in most environments servlets can handle many client requests each time they are initialized, the costs of that initialization are spread over many methods. All the client requests to that service have the opportunity to share data and communications resources, benefiting more strongly from system caches. With many implementations of the Java Virtual Machine (JVM), Java Servlet programs automatically take advantage of additional processors, helping you scale your applications up from entry-level servers all the way up to mainframe class multiprocessors. This helps provide better throughput and response time to your clients. Because 100% Pure Java programs don't care what operating system they use, you have the power to choose whatever system vendor best addresses your requirements in any given application