EJB Bad Practices: Use of AWT/Swing

Template:CandidateForDeletion

#REDIRECT Failure to follow guideline/specification

Last revision (mm/dd/yy): 04/7/2009

[hide]

1 Description
2 Risk Factors
3 Examples
4 Related Attacks
5 Related Vulnerabilities
6 Related Controls
7 Related Technical Impacts
8 References

Description

The program violates the Enterprise JavaBeans specification by using AWT/Swing.

The Enterprise JavaBeans specification requires that every bean provider follow a set of programming guidelines designed to ensure that the bean will be portable and behave consistently in any EJB container [1].

In this case, the program violates the following EJB guideline:

 "An enterprise bean must not use the AWT functionality to attempt to output information to a display, or to input information from a keyboard."

A requirement that the specification justifies in the following way:

 "Most servers do not allow direct interaction between an application program and a keyboard/display attached to the server system."

Risk Factors

TBD

Examples

TBD

Related Attacks

Related Vulnerabilities

Related Controls

Related Technical Impacts

References

[1] Enterprise JavaBeans 2.1 Specification. Sun Microsystems. http://java.sun.com/products/ejb/docs.html.

EJB Bad Practices: Use of AWT/Swing

Description

Risk Factors

Examples

Related Attacks

Related Vulnerabilities

Related Controls

Related Technical Impacts

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools