Coping with Java security changes
We really like Java for bioinformatics apps because the same app can run the heavy-duty backend processing, as well as the web-enabled front-end for querying results. We don't have to program two UI's, one for standalone use and one for public data access over the web. Also, it provides a full UI programming environment so you can be pretty sure you're going to be able to accomplish what you want to in that regard.
Problem is the security is getting ever more burdensome. I am wondering two things: 1) How are people coping with security? By paying a CA for signing? 2) Is there another platform we could be using to achieve the goals outlined above?
7 comments
[ 3.8 ms ] story [ 25.5 ms ] threadOn the server side, you have to look for the vulnerability of the web container that you are using.
I do not see how would a CA helps you in your concern. Yes, having certs provides you encryption when your data is travelling, and client side cert may also helps you as a method as authentication if you wish, but all those does not help you in the Java security problem itself.
I'd be interested of a different opinion.
Java on the web is technical debt whose note is coming due. Fortunately it's not onerous just a little painful, and repayment removes a possible impediment to user base growth.