advertisement

Article:
  Introducing mod_security
Subject:   Brave work! ----- from Roboo
Date:   2003-12-11 17:08:49
From:   anonymous2
I think you just focus on C/C++ version. There are too many Java servers and you have to write many plug-ins for them if you support Java, then you do not have enough time to split. - Roboo
Full Threads Oldest First

Showing messages 1 through 4 of 4.

  • Brave work! ----- from Roboo
    2003-12-15 16:29:27  anonymous2 [Reply | View]

    Interesting. How do you justify that demand for Java version is little? Supposedly the Java application servers are the mojority in enterprise applications. The list if long: WebLogic, WebSphere, iAS, SunONE, Tomcat, ... -Roboo
  • Brave work! ----- from Roboo
    2003-12-12 06:11:17  Ivan Ristic | O'Reilly Author [Reply | View]

    As a matter of fact some time ago I built a proof of concept version of ModSecurity in Java. In some respects it is better than the original (eg more modular, supports stateful actions). The good thing about Java is that request filters are a part of the core Servlet specification, therefore ModSecurity/Java works on all Java Web servers equally.

    Because there was very little interest for a Java version of ModSecurity I never posted it on the site. Eventually, I probably will, but at the moment I am still adding features to the original.
    • Brave work! ----- from Roboo
      2003-12-15 19:08:00  anonymous2 [Reply | View]

      Interesting. How do you justify that demand for Java version is little? Supposedly the Java application servers are the mojority in enterprise applications. The list if long: WebLogic, WebSphere, iAS, SunONE, Tomcat, ... -Roboo
      • Brave work! ----- from Roboo
        2003-12-20 07:17:43  Ivan Ristic | O'Reilly Author [Reply | View]

        I think it is just that Java people don't know ModSecurity for Java exist :) I'll post what I have online in the next month or so and we'll see.