Wednesday, August 20, 2008

WebApplicationFirewall using iScreen

Simplest solution for Application security is installing a web application firewall (WAF). Major function of WAF is to validate data. iScreen is one of the most popular validation frame work which can be used to build a firewall.

Most important feature of iScreen validation frame work is support for OGNL and MEVL. Given the full power of validations we can write a genric servlet filter which will act as a firewall. Let us look at various issues related to validations and WAF