The i-Technology Media!
Register | Log in
   
 
.NET  ·  AJAX  ·  CLOUD  ·  ECLIPSE  ·  FLEX  ·  OPEN WEB  ·  iPHONE  ·  JAVA  ·  LINUX  ·  OPEN SOURCE  ·  ORACLE  ·  PBDJ  ·  SEARCH  ·  SILVERLIGHT  ·  SOA  ·  VIRTUALIZATION  ·  WEB 2.0  ·  WIRELESS  ·  XML
Comments
Plone and Drupal: Different Approaches, Different Results
paul.nowak wrote: Matt, thanks for the comments. I made an error on the version of Plone. It's 2.5 Plone running on Zope 2.9x. In regards to the additional products, we have a skin installed and we have a product that we had custom developed for us that connects to a PostgreSQL database. We've looked at slow PostgreSQL queries causing problems and have not been able to find an issue. We've also tested for the case where the PostgreSQL server is down and have not been able to create an issue. We therefor...
Nov. 4, 2009 04:19 PM EST
Cloud Expo on Google News
Did you read today's front page stories & breaking news?


2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts

2009 East
GOLD SPONSORS:
CA
Get Your Transactions Under Control: SOA Performance Management
Software AG
Performance Driven Adoption: The Secret to Advancing SOA
Intel
The Evolving SOA Appliance: 3 Game-Changing Innovations
SILVER SPONSOR:
Denodo
Data Mashups: Deliver Your Project Faster with Virtualized Data Services Across Internal & External Sources
POWER PANELS:
The Business Value of Service Orientation
Driving Profitability Through User Experience
Click For 2008 West
Event Webcasts
Live Google News by SYS-CON!
Top Three Links You Must Click On


AJAXWorld News Desk
New ICEfaces White Paper Details Robust Security Solution For AJAX-Based Rich Web Applications
ICEsoft is the "Gold Sponsor" of upcoming AJAXWorld Conference & Expo

By: RIA News Desk
Sep. 14, 2007 09:15 PM

ICEsoft Technologies, a leading provider of enterprise AJAX solutions, and the "Gold Sponsor" of the upcoming AJAXWorld Conference & Expo 2007 West, announced the release of “Enterprise Ajax Security with ICEfaces”, a new white paper providing a pioneering solution to the security problem posed by rich Internet applications employing Ajax techniques. By using ICEfaces, the unique integrated Ajax application framework for Java EE, developers can leverage the trusted, proven security characteristics of Java EE, thereby avoiding the security gaps inherent in client-centric Ajax implementations.

“Typical Ajax techniques violate the fundamental security rule of the Web security model—don’t trust the client,” noted Stephen Maryka, Chief Technology Officer of ICEsoft Technologies Inc. and author of the white paper. “Client-centric Ajax creates a number of security problems for the enterprise, from business logic residing outside the server environment, to multiple sets of validation logic necessary to verify data being submitted back to server-side applications. By using the inherent, existing security of Java EE, these issues are sidestepped without compromising the performance or convenience made possible with rich Web solutions.”

“Ajaxifying” JSF
While security has always been a hallmark of Java EE (Enterprise Edition), a link must be established between the Java environment and Ajax. JavaServer Faces (JSF), the most recent addition to the Java EE stack, combined with ICEfaces, provides the solution.

As explained in the white paper, ICEfaces can be used to establish Ajax functionality in JSF without compromising the server-centric nature of the Java EE framework. ICEfaces offers a lightweight Ajax Bridge that enables both partial data submission from the user, and incremental DOM updates to the browser client. The partial submit mechanism is built into the ICEfaces component suite, so the developer has control over the mechanism on a component level basis; on the return side, the framework uses a technique called Direct-to-DOM rendering with incremental update to distill only those DOM changes necessary to update the Web page.

“Enterprise Ajax Security with ICEfaces” convincingly shows how “Ajaxifying” JSF can provide the security required for rich Web applications. By using ICEfaces, developers can create apps that are completely server-centric, thereby removing the need for client-side business logic and application data. Validation is also handled exclusively on the server, so there are no mismatches or inconsistencies that may open a security hole. Other strategic security advantages are also detailed.

The seven-page ICEsoft paper includes charts, point-by-point discussions of Ajax security gaps and how those challenges can be met through the JSF-ICEfaces implementation. To download the free paper, simply log on to

http://www.icefaces.org/main/resources/whitepapers.iface.

For more information please contact Serena Thomas at SSPR 847-415-9312 sthomas@sspr.com

Published Sep. 14, 2007— Reads 14,430 — Feedback 2
Copyright © 2007 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
Related Stories
▪ ICEsoft Joins OpenAjax, Focuses on Back-End Issues
▪ ICEsoft Releases Thin Client AJAX and AJAX Push Technology
▪ ICEsoft Open Sources ICEfaces Enterprise AJAX Platform for Java EE
▪ AJAX Solutions Provider ICEsoft Joins BEA Partner Program
▪ Steve Maryka of ICESoft
▪ ICESoft Embraces AJAX, Discusses Vision on SYS-CON.TV
▪ ICEsoft's Web 2.0 Solution Integrates with JBoss Seam
▪ ICEsoft Named "Gold Sponsor" of AJAXWorld Conference & Expo
▪ ICEfaces + Liferay = Rich User Experience and Developer Simplicity
▪ "RIAs in Action" Track at AJAXWorld Conference & Expo 2007 West
▪ ICEfaces and Mobile AJAX for the iPhone at AJAXWorld Conference & Expo
About RIA News Desk
Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

Add Your Feedback

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

#2
navot commented on 24 Sep 2007

I would like to draw your attention to an AJAX paradigm shift. One should be aware that I am not, and do not pretend to be objective. Visual WebGui is an open source rapid application development framework for graphic user interfaces of IT web applications. It replaces the obsolete paradigms of ASP.NET which were designed for developing sites, with WinForms methodologies, which were designed for developing applications. Thus enabling designer that was designed for application.This provides the developer with an extremely efficient way to design interfaces using drag and drop instead of hand coding HTML. VWG doesn’t expose logic, data or open services on client requests and therefore is not as vulnerable as common AJAX solution. Worth a look – www.visualwebgui.com
#1
ICEsoft News Desk commented on 12 Sep 2007

ICEsoft Technologies, a leading provider of enterprise AJAX solutions, and the 'Gold Sponsor' of the upcoming AJAXWorld Conference & Expo 2007 West, announced the release of Enterprise Ajax Security with ICEfaces, a new white paper providing a pioneering solution to the security problem posed by rich Internet applications employing Ajax techniques. By using ICEfaces, the unique integrated Ajax application framework for Java EE, developers can leverage the trusted, proven security characteristics of Java EE, thereby avoiding the security gaps inherent in client-centric Ajax implementations.


Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021

SYS-CON Featured Whitepapers

ADS BY GOOGLE

Breaking Java News
Cavitation Technologies, Inc. -- Independent Research Report Released with $2.04 Price Target
Network Norway Implements Flash Networks' Data Optimization Solution to Enhance Mobile Broadband Data Services
Delta Offers Travel Assistance to Customers Affected by Hurricane Ida
The Nation's Mayors Commend House Passage of Health Reform Bill
Fujitsu Announces Free Access to Its Enhanced Cloud BPM Platform for Solution Providers and Enterprise Teams
ADVERTISE   |   MAGAZINE SUBSCRIPTIONS   |   FREE BREAKING-NEWSLETTERS!   |   SYS-CON.TV   |   BLOG-N-PLAY!   |   WEBCAST   |   EDUCATION   |   RESEARCH
.NET Developer's Journal - .NETDJ   |   ColdFusion Developer's Journal - CFDJ   |   Eclipse Developer's Journal - EDJ   |   Enterprise Open Source Magazine - EOS
Open Web Developer's Journal - OPENWEB   |   iPhone Developer's Journal - iPHONE   |   Virtualization - Virtualization   |   Java Developer's Journal - JDJ   |   Linux.SYS-CON.com
PowerBuilder Developer's Journal - PBDJ   |   SEO / SEM Journal - SJ   |   SOAWorld Magazine - SOAWM   |   IT Solutions Guide - ITSG   |   Symbian Developer's Journal - SDJ
WebLogic Developer's Journal - WLDJ   |   WebSphere Journal - WJ   |   Wireless Business & Technology - WBT   |   XML-Journal - XMLJ   |   Internet Video - iTV
Flex Developer's Journal - Flex   |   AJAXWorld Magazine - AWM   |   Silverlight Developer's Journal - SLDJ   |   PHP.SYS-CON.com   |   Web 2.0 Journal - WEB2
Apache   |   CMS   |   CRM   |   HP   |   Oracle Journal   |   Perl   |   Python   |   Red Hat   |   Ruby on Rails   |   SAP   |   SaaS
SYS-CON MEDIA:   ABOUT US   |   CONTACT US   |   COMPANY NEWS   |   CAREERS   |   SITE MAP
SYS-CON EVENTS:   |  AJAXWorld Conference & Expo  |  iPhone Developer Summit  |  Cloud Computing Conference & Expo  |  SOA World Conference & Expo  |  Virtualization Conference & Expo
INTERNATIONAL SITES:   India  |  U.K.  |  Canada  |  Germany  |  France  |  Australia  |  Italy  |  Spain  |  Netherlands  |  Brazil  |  Belgium
 Terms of Use & Our Privacy Statement     About Newsfeeds / Video Feeds
Copyright ©1994-2008 SYS-CON Publications, Inc. All Rights Reserved. All marks are trademarks of SYS-CON Media.
Reproduction in whole or in part in any form or medium without express written permission of SYS-CON Publications, Inc. is prohibited.
 
close this window