Does anyone have any good references regarding
developing a public internet login system that would allow a user to assign
his/her own login name and password/pin. I've spent all of my
Java/JSP career doing internal intranet web sites for companies looking to
disseminate information to their employee's, and/or internally within their own
organizations. Therefore, I have never really had to focus on the security
issues surrounding a public internet site, and the issues surrounding new
users to create their own user id's and
passwords.
The server will be Windows 2000, using IIS 5.0 and JRUN
3.1 configured together to handle html and jsp pages. If anyone has
any good references or advice regarding what to do/what not to do while
developing a public internet site, I would be grateful. The gentleman
I am doing this site for was hit hard by the events of Sept 11, and since he
cannot afford to bring someone else on board who has this type of experience, he
has asked me to do what I can for him. This will be a
"prototype" site that he will use to try and lure new prospective
customers to his business. Any advice or lessons learned regarding the
development of this type web product, and the security issues surrounding a
public web site and user login/password creation, would also be
appreciated.
My thanks in advance for all
advice/suggestions/references.
Celeste Haseltine, PE
MTL
|