Is application developed by servlet more secure than jsp?
[148 byte] By [green_grass123] at [2007-9-26 3:13:32] 
jsp has appeared, but someone still use servlet.Those reason is that servlet can make application higher security. Is it true?
No. Basically JSPs are servlets. The JSP compiler takes the JSP page and compiles it as Java servlet, nothing more, nothing less. In my opinion you cannot say that one is more secure than the other.
The reason why people still use servlets is perhaps that some (including me, sorry) came to the conclusion that JSPs are ****, because they still mix logic and presentation even if you make excessive use of tag libraries (what leeds you to a massive performace loss due to the often used introspection calls).
ProhaskaA at 2007-6-29 11:22:57 >
...And the reason I have switched to JSP from servlets is that they are far more flexible and they seperate the logic from the display far more than servlets do, so I can be a programmer and let the designers be designers. They are also as fast as servlets (logically they pretty much have to be) except on the first call, when they are as slow as snails.
If you combine JSPs with bean classes you find you have a very powerful very extensible solution.
Breakfast at 2007-6-29 11:22:57 >
Servlets are no more secure than JSPs, because JSPs are servlets - they're just another way of building the same thing. There is nothing you can do in a JSP that you can't do in a servlet or vice versa.
Why switch to or from JSPs or servlets? - you should be using both. Use servlets for heavy processing logic and JSPs for presentation (MVC pattern). That way you get maximum separation of logic and presentation. You can pretty much let HTML developers work normally, then come along afterwards and stick a little bit of Java code in the page to make it all dynamic. Better still, you can create easy-to-use custom tags that your HTML developers can easily understand without needing any programming experience. This leaves you free to work on the logic in the back-end.
mattbunch at 2007-6-29 11:22:57 >
I think I expressed something not as clear as I should have done. Sorry for this misunderstandings! Of course using only servlets is bad. When I said that I don't like JSPs I should have said: I don't like JSPs but prefer to use some template mechanism together with ordinary servlets to seperate between logic and presentation. JSPs do not enforce this since you can put Jave code into the JSP. Of course, you don't need to but you can...
ProhaskaA at 2007-6-29 11:22:57 >
Enterprise & Remote Computing New Topic
- weblogic ejbc error (very urgent)
- Problem in getiing From Id while receiving mail
- find and send solution urgent
- Sending Parameter and Data via POST to Servlet
- IIS either serve ASP or JSP at one time.......
- Difference betwen Web & Application server.
- DTD Creation using Java from XMLSchema
- How to create a mailbox like INBOX
Enterprise & Remote Computing Hot Topic
Enterprise & Remote Computing
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding