Added general question on other security concerns

2008-07-01 21:00:30 +00:00 · 2008-07-01 21:00:30 +00:00 · e1fcacbca5
parent bf45ff94e7
commit e1fcacbca5
1 changed files with 15 additions and 0 deletions
--- a/src/site/fml/faq.fml
+++ b/src/site/fml/faq.fml
@ -4,6 +4,21 @@

    <part id="general">
    <title>General</title>
+    	
+    <faq id="other-concerns">
+    	<question>Will Spring Security take care of all my application security requirements?</question>
+    	<answer>
+    		<p>Spring Security provides you with a very flexible framework for
+    			your authentication and authorization requirements, but there are many other considerations
+    			for building a secure application that are outside its scope. Web applications are
+    			vulnerable to all kinds of attacks which you should be familiar with, preferably before you 
+    			start development so you can design and code with them in mind from the beginning. 
+    			Check out the <a href="http://www.owasp.org/">OWASP web site</a>
+    			for information on the major issues facing web application developers and the countermeasures
+    			you can use against them.
+    		</p>
+    	</answer>
+    </faq>
    <faq id="web-xml">
 	    <question>Why not just use web.xml security?</question>
 	    <answer>