YOUR FEEDBACK
HP Tipped To Buy EDS To Level Playing Field with IBM
Adam Hartung wrote: Merging the lousy performing EDS with the weak HP serv...
May. 14, 2008 04:11 PM
SOA World Conference
Virtualization Conference
$200 Savings Expire May 16, 2008... – Register Today!
Did you read today's front page stories & breaking news?
SYS-CON.TV: RIA Shoot-Out! AJAX, Flex, Silverlight, and JavaFX

SYS-CON.TV

2007 West
GOLD SPONSORS:
Active Endpoints
Your SOA Needs BPEL for Orchestration
BEA
Virtualized SOA: Adaptive Infrastructure for Demanding Applications
Nexaweb
Overcoming Bandwidth Challenges with Nexaweb
TIBCO
What is Service Virtualization?
SILVER SPONSORS:
WSO2
Using Web Services Technologies and FOSS Solutions
Click For 2007 East
Event Webcasts

2008 East
PLATINUM SPONSORS:
Appcelerator
Think Fast: Accelerate AJAX Development with Appcelerator
GOLD SPONSORS:
DreamFace Interactive
The Ultimate Framework for Creating Personalized Web 2.0 Mashups
ICEsoft
AJAX and Social Computing for the Enterprise
Kaazing
Enterprise Comet: Real–Time, Real–Time, or Real–Time Web 2.0?
Nexaweb
Now Playing: Desktop Apps in the Browser!
Sun
jMaki as an AJAX Mashup Framework
POWER PANELS:
The Business Value
of RIAs
What Lies Beyond AJAX?
KEYNOTES:
Douglas Crockford
Can We Fix the Web?
Anthony Franco
2008: The Year of the RIA
Click For 2007 Event Webcasts
TOP THREE LINKS YOU MUST CLICK ON


AJAXWorld News Desk
New ICEfaces White Paper Details Robust Security Solution For AJAX-Based Rich Web Applications
ICEsoft is the "Gold Sponsor" of upcoming AJAXWorld Conference & Expo

By: RIA News Desk
Sep. 14, 2007 09:15 PM
Digg This!

ICEsoft Technologies, a leading provider of enterprise AJAX solutions, and the "Gold Sponsor" of the upcoming AJAXWorld Conference & Expo 2007 West, announced the release of Enterprise Ajax Security with ICEfaces, a new white paper providing a pioneering solution to the security problem posed by rich Internet applications employing Ajax techniques. By using ICEfaces, the unique integrated Ajax application framework for Java EE, developers can leverage the trusted, proven security characteristics of Java EE, thereby avoiding the security gaps inherent in client-centric Ajax implementations.

Typical Ajax techniques violate the fundamental security rule of the Web security modeldont trust the client, noted Stephen Maryka, Chief Technology Officer of ICEsoft Technologies Inc. and author of the white paper. Client-centric Ajax creates a number of security problems for the enterprise, from business logic residing outside the server environment, to multiple sets of validation logic necessary to verify data being submitted back to server-side applications. By using the inherent, existing security of Java EE, these issues are sidestepped without compromising the performance or convenience made possible with rich Web solutions.

Ajaxifying JSF
While security has always been a hallmark of Java EE (Enterprise Edition), a link must be established between the Java environment and Ajax. JavaServer Faces (JSF), the most recent addition to the Java EE stack, combined with ICEfaces, provides the solution.

As explained in the white paper, ICEfaces can be used to establish Ajax functionality in JSF without compromising the server-centric nature of the Java EE framework. ICEfaces offers a lightweight Ajax Bridge that enables both partial data submission from the user, and incremental DOM updates to the browser client. The partial submit mechanism is built into the ICEfaces component suite, so the developer has control over the mechanism on a component level basis; on the return side, the framework uses a technique called Direct-to-DOM rendering with incremental update to distill only those DOM changes necessary to update the Web page.

Enterprise Ajax Security with ICEfaces convincingly shows how Ajaxifying JSF can provide the security required for rich Web applications. By using ICEfaces, developers can create apps that are completely server-centric, thereby removing the need for client-side business logic and application data. Validation is also handled exclusively on the server, so there are no mismatches or inconsistencies that may open a security hole. Other strategic security advantages are also detailed.

The seven-page ICEsoft paper includes charts, point-by-point discussions of Ajax security gaps and how those challenges can be met through the JSF-ICEfaces implementation. To download the free paper, simply log on to

http://www.icefaces.org/main/resources/whitepapers.iface.

For more information please contact Serena Thomas at SSPR 847-415-9312 sthomas@sspr.com

Published Sep. 14, 2007 — Reads 12,305
Copyright © 2008 SYS-CON Media. All Rights Reserved.
Related Stories
▪ ICEsoft Joins OpenAjax, Focuses on Back-End Issues
▪ ICEsoft Releases Thin Client AJAX and AJAX Push Technology
▪ ICEsoft Open Sources ICEfaces Enterprise AJAX Platform for Java EE
▪ AJAX Solutions Provider ICEsoft Joins BEA Partner Program
▪ Steve Maryka of ICESoft
▪ ICESoft Embraces AJAX, Discusses Vision on SYS-CON.TV
▪ ICEsoft's Web 2.0 Solution Integrates with JBoss Seam
▪ ICEsoft Named "Gold Sponsor" of AJAXWorld Conference & Expo
▪ ICEfaces + Liferay = Rich User Experience and Developer Simplicity
▪ "RIAs in Action" Track at AJAXWorld Conference & Expo 2007 West
▪ ICEfaces and Mobile AJAX for the iPhone at AJAXWorld Conference & Expo
About RIA News Desk
Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

navot wrote: I would like to draw your attention to an AJAX paradigm shift. One should be aware that I am not, and do not pretend to be objective. Visual WebGui is an open source rapid application development framework for graphic user interfaces of IT web applications. It replaces the obsolete paradigms of ASP.NET which were designed for developing sites, with WinForms methodologies, which were designed for developing applications. Thus enabling designer that was designed for application.This provides the developer with an extremely efficient way to design interfaces using drag and drop instead of hand coding HTML. VWG doesn’t expose logic, data or open services on client requests and therefore is not as vulnerable as common AJAX solution. Worth a look – www.visualwebgui.com
read & respond »
ICEsoft News Desk wrote: ICEsoft Technologies, a leading provider of enterprise AJAX solutions, and the 'Gold Sponsor' of the upcoming AJAXWorld Conference & Expo 2007 West, announced the release of Enterprise Ajax Security with ICEfaces, a new white paper providing a pioneering solution to the security problem posed by rich Internet applications employing Ajax techniques. By using ICEfaces, the unique integrated Ajax application framework for Java EE, developers can leverage the trusted, proven security characteristics of Java EE, thereby avoiding the security gaps inherent in client-centric Ajax implementations.
read & respond »
LATEST AJAXWORLD STORIES
Facelift Your SOA with Rich Internet Applications
By SOA World Magazine News Desk
We are entering an era of Rich Internet Applications (RIA) and enhancing the user experience of consumers of the services becomes an important part in designing and implementing SOA. But if you decide to develop rich clients, you'll be facing the dilemma - which way to go - remai
May. 14, 2008 09:00 AM
JavaOne 2008: Sun Talks Up its Late-to-the-Party AIR-Silverlight Rival
By Maureen O'Gara
At Java One this week Sun has been selling its year -old-but-still-upcoming - and definitely late-to-the-party - Adobe AIR- and Microsoft Silverlight-competitive JavaFX Rich Client environment as a potential revenue-generator capable of putting ads on mobile applications and JavaF
May. 14, 2008 01:45 AM
Exclusive Q&A with Jeff Haynie, Co-Founder & CEO, Appcelerator
By Jeremy Geelan
'We're dedicated to building the largest open-source community dedicated to RIAs, breaking down the barriers between traditional preferred languages, programming models and solutions,' says the co-founder & CEO of Appcelerator, Jeff Haynie, in this Exclusive Q&A with Jeremy Geela
May. 13, 2008 10:00 AM
How To Launch a Successful Technology Start-Up
By Jeremy Geelan
'Ten years ago,' Coach Wei tells Jeremy Geelan in this exclusive interview with AJAXWorld Magazine, 'I was as a poor graduate student naive enough to start a company at the bottom of the 'dot-bomb' burst. I learned so much coping with the 'nuclear winter,' raising $18M in financi
May. 13, 2008 09:00 AM
frevvo Empowers Businesses to Create RIAs With New Live Forms Software
By RIA News Desk
frevvo announced Live Forms software which enables users and developers to easily create rich AJAX forms with built-in business capabilities. Live Forms provides a complete Web-based design experience that can be embedded into any application and is ideal for Enterprise Social So
May. 12, 2008 03:15 PM
SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
SUBSCRIBE TO OUR RSS FEEDS & GET YOUR SYS-CON NEWS LIVE!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021
SYS-CON FEATURED WHITEPAPERS

MOST READ THIS WEEK
Beyond AJAX to the Rich Internet Application & Rich Interactive Experience Era
By Jeremy Geelan
Exclusive Q&A with Jeff Haynie, Co-Founder & CEO, Appcelerator
By Jeremy Geelan
How To Launch a Successful Technology Start-Up
By Jeremy Geelan
A Look at Some Heavy Hitters and Newcomers in the RIA Market
By Kevin Whinnery
Anthony Franco's AJAXWorld Keynote - "RIAs Are Only Valuable If They Are Useful"
By RIA News Desk
AJAX World - Who Will Win the Next Battle for the Desktop?
By Richard Monson-Haefel
AJAX World - Curl Launches Adobe AIR Competitor
By RIA News Desk
Why Is an Enterprise RIA Platform Different?
By Richard Treadway
AJAX World - Adobe Flex 4 Is Shaping Up
By Yakov Fain
Good News for AJAX – The Browser Wars Are Back!
By Jon Ferraiolo
WaveMaker Introduces Visual AJAX for Mac
By RIA News Desk
AJAX and Open Source Communities Must "Liberate" the HTML Web from the Unweb
By Christopher Keene
ADS BY GOOGLE