Modify an existing java web application that violates several payment

PLEASE READ ALL ASSIGNMENT TO ANSWER ALL QUESTIONS AND FOLLOW THE GRADING RUBRIC PROPERLY.

 

Read the homework4.pdf file to get all the diagrams that were missed below here

 

Review, Run and Understand the Sample Java Web application.
The current code, uses Java JSP and Servlets to allow a user to login to their account and view credit card data stored in the database.  The functionality is relatively simple but several PCI compliance rules have been violated that will prevent the application from being approved by a PCI software auditor. 
You should first load up the application, populate the database and make sure the application is working in your environment as expected. The application uses the Java Derby relational database. The script used to populate the application is attached in your project folder as well as the Java web project itself. You should be able to open the existing project using Netbeans. However; you may need to load the Derby drivers to the libraries for the project.
You can create a new database connection by clicking the services folder and then right mouse-click on Databases select new connection. You can then create a connection for the SDEV425 database. Below is a screen capture that represents my configuration.
 
2
 
 
There are some tutorials on the Internet on using the Derby database within Netbeans. (e.g. https://netbeans.org/kb/docs/ide/java-db.html) The key is making sure you have the drivers in the library of your project and you run the scrips to populate the tables.  To execute a command in the database from within Netbeans you right click the connection and select execute command. A window will then pop-up for that connection and you can execute any command, including all of those database scripts provided to you.
 
3
 
Once you have the database loaded, you can try the application. (This assumes you have properly installed the Java EE when you installed Netbeans).  
To launch the application, just highlight the java project you loaded (SDEV425_HW4) and click the green arrow. Once launched, your glassfish server will start and your default browser will be invoked. The application will automatically launch and the home page will be displayed.
 
 
You can (and definitely should) review the database script to see the current users and associated passwords. As a test, you can click the Sign in link and enter this account information
Email: [email protected] Password: mypassword
 
4
 
 
 
After successful sign-in you will see the welcome message displayed:
 
 
5
 
Clicking on the Your Account menu will display the credit card information.
 
 
Clicking on Sign out will invalidate the current session.
 
 
6
 
Be sure to demonstrate the application runs properly in your development environment.
Carefully, review the code and perform analysis as needed. You should experiment with running the application as well as reviewing the code to identify possible areas of security concerns. You don’t have to be an expert in JSP/Servlets, html or css to be able to find some of the issues that you have read about in the PCI documentation. However; it is recommended you experiment with the code so you have a baseline familiarity with the model and know how the JSP and servlets communicate with each other.
Focus on the PCI compliance issues found in sections 6 through 9 as you look for issues.  There are multiple issues and you should work to fix and document as many as possible.
Hints:
a. Make sure your Java EE Netbeans is working properly.  b. Work to get the Derby database populated and working with the SDEV425_HW4 Web application. c. Study and experiment with the code.  For example, even if you haven’t used CSS style sheets before you should be curious about how color schemes are used and how easily they can be changed in the css file. You should also note how the database connections are made and how JSP and servlets communicate. d. Again, start on this early. This will take you longer than you think.
 
Deliverables
Provide all of your modified Java code, your modified database script and a PDF document describing how you addressed each issue. You should clearly describe the code and what PCI compliance issue were violated and how you fixed it. You should provide screen captures as needed to support your findings and improvements.
Be sure your PDF document is neat, well-organized and is well-written with minimal spelling and grammar errors. All references used should be included in your document.

Get 20% Discount on This Paper
Pages (550 words)
Approximate price: -

Try it now!

Get 20% Discount on This Paper

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

Paper Helper has assembled a team of highly skilled writers with diverse experience in the online writing circles. Our aim is to become a one stop shop for all your Academic/ online writing. Check out below our amazing service!

Essays

Essay Writing Services

At Paper Helper, we prioritize on all aspects that creates a good grade such as impeccable grammar, proper structure, zero-plagiarism, and conformance to guidelines. The principal purpose of essay writing is to present the author's evaluation concerning a singular subject about which they have made. Since Professionalism is the mother of every success, try our team of experienced writers in helping you complete your essays and other assignments.

Admissions

Admission Papers

You have been trying to join that prestigious institution you long yearned for, but the hurdle of an admission essay has become a stumbling block. We have your back, with our proven team that has gained invaluable experience over time, your chance of joining that institution is now! Just let us work on that essay.How do you write an admission essay? How do you begin the essay? For answers, try Quality Custom Writers Now!

Editing

Editing and Proofreading

Regardless of whether you're pleased with your composing abilities, it's never an impractical notion to have a second eye go through your work. The best editing services leaves no mistake untouched. We recognize the stuff needed to polish up a writing; as a component of our editing and proofreading, we'll change and refine your write up to guarantee it's amazing, and blunder free. Our group of expert editors will examine your work, giving an impeccable touch of English while ensuring your punctuation and sentence structures are top-notch.

Coursework

Technical papers

We pride ourselves in having a team of clinical writers. The stringent and rigorous vetting process ensures that only the best persons for job. We hire qualified PhD and MA writers only. We equally offer our team of writers bonuses and incentives to motivate their working spirit in terms of delivering original, unique, and informative content. They are our resources drawn from diverse fields. Therefore your technical paper is in the right hands. Every paper is assessed and only the writers with the technical know-how in that field get to work on it.

Coursework

College Essay Writing

If all along you have been looking for a trustworthy college essay service provider that provides superb academic papers at reasonable prices, then be glad that you search has ended with us. We are your best choice! Get high-quality college essay writing from our magnificent team of knowledgeable and dedicated writers right now!

Coursework

Quality Assignment/Homework Help

We give the students premium quality assignments, without alarming them with plagiarism and referencing issues. We ensure that the assignments stick to the rules given by the tutors. We are specific about the deadlines you give us. We assure you that you will get your papers well in advance, knowing that you will review and return it if there are any changes, which should be incorporated.