views:

39

answers:

1

Has anyone in the stackoverflow community ever studied the security characteristics of various J2EE frameworks? I would love to understand what framework best aligns with the Web Application Security Framework Manifesto http://labs.securitycompass.com/papers/secure-web-application-framework-manifesto-v0-08.pdf

+2  A: 

I would use either Struts 2, or Spring. The security manifesto you say is just a standard. The truth is both frameworks are actively developed. If one presents any security issues, it's pretty sure the developers will work to fix it ASAP.

If you choose Spring, you can use Struts too.

pabiagioli