
Developing Security-Enabled Applications • Chapter 11 491
will either retrieve the first user’s account or be denied access to the site
because the login information he enters does not match the information
in the certificate referenced on login.There goes functionality out the
window.
Finally, testing is required on how well the security measure you
implemented actually works.You need to know for sure that the security
you use renders your site impenetrable by unauthorized clients or at
least takes so much effort to penetrate that hackers don’t want to invest
the time or effort required.Trying to crack the security on your Web
application or penetrate ...