Finding security defects with FindBugs

In this recipe, you will use FindBugs to discover a security flaw in a Java server page and some more security defects in a defective Java class.

Getting ready

Either follow the Failing Jenkins jobs based on JSP syntax errors recipe in Chapter 3, Building Software, or use the provided project downloadable from the Packt Publishing website.

How to do it...

  1. Edit the pom.xml file just under <plugins> within <build> to include the FindBugs plugin and add the following content:
    <plugins> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findBugs-maven-plugin</artifactId> <version>3.0.0</version> <configuration> <FindBugsXmlOutput>true</FindBugsXmlOutput> <FindBugsXmlWithMessages>true</FindBugsXmlWithMessages> ...

Get Jenkins Continuous Integration Cookbook - Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.