Finding security defects with FindBugs
In this recipe, you will use FindBugs to discover a security flaw in a Java server page and some more security defects in a defective Java class.
Either follow the Failing Jenkins jobs based on JSP syntax errors recipe in Chapter 3, Building Software, or use the provided project downloadable from the Packt Publishing website.
How to do it...
- Edit the
pom.xmlfile just under
<build>to include the FindBugs plugin and add the following content:
<plugins> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findBugs-maven-plugin</artifactId> <version>3.0.0</version> <configuration> <FindBugsXmlOutput>true</FindBugsXmlOutput> <FindBugsXmlWithMessages>true</FindBugsXmlWithMessages> ...