Finding security defects with FindBugs
In this recipe, you will use FindBugs to discover a security flaw in a Java Server Page and some more security defects in a defective Java class.
Either follow the recipe Failing Jenkins Jobs based on JSP syntax errors, Chapter 3, Building Software, or use the provided project downloadable from the Packt website.
How to do it...
pom.xmlby just swapping the
<build>to include the
FindBugsplugin, by adding the following content:
<plugins> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findBugs-maven-plugin</artifactId> <version>2.3.3</version> <configuration> <FindBugsXmlOutput>true</FindBugsXmlOutput> <FindBugsXmlWithMessages>true</FindBugsXmlWithMessages> <effort>Max</effort> ...