Finding security defects with FindBugs

In this recipe, you will use FindBugs to discover a security flaw in a Java Server Page and some more security defects in a defective Java class.

Getting ready

Either follow the recipe Failing Jenkins Jobs based on JSP syntax errors, Chapter 3, Building Software, or use the provided project downloadable from the Packt website.

How to do it...

  1. Edit pom.xml by just swapping the<plugins> within<build> to include the FindBugs plugin, by adding the following content:
    <plugins> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findBugs-maven-plugin</artifactId> <version>2.3.3</version> <configuration> <FindBugsXmlOutput>true</FindBugsXmlOutput> <FindBugsXmlWithMessages>true</FindBugsXmlWithMessages> <effort>Max</effort> ...

Get Jenkins Continuous Integration Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.