| ||
In this chapter, we saw that the typical web application authorization model is based heavily on server-side ACLs (usually on file system objects) and authorization/session tokens (either off-the-shelf or custom-developed) that are vulnerable to several common attacks. Poorly implemented ACLs and tokens are easily defeated using common techniques to bypass, replay, spoof, fix, or otherwise manipulate authorization controls to masquerade as other users, including administrators. We also described several case studies that illustrated how such techniques can be combined to devastate web app authorization at multiple levels. Finally, we discussed the toolset available to web administrators and developers to counteract many of the basic techniques we described, as well as some broader "defense- in-depth " strategies that can help harden the overall security posture of a typical web application.
| ||