Web Server supports a wide variety of technologies that allow data encryption and validation, request authentication, and server process protection. Key security feature enhancements include the following:
Solaris 10 platform cryptographic framework support. For example, libpkcs11.so including support for UltraSPARC® T1 processor hardware acceleration.
Denial of Service (DoS) attack protection enhancements.
Crosssite scripting protection through the native sed(1) based input filtering. For information about cross site scripting, see Preventing Cross Site Scripting Attacks in Sun Java System Web Server 7.0 Update 4 Administrator’s Guide.
Web services security:
Integrated Platform for Privacy Preferences (P3P) support.
Web-based Distributed Authoring and Versioning (WebDAV) access control support.
The Lightweight Directory Access Protocol (LDAP) auth-db is enhanced to make search expressions and match attributes configurable.
The LDAP auth-db supports Microsoft Active Directory interoperability.
Support for migration of certificate from Tomcat or other Java keystore file based repositories.
Support for dynamically applied Certificate Revocation Lists (CRLs).
Integrated IPv6 support.