...
- Assuming objects are immutable
- Basing security checks on untrusted sources
- Ignoring changes to superclasses
- Neglecting to validate inputs
- Misusing public static variables
- Believing a constructor exception destroys
the object
This powerpoint presentation comes for JavaOne 2006 Entitled 'Common Java Security Anti-patterns'. It contains code examples of each of the above antipatterns.