AJAX - Security
AJAX Security: Server Side
AJAX-based Web applications use the same server-side security schemes of regular Web applications.
You specify authentication, authorization, and data protection requirements in your web.xml file (declarative) or in your program (programmatic).
AJAX-based Web applications are subject to the same security threats as regular Web applications.
AJAX Security: Client Side