All too often, security is treated as an afterthought in our models. I'm as guilty of this as anyone. :) Now that HTTP is becoming the most popular protocol inside the enterprise, sending bad data across the wire becomes much easier. A hidden input field is not all that hidden.
Let's take everyone's second favorite fake business problem: Enrolling Students in Classes. Let's take it further and say we want to develop this as a SaaS product. It'll need to be a multi tenant application. There are lots of independent community colleges (
Institutions) out there and we don't want to run a VM or process per