J2EE & Java: Developing Secure Web Applications with Java Technology (Hacking Exposed) - Softcover

From the Back Cover

Secure your Java and J2EE applications--from the hacker's perspective

Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challenging than ever. Hacking Exposed J2EE & Java will show you, step-by-step, how to defend against the latest attacks by understanding the hacker's methods and thought processes. You'll gain insight through examples of real-world attacks, both ordinary and sophisticated, and get valuable countermeasures to protect against them. You'll also find an in-depth case study with Java and J2EE security examples and "actual working code incorporated throughout the book.

What you'll learn: The proven Hacking Exposed methodology to locate and patch vulnerable systems How to apply effective security countermeasures to applications which use the following Java enterprise technologies: Servlets and Java Server Pages (JSPs); Enterprise Java Beans (EJBs); Web Services; Applets; Java Web Start; Remote Method Invocation (RMI); Java Message Service (JMS) How to design a security strategy that extends throughout a multi-tiered J2EE architecture using J2SE 1.4 and J2EE 1.3 What common, but devastating, vulnerabilities exist within many J2EE applications How to use the J2EE security architecture to create secure J2EE applications How to use the Java security APIs, including the Java Authentication and Authorization Service (JAAS), the Java Cryptography Extension (JCE), and the Java Secure Socket Extension (JSSE) How to create applications that proactively defend against malicious users,content manipulation, and other attacks. Valuable tips for hardening J2EE applications based on the authors' expertise

About the Author

Art Taylor (Flemington, NJ) has a masters degree in Information Technology and over 17 years experience in the computer industry. The majority of that experience was spent developing database applications for relational databases where security of business information assets was always an important concern. He has worked with Java since its inception, authoring one of the first technical books on the JDBC API, the "JDBC Developer's Resource" for Prentice Hall and authoring several other Java books since then. He has worked on a number of Web development projects using Java and has spent the last year teaching Java courses for Sun Microsystems. He is a Sun certified Java programmer and instructor. Paul Gier (Coconut Creek, FL) has more than 7 years experience in the IT industry, focusing on Java technology and has spent the last two years teaching Java technology across the US. Paul has worked as a software engineer at a number of firms using Java and various application servers. He is a certified Java Developer and Enterprise Architect as well as a Certified Cisco Network Associate. Brian Buege (McKinney, TX) has a master's degree in Computer Science and more than 11 years experience in the computer industry. Part of that experience was spent in the field of security planning, secure system development and security training for the US Army and US Army Reserve. He has taught computer science and mathematics at the college level, managed large development projects and computer services departments and provided Java instruction for Sun Microsystems. He is a certified Java programmer and developer and a Sun certified Java instructor.