J2EE Security for Servlets EJBS and Web Services (Hewlett-Packard Professional Books)

click here for more details, find new or used items	Pankaj Kumar New from £17.13 Used from £16.24 Pages: 464 (Paperback) ISBN: 0131402641 Pub: Prentice Hall Pub date: 2003-09-18 Amazon.co.uk Sales Rank: 453134

Reader Reviews:

Read this book as soon as you can (1/1 people found this helpful)

When one reads a specification, a chapter in a book or an online documentation on security, these are not the most typical sentences she/he thoughts: "I understand, it works, this is a really useful utility class, there is a good figure summarizes the process".
But this book surprised me in a good way. It answers real-world security problems, makes understandable the heavy security specifications of the application servers, and the accompanying web site contains a living forum, the source files of the book and a practical tool named JSTK to make life easier for java security programmers. JSTK consists of many short useful java programs and their sources.
Only one objection: the title of the book is not very lucky, 50 pct of the book is about j2se security and 50 pct is about j2ee security.

Thorough and clear guide to J2EE security (0/0 people found this helpful)

This is a very helpful book, both as an introduction to the various areas of Java security and in the detailed implementation of each one. It's already answered all my questions, and there's still plenty more to read.

Lots of Sample Code (7/7 people found this helpful)

Security is like spinach - it's good for you but not too many people like it. Most security books bore me to tears with page after page of description accompanying three lines of code. This book is different. This book is geared towards actual developers who are looking for not just explanations of security but useful examples showing how to make security work in their applications.

The first section of the book is an introduction to security in general and Java security in particular. The next section looks at the basic technologies and APIs used for encryption, authentication, and authorization. This section starts with a look into cryptography and covers JCA and JCE. It continues with coverage of digital certificates and then looks at controlling access to resources by using policy files. This section ends with a look at SSL and securing XML messages. The final section examines using these technologies in various J2EE applications such as RMI, Servlets, EJBs, and Web Services.

The explanations throughout the book are clear and easy to follow with plenty of code samples to demonstrate how to use the various APIs associated with security in Java programs. The best part of the book is the many code samples provided and the detailed descriptions accompanying these code samples. In addition, the author has provided a group of tools to assist with security development. Over all this is one of the best J2EE security books on the market.

Categories

Amazon.co.uk places this book into the following categories: