Hacking Exposed J2EE & Java: Developing Secure Web Applications with Java Technology - Softcover

Über die Autorinnen und Autoren

Art Taylor has a masters degree in Information Technology and over 17 years experience in the computer industry. The majority of that experience was spent developing database applications for relational databases where security of business information assets was always an important concern. He has worked with Java since its inception, authoring one of the first technical books on the JDBC API, the "JDBC Developer's Resource" for Prentice Hall and authoring several other Java books since then. He has worked on a number of Web development projects using Java and has spent the last year teaching Java courses for Sun Microsystems. He is a Sun certified Java programmer and instructor.

Brian Buege is an independent consultant with more than 11 years experience in the computer industry. He is a certified Java programmer and developer and a Sun Java Instructor.

Randy Layman has more than 5 years of Java development experience with a focus on enterprise systems.

Von der hinteren Coverseite

Secure your Java and J2EE applications--from the hacker's perspective

Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challenging than ever. Hacking Exposed J2EE & Java will show you, step-by-step, how to defend against the latest attacks by understanding the hacker's methods and thought processes. You'll gain insight through examples of real-world attacks, both ordinary and sophisticated, and get valuable countermeasures to protect against them. You'll also find an in-depth case study with Java and J2EE security examples and "actual working code incorporated throughout the book.

What you'll learn: The proven Hacking Exposed methodology to locate and patch vulnerable systems How to apply effective security countermeasures to applications which use the following Java enterprise technologies: Servlets and Java Server Pages (JSPs); Enterprise Java Beans (EJBs); Web Services; Applets; Java Web Start; Remote Method Invocation (RMI); Java Message Service (JMS) How to design a security strategy that extends throughout a multi-tiered J2EE architecture using J2SE 1.4 and J2EE 1.3 What common, but devastating, vulnerabilities exist within many J2EE applications How to use the J2EE security architecture to create secure J2EE applications How to use the Java security APIs, including the Java Authentication and Authorization Service (JAAS), the Java Cryptography Extension (JCE), and the Java Secure Socket Extension (JSSE) How to create applications that proactively defend against malicious users,content manipulation, and other attacks. Valuable tips for hardening J2EE applications based on the authors' expertise