Automotive Holiday Deals Books Holiday Gift Guide Shop Men's Cyber Monday Deals Week Learn more nav_sap_SWP_6M_fly_beacon Train egg_2015 Fire TV Stick Beauty Deals Gifts for Her Amazon Gift Card Offer mithc mithc mithc  Amazon Echo Starting at $49.99 Kindle Voyage Cyber Monday Video Game Deals Outdoor Deals on bgg

Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.

  • List Price: $54.95
  • Save: $8.04 (15%)
In Stock.
Ships from and sold by Gift-wrap available.
J2EE & Java: Developing S... has been added to your Cart
Condition: Used: Like New
Comment: Fast shipping from Amazon, and unbeatable customer service. Amazon Prime customers get free 2-day shipping. Millions of satisfied customers!
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

J2EE & Java: Developing Secure Web Applications with Java Technology (Hacking Exposed) Paperback – September 24, 2002

6 customer reviews

See all formats and editions Hide other formats and editions
New from Used from
"Please retry"
$2.57 $0.15

Best Books of the Year So Far
Looking for something great to read? Browse our editors' picks for 2015's Best Books of the Year in fiction, nonfiction, mysteries, children's books, and much more.
$46.91 FREE Shipping. In Stock. Ships from and sold by Gift-wrap available.

Editorial Reviews

From the Back Cover

Secure your Java and J2EE applications--from the hacker's perspective

Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challenging than ever. Hacking Exposed J2EE & Java will show you, step-by-step, how to defend against the latest attacks by understanding the hacker's methods and thought processes. You'll gain insight through examples of real-world attacks, both ordinary and sophisticated, and get valuable countermeasures to protect against them. You'll also find an in-depth case study with Java and J2EE security examples and actual working code incorporated throughout the book.

What you'll learn:

  • The proven Hacking Exposed methodology to locate and patch vulnerable systems
  • How to apply effective security countermeasures to applications which use the following Java enterprise technologies: Servlets and Java Server Pages (JSPs); Enterprise Java Beans (EJBs); Web Services; Applets; Java Web Start; Remote Method Invocation (RMI); Java Message Service (JMS)
  • How to design a security strategy that extends throughout a multi-tiered J2EE architecture using J2SE 1.4 and J2EE 1.3
  • What common, but devastating, vulnerabilities exist within many J2EE applications
  • How to use the J2EE security architecture to create secure J2EE applications
  • How to use the Java security APIs, including the Java Authentication and Authorization Service (JAAS), the Java Cryptography Extension (JCE), and the Java Secure Socket Extension (JSSE)
  • How to create applications that proactively defend against malicious users, content manipulation, and other attacks.
  • Valuable tips for hardening J2EE applications based on the authors' expertise

About the Author

Art Taylor (Flemington, NJ) has a masters degree in Information Technology and over 17 years experience in the computer industry. The majority of that experience was spent developing database applications for relational databases where security of business information assets was always an important concern. He has worked with Java since its inception, authoring one of the first technical books on the JDBC API, the "JDBC Developer's Resource" for Prentice Hall and authoring several other Java books since then. He has worked on a number of Web development projects using Java and has spent the last year teaching Java courses for Sun Microsystems. He is a Sun certified Java programmer and instructor. Paul Gier (Coconut Creek, FL) has more than 7 years experience in the IT industry, focusing on Java technology and has spent the last two years teaching Java technology across the US. Paul has worked as a software engineer at a number of firms using Java and various application servers. He is a certified Java Developer and Enterprise Architect as well as a Certified Cisco Network Associate. Brian Buege (McKinney, TX) has a master's degree in Computer Science and more than 11 years experience in the computer industry. Part of that experience was spent in the field of security planning, secure system development and security training for the US Army and US Army Reserve. He has taught computer science and mathematics at the college level, managed large development projects and computer services departments and provided Java instruction for Sun Microsystems. He is a certified Java programmer and developer and a Sun certified Java instructor.

Product Details

  • Series: Hacking Exposed
  • Paperback: 426 pages
  • Publisher: McGraw-Hill; 1st edition (September 24, 2002)
  • Language: English
  • ISBN-10: 0072225653
  • ISBN-13: 978-0072225655
  • Product Dimensions: 7.4 x 1 x 9.1 inches
  • Shipping Weight: 1.6 pounds (View shipping rates and policies)
  • Average Customer Review: 3.3 out of 5 stars  See all reviews (6 customer reviews)
  • Amazon Best Sellers Rank: #3,324,412 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

14 of 14 people found the following review helpful By Michiel Pelt on November 12, 2002
Format: Paperback
The book uses an example Java application which is intially very unsecure, and throughout the book the vulnerabilities of the example are discussed and countermeasures are written. Then the application is webenabled, creating new vulnerabilities which are fixed again, and so on. This way the complex material is covered in an easy accessible yet comprehensive way, without becoming lengthy. This book is a must have for any serious Java web developer interested in application security. Not recommended for beginners, though.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
6 of 6 people found the following review helpful By vaaesthete on March 15, 2004
Format: Paperback Verified Purchase
This book has some nice examples and is fairly complete, but some sections are basically a regurgitation of the java.sun web site!
In many technical books, it is common to find multiple authors, each writing a section based upon his/her expertise. Since each author has a specific writing style and personality, there is usually a person (or persons) charged with proofing and approving the sections as well as working to make the transitions seamless and consistent. This book was written by three different authors and it would appear to me that at least one of the authors turned in work that is remarkably similar to existing sources!
Here is a sample of the JCE section in HackingExposed:
"The Java Cryptography Extension (JCE) package provides a framework for encryption and decryption, key generation, key agreement, and MAC. Encryption allows symmetric, asymmetric, block, and stream ciphers, with additional support for secure streams and sealed objects."
Now here is the verbage from the website:
"The JavaTM Cryptography Extension (JCE) provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects."

To be fair, it appears that the problems are confined to the first section of the book. The final 2/3 of the book are closer to what I expect from the Hacking Exposed series.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
22 of 28 people found the following review helpful By Anders Thulin on February 6, 2003
Format: Paperback
If this book had been titled differently, I would have had no
reason for complaint: it gives a good introduction to Java
Security, and how to deploy it in various forms.

But it *is* titled 'Hacking Exposed'. That is now taken
to be an indication of a particular approach to security,
... The blurb acknowledges it: 'The proven Hacking Exposed
methodology' is the first thing mentioned under 'What You Learn'.

And I bought this title without second thought -- I have
nothing but praise for the previous books, and expected
to find the same approach and the same quality here.

In this book you find a lot of information on prevention, but
very little on actual vulnerabilities. As a result the
message is far less urgent. If I can demonstrate a 'hack'
the message gets across very quickly: we have to do something
about it now. But if all I can do is point to a text that
says 'attackers can potentially attach a debugger to our
application and watch the code as it runs', urgency is gone.

There's another point there as well: 'our application'.
Those words probably sum up the difference from, say, 'Hacking
Exposed Web Applications'. This book is not from the point of
view of the hacker that the previous books used so well to get
their message across. This is 'we', protecting our assets from
a considerably more nebulous hacker than has appeared earlier.

The difference is the same as between an actual security
incident on one hand, and the report of a threat analysis on
the other.

In short, this is not a Hacking Exposed book. It's a Java
Security Exposed book. As such it probably merits four stars.

But ...
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse