From the Back Cover
Secure your Java and J2EE applications--from the hacker's perspective
Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challenging than ever. Hacking Exposed J2EE & Java will show you, step-by-step, how to defend against the latest attacks by understanding the hacker's methods and thought processes. You'll gain insight through examples of real-world attacks, both ordinary and sophisticated, and get valuable countermeasures to protect against them. You'll also find an in-depth case study with Java and J2EE security examples and actual working code incorporated throughout the book.
What you'll learn:
- The proven Hacking Exposed methodology to locate and patch vulnerable systems
- How to apply effective security countermeasures to applications which use the following Java enterprise technologies: Servlets and Java Server Pages (JSPs); Enterprise Java Beans (EJBs); Web Services; Applets; Java Web Start; Remote Method Invocation (RMI); Java Message Service (JMS)
- How to design a security strategy that extends throughout a multi-tiered J2EE architecture using J2SE 1.4 and J2EE 1.3
- What common, but devastating, vulnerabilities exist within many J2EE applications
- How to use the J2EE security architecture to create secure J2EE applications
- How to use the Java security APIs, including the Java Authentication and Authorization Service (JAAS), the Java Cryptography Extension (JCE), and the Java Secure Socket Extension (JSSE)
- How to create applications that proactively defend against malicious users, content manipulation, and other attacks.
- Valuable tips for hardening J2EE applications based on the authors' expertise