Customer Review

46 of 57 people found the following review helpful
1.0 out of 5 stars Well written but of little actual value, February 3, 2005
This review is from: Effective Enterprise Java (Paperback)
I feel kind of lonely here; everyone else seemed to love this book. Looking at the table of contents, I was very excited when I started reading the book. However, while reading it cover to cover I slowly became more and more dis-illusioned with it.

The book is divided up into a number of recommendations, called items, in a manor similar to Effective C++ and Practical Java. The problem is that most of the items appear to fall into one of a few general catagories:

1) Intro level generalities of good design for the web.

e.g.

- pass data in bulk - multiple asynchronous calls out of process are more expensive than one big call

- make deployment as simple as possible - exactly what it says!

- use [...] sparingly - this is web application design 101

- always validate user input - my personal favorite; who today is not validating user input received from the web?

2) Using a pair of items to represent a classic design best practice.

e.g.

- Lazy-load infrequently used data & Eager-load frequently used data

- Consider using optimistic concurrency for better scalability & Consider using pessimistic concurrency for explicit concurrency control

3) Re-statements of some of the principals of secure coding

e.g.

- Security is a process, not a product

- Remember that security is not just prevention, aka "fail securely"

- Assume insecurity, aka "grant minimal trust necessary"

- Establish a threat model

My copy of this book has long been in the trash. Save your money. Here are a couple of free online articles to get you started:

Secure coding: [...]

Article on stopping SQL injection: [...]
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

[Add comment]
Post a comment
To insert a product link use the format: [[ASIN:ASIN product-title]] (What's this?)
Amazon will display this name with all your submissions, including reviews and discussion posts. (Learn more)
Name:
Badge:
This badge will be assigned to you and will appear along with your name.
There was an error. Please try again.
Please see the full guidelines here.

Official Comment

As a representative of this product you can post one Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
The following name and badge will be shown with this comment:
 (edit name)
After clicking the Post button you will be asked to create your public name, which will be shown with all your contributions.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.  Learn more
Otherwise, you can still post a regular comment on this review.

Is this your product?

If you are the author, artist, manufacturer or an official representative of this product, you can post an Official Comment on this review. It will appear immediately below the review wherever it is displayed.   Learn more
 
System timed out

We were unable to verify whether you represent the product. Please try again later, or retry now. Otherwise you can post a regular comment.

Since you previously posted an Official Comment, this comment will appear in the comment section below. You also have the option to edit your Official Comment.   Learn more
The maximum number of Official Comments have been posted. This comment will appear in the comment section below.   Learn more
Prompts for sign-in
 

Comments


Sort: Oldest first | Newest first
Showing 1-1 of 1 posts in this discussion
Initial post: Jan 23, 2007 1:52:00 AM PST
Yujun Liang says:
You are not alone. I totally agree with you.
‹ Previous 1 Next ›

Review Details

Item

Reviewer


Location: Beaverton, OR USA

Top Reviewer Ranking: 2,451,929