Hacking Exposed J2EE & Java: Developing Secure Web Applications with Java Technology

Art Taylor has a masters degree in Information Technology and over 17 years experience in the computer industry. The majority of that experience was spent developing database applications for relational databases where security of business information assets was always an important concern. He has worked with Java since its inception, authoring one of the first technical books on the JDBC API, the "JDBC Developer's Resource" for Prentice Hall and authoring several other Java books since then. He has worked on a number of Web development projects using Java and has spent the last year teaching Java courses for Sun Microsystems. He is a Sun certified Java programmer and instructor. Brian Buege is an independent consultant with more than 11 years experience in the computer industry. He is a certified Java programmer and developer and a Sun Java Instructor. Randy Layman has more than 5 years of Java development experience with a focus on enterprise systems.

Part I: J2EE Architecture and Technology Introduction 1: The Java Basics: Security from the Ground Up 2: Introduction to JAAS, JCE, and JSSE 3: J2EE Architecture and Security Part II: Java Application and Network Security 4: Using Encryption and Authentication to Protect an Application 5: Software Piracy and Code Licensing Schemes 6: The Exposure of Bytecodes 7: Hacking Java Client-Server Applications: Another Tier to Attack 8: Java Network Applications: Potential Security Flaw Attacks Part III: J2EE Security on the Web and Business Tiers 9: This is .WAR: Exploiting Java Web Tier Components 10: Shaking the Foundation: Web Container Strengths and Weaknesses 11: Java Web Services Security 12: Enterprise Java Beans: Security for the Business Tier