Enterprise Java(TM) Security: Building Secure J2EE(TM) Applications

"For a long time, there has been a need for a J2EE security book. I am very happy to see there is now a book that can answer many of the technical questions that developers, managers, and researchers have about such a critical topic. I am sure that this book will contribute greatly to the success of the J2EE platform and e-business." --From the Foreword by Steven A. Mills, Senior Vice President and Group Executive, Software Group, IBM Corporation Enterprise Java Security: Building Secure J2EE Applications provides application developers and programmers with the know-how they need to utilize the latest Java security technologies in building secure enterprise infrastructures. Written by the leading Java security experts at IBM, this comprehensive guide covers the current status of the Java 2 Platform, Enterprise Edition (J2EE), and Java 2 Platform, Standard Edition (J2SE ), security architectures and offers practical solutions and usage patterns to address the challenges of Java security.To aid developers who need to build secure J2EE applications, Enterprise Java Security covers at length the J2EE security technologies, including the security aspects of servlets, JavaServer Pages(TM) (JSP ), and Enterprise JavaBeans (EJB )--technologies that are at the core of the J2EE architecture. In addition, the book covers Web Services security. Examples and sample code are provided throughout the book to give readers a solid understanding of the underlying technology. The relationship between Java and cryptographic technologies is covered in great detail, including: *Java Cryptography Architecture (JCA) *Java Cryptography Extension (JCE) *Public-Key Cryptography Standards (PKCS) *Secure/Multipurpose Internet Mail Extensions (S/MIME) *Java Secure Socket Extension (JSSE)