Secure your Java and J2EE applications--from the hacker's perspective

Application security is a highly complex topic with new vulnerabilities surfacing every day. Break-ins, fraud, sabotage, and DoS attacks are on the rise, and quickly evolving Java-based technology makes safeguarding enterprise applications more challenging than ever. Hacking Exposed J2EE & Java will show you, step-by-step, how to defend against the latest attacks by understanding the hacker's methods and thought processes. You'll gain insight through examples of real-world attacks, both ordinary and sophisticated, and get valuable countermeasures to protect against them. You'll also find an in-depth case study with Java and J2EE security examples and "actual working code incorporated throughout the book.

What you'll learn: The proven Hacking Exposed methodology to locate and patch vulnerable systems How to apply effective security countermeasures to applications which use the following Java enterprise technologies: Servlets and Java Server Pages (JSPs); Enterprise Java Beans (EJBs); Web Services; Applets; Java Web Start; Remote Method Invocation (RMI); Java Message Service (JMS) How to design a security strategy that extends throughout a multi-tiered J2EE architecture using J2SE 1.4 and J2EE 1.3 What common, but devastating, vulnerabilities exist within many J2EE applications How to use the J2EE security architecture to create secure J2EE applications How to use the Java security APIs, including the Java Authentication and Authorization Service (JAAS), the Java Cryptography Extension (JCE), and the Java Secure Socket Extension (JSSE) How to create applications that proactively defend against malicious users,content manipulation, and other attacks. Valuable tips for hardening J2EE applications based on the authors' expertise