I've read about half of Pro Spring and for the most part, I think it's an excellent book. Nice job, Rob and Jan. As for security, it is not addressed at all in the book except for the following excerpt:
"Although we have not discussed application security in any detail in this book, it is still a very important topic. Traditionally, a J2EE application utilizes the security features provided by the container to secure an application at both the servlet and EJB levels..."
It would have been nice if they had covered some security techniques, but I understand their decision to leave it out. It's still a great book. [ February 22, 2005: Message edited by: Andrew Patzer ]
Andrew Patzer<br /> <br />Author of: <br /> <br /><a href="http://www.amazon.com/exec/obidos/ASIN/1590590201/ref=ase_electricporkchop/103-9402848-9855031" target="_blank" rel="nofollow">JSP Examples and Best Practices</a><br /> <br /><a href="http://www.amazon.com/exec/obidos/tg/detail/-/1590594118/qid=1109107718/sr=1-7/ref=sr_1_7/104-5148852-3564711?v=glance&s=books" target="_blank" rel="nofollow">Foundations of JSP Design Patterns</a>