File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Securing your website: A tough job, but someone’s got to do it Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Securing your website: A tough job, but someone’s got to do it" Watch "Securing your website: A tough job, but someone’s got to do it" New topic
Author

Securing your website: A tough job, but someone’s got to do it

H P Ng
Greenhorn

Joined: Sep 01, 2011
Posts: 7
So I read this article here:
Securing your website: A tough job, but someone’s got to do it

http://arstechnica.com/security/2013/02/securing-your-website-a-tough-job-but-someones-got-to-do-it/

Do you know of any books which discuss all the things mentioned about web security defense
as well as provide lots of code examples to illustrate what not to do and what to do for guidance.

If Java has reports of vulnerability problems almost every few weeks, what are the alternative that runs as fast?

I am a newbie when web coding is concern.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 60053
    
  65

H P Ng wrote:If Java has reports of vulnerability problems almost every few weeks, what are the alternative that runs as fast?

These vulnerabilities are only a concern if you are deploying Applets -- which, in my opinion, are outdated and obsolete to begin with.

[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
H P Ng
Greenhorn

Joined: Sep 01, 2011
Posts: 7
OK.
Since I have yet to code for web, what is replacing applets?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39547
    
  27
I think you misunderstood something about those "Java vulnerability reports" - those almost exclusively concern client-side Java, server-side Java isn't affected by that.

Amongst the books I would recommend to get up to speed are Secrets & Lies and AJAX Security.

(Edit: I see that Bear has already held forth on applets )


Ping & DNS - updated with new look and Ping home screen widget
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Securing your website: A tough job, but someone’s got to do it
 
Similar Threads
Securing Web Services
Book Promotion : Hacking Exposed: J2EE and Java
Metro + WS-Security
Security on Android
Using https for certain JSP