Are there labs that explain how I could feel confident that I wouldn't be hacked in the book? That's going to be my charge, and frankly I'm quaking, since I'm a developer, not a server admin. Usually increasing security means turning off, deleting, etc, things I'm not using, but I've not done any of that... just did the password on the admin console... that was in the JBoss docs, that's it. I'd like to have someone else to blame ;-) if things go wrong. Good news, though, nothing interesting or valuable at all at the site, so we'll likely be overlooked.
Read chapter 9: Rolling Out JBoss. It will show you how to secure a JBoss instance and get it ready to be rolled out in production. That doesn't guarantee your OS is secure and it doesn't guarantee your application isn't faulty. But, it should help you make sure your JBoss instance is correctly secured.
Joined: Mar 22, 2004
Thanks. I downloaded it. Lots of references to earlier chapters, but hopefully I can work through those (or win the book here, ha!). I'd buy it myself, but my employer really should be the one to buy it. My employers is so cheap (how cheap are they?), they are so cheap that they refused to pay $20 for headphones to drown out the fifty 70's songs they play over and over and over and over, day after day, week after week. Now I know what hell would be for me: 7/24 Bee Gees. But I digress.