<pre>Author/s : Pankaj Kumar Publisher : Prentice Hall PTR Category :J2EE Review by : Thomas Paul Rating : 9 horseshoes</pre> Security is like spinach - it's good for you but not too many people like it. Most security books bore me to tears with page after page of description accompanying three lines of code. This book is different. This book is geared towards actual developers who are looking for not just explanations of security but useful examples showing how to make security work in their applications. The first section of the book is an introduction to security in general and Java security in particular. The next section looks at the basic technologies and APIs used for encryption, authentication, and authorization. This section starts with a look into cryptography and covers JCA and JCE. It continues with coverage of digital certificates and then looks at controlling access to resources by using policy files. This section ends with a look at SSL and securing XML messages. The final section examines using these technologies in various J2EE applications such as RMI, Servlets, EJBs, and Web Services. The explanations throughout the book are clear and easy to follow with plenty of code samples to demonstrate how to use the various APIs associated with security in Java programs. The best part of the book is the many code samples provided and the detailed descriptions accompanying these code samples. In addition, the author has provided a group of tools to assist with security development. Over all this is one of the best J2EE security books on the market.