• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Does anyone know a good reference on how to design application in terms of security?

 
Peter Primrose
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi there,

I�m looking for a book/website anything that can enhance my ability to design security applications in terms of authentication and authorization. I mean, how to set �Groups� of users and to allow/disallow them to use certain functionalities, how to set LEVEL of users, how to log all events, etc�

Thanks
 
Cameron Wallace McKenzie
author and cow tipper
Saloon Keeper
Posts: 4968
1
Hibernate Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This is the book I most highly recommend:

Core Security Patterns: Best Practices and Strategies for J2EE(TM), Web Services, and Identity Management

One of these two books will complete the package though:

Enterprise Java 2 Security: Building Secure and Robust J2EE Applications

or

J2EE Security for Servlets, EJBs, and Web Services

Have fun securing those resources!

-Cameron McKenzie
[ November 10, 2006: Message edited by: Cameron W. McKenzie ]
 
Peter Primrose
Ranch Hand
Posts: 755
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thanks Cameron,
I sniffed around and learned something about JAAS (and jLuck). I wonder if this is something worth consideration?

thanks
 
Kaydell Leavitt
Ranch Hand
Posts: 689
Eclipse IDE Firefox Browser Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For Java SE, as opposed to Java EE, you might want to look at:

"Core Java, Volume II", this book has an overview of security for Java SE applications.

There is a whole book on security, I think only for Java SE as well, called "Inside Java 2 Platform Security" Second Edition.

Both of these books are "From the Source", i.e. from Sun.

-- Kaydell
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic