I think there's a need for head first ease in explaining the depths of JCA, JAAS, JCE, java single sign ons, SSL in java and other acronyms out there.... sort of fortifications, moats, knights, tar (hot), crypts others... how java men defend against intruders, snorters, neanderthals, homo sapiens and the like....
Design patterns and OOAD are already HFed why not also for other solid topics like security...?
I am deeply interested in the areas of java security and I found that many of the questions that I put up in security forum remain unanswered for a long time.I had a hard time laerning JAAS,JCE and stuffs like that.
There has been some discussion of a general security book. I would say that it's on the list and it's a matter of finding the correct expert. Every couple of months we'll give an update of what's "in the pipeline", and we always appreciate this kind of request to help us determine what's important.
Spot false dilemmas now, ask me how!
(If you're not on the edge, you're taking up too much room.)