Win a copy of 97 Things Every Java Programmer Should Know this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

Resources for Section 6 : Secure Web Apps

 
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Could someone point me to some useful resources for this section? (especially section 6.1)


6.1 Identify correct descriptions or statements about the security issues:
* authentication, authorization
* data integrity
* auditing
* malicious code
* Web site attacks


Thanks in advance,
Prasanna.
SCJP2
 
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Prasanna,
I found chapter 8 "Security" in the book Java Servlet Programming by Jason Hunter very helpful for this section. A good synopsis of the chapter can be found in Miftah Khan's Servet Notes in the SCWCD links page of this message board.
Regards,
Clark
 
Prasanna Wamanacharya
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Clark.
I had almost forgotten that I had a copy of Java Servlet Programming by Jason Hunter, because I have the 1st edition, and it is almost useless as a reference for the SCWCD exam as it covers the 2.0 spec.
I went through the 8th chapter on Security and found it useful. But what I probably need is a complete code example with deployment descriptor, which could illustrate the security issues, and how to utilize them.
Miftah Khan's notes does not talk about
* Malicious code
* Web site attacks
Any suggestions are welcome.
Thanks in advance,
Prasanna.
SCJP2
--------------------------------------------------------------------------
If I had eight hours to chop down a tree, I'd spend six sharpening my axe.
-Abraham Lincoln
--------------------------------------------------------------------------
 
Arthur, where are your pants? Check under this tiny ad.
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic