Building Blockchain Apps:
Rust and WebAssembly on the server-side:
Originally posted by Michael Yuan:
Does the "Hacking exposed" book discuss XML security for web services? Web services is becoming a major feature in most J2EE application servers ...
Brian Buege<br />Author of <a href="" target="_blank" rel="nofollow">Hacking Exposed J2EE & Java: Developing Secure Web Applications with Java Technology</a><br />Visit the <a href="" target="_blank" rel="nofollow">Companion Website</a>
Originally posted by Brian Buege:
Unfortunately standardization is somewhat lagging in the Web Services security arena, but in addition to showing sample code for what exists now, we have a short discussion of emerging specs like SAML and WS-Security.
Hope this helps!
Building Blockchain Apps:
Rust and WebAssembly on the server-side:
Originally posted by Michael Yuan:
Hi Brian,
Thanks for the response! Can you tell us a bit more about what standards/examples you covered in your book? I think you probably have given examples on XML Encryption and XML Digital Signature. What tools do you use (JWSDP does not build-in tools ...)? Do you discuss the binding between secure XML protocols and SOAP?
Thanks a lot.
Brian Buege<br />Author of <a href="" target="_blank" rel="nofollow">Hacking Exposed J2EE & Java: Developing Secure Web Applications with Java Technology</a><br />Visit the <a href="" target="_blank" rel="nofollow">Companion Website</a>
Originally posted by Brian Buege:
As a matter of fact, there's a whole chapter on Web Services security that deals with adding security to a sample application that uses JAX-RPC and the Sun WSDP.
I couldn't agree with you more that it's a growing field and that's why we decided to add a chapter and tons of code examples to the book!
Unfortunately standardization is somewhat lagging in the Web Services security arena, but in addition to showing sample code for what exists now, we have a short discussion of emerging specs like SAML and WS-Security.
Hope this helps!
Originally posted by Brian Buege:
However, it'd be cool for someone to write a book about these topics because they're definitely interesting and underrepresented in the literature (I'd buy it!). We just didn't have time to delve that deeply into something we felt a minority of our readers would be interested in (we could have been wrong here though)...
Additionally, on the humorous side, you mention "standards" for XML digital signatures, etc... I wasn't aware that any of these had cleared draft status yet...(Just kidding - In the web services arena a draft seems to be as good as a standard anyway...)
Building Blockchain Apps:
Rust and WebAssembly on the server-side:
Uncontrolled vocabularies
"I try my best to make *all* my posts nice, even when I feel upset" -- Philippe Maquet
Sanjay Jadhav<br />Sun Certified Programmer For Java 2 Platform
Don't get me started about those stupid light bulbs. |