Win a copy of Spark in Action this week in the Open Source Projects forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Resources for Section 6 : Secure Web Apps

 
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Could someone point me to some useful resources for this section? (especially section 6.1)


6.1 Identify correct descriptions or statements about the security issues:
* authentication, authorization
* data integrity
* auditing
* malicious code
* Web site attacks


Thanks in advance,
Prasanna.
SCJP2
 
Greenhorn
Posts: 17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Prasanna,
I found chapter 8 "Security" in the book Java Servlet Programming by Jason Hunter very helpful for this section. A good synopsis of the chapter can be found in Miftah Khan's Servet Notes in the SCWCD links page of this message board.
Regards,
Clark
 
Prasanna Wamanacharya
Ranch Hand
Posts: 143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Clark.
I had almost forgotten that I had a copy of Java Servlet Programming by Jason Hunter, because I have the 1st edition, and it is almost useless as a reference for the SCWCD exam as it covers the 2.0 spec.
I went through the 8th chapter on Security and found it useful. But what I probably need is a complete code example with deployment descriptor, which could illustrate the security issues, and how to utilize them.
Miftah Khan's notes does not talk about
* Malicious code
* Web site attacks
Any suggestions are welcome.
Thanks in advance,
Prasanna.
SCJP2
--------------------------------------------------------------------------
If I had eight hours to chop down a tree, I'd spend six sharpening my axe.
-Abraham Lincoln
--------------------------------------------------------------------------
 
I RELEASE YOU! (for now .... ) Feel free to peruse this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic