Even I am looking at Security certifications related to the programming - java and web application. Where you able to find any information on how useful are those and also any pointers where we can find the material to go over? Any inputs will be really appriciated.
If you haven't heard about security in Java (as you've referred maybe trying to refer Java SE) or in Java "web" is because you haven't read enough about Java yet.
There is no such thing as deep study related to security in any of these subjects because any possible breach found will be related to some protocol, infrastructure, operational system, etc that your software written using Java rely on.
What you might find is how-to define security constraints and programmatic security in servlet API. In EJB you might find role validation at metadata(annotation) level or programmatic to do some validation or operation that requires certain level of authorization. Using API's such as JAAS or any other will just take the abstraction higher, but the problems will be the same.
Session forgery, Sniffing, XHR Interception and replay, some exploit on top of some out-of-date protocol / server / software on the server, these are all problems addressed in any technology .. and I'm not talking about another practices such as DoS and so on, you could find a book that talk about this and you should use the mechanism you find that better suits your needs based on what you learn.
Hope it helps you!
Feel free to ask me anything!
www.BlackBeltFactory.com/ui#!/ref=jmotta, SCJP 6, OCWCD JEE5, OCE EJB JEE6
Who among you feels worthy enough to be my best friend? Test 1 is to read this tiny ad: