JSEE Technology page | Trainings and Courses

authorizations

Inquiry:

Which new feature of Solaris 11 will you appreciate most?

Network virtualization with CrossBow project (33%)

COMSTAR (Common Multiprotocol SCSI Target) (13%)

New Installation tools (22%)

ZFS new features (14%)

Integrated Network File System CIFS (18%)

Number of votes: 7

HOME COURSES COURSE CATALOG Java and Web services J2EE Technology

Developing Secure Web-Tier Applications (DTJ-3109)

Course ID : DTJ-3109 Duration : 2 days

The Developing Secure Web-Tier Applications Workshop course provides students with the knowledge to build web applications incorporating the Java Security Architecture to protect web site resources and authenticate users.

Select date

Course ID :
DTJ-3109

Price

Duration
2 days

	Book

Who Can Benefit

Java programming language developers with skills equivalent to that of a Sun Certified Web Component Developer, who are responsible for creating secure web sites. This is not a course for web page designers using Hypertext Markup Language (HTML), JavaScript technology, or other web presentation technologies.

Prerequisites

Write Java Web Applications using Java web-tier technologies:

Servlets, and JavaServer Pages (JSP)
Design Java applications that integrate existing Java code
Functionally describe the benefits of an n-tier architecture
Write a web page that uses HTML

Skills Gained

Understand the security risks faced by web applications
Examine a web application for security risks
Interact with Java keystores
Sign Java JAR files
Implement authentication in Java EE applications
Implement programmatic security in Java EE applications
Implement transport-layer security in Java EE applications
Configure security realms for Java EE application servers
Implement code that interacts with an LDAP server

Course Content

Module 1 - Security Basics

Describe the top 10 web-tier security risks
Describe key Java EE security concepts and standards
Describe Java EE architecture and its logical tiers
Describe web-tier security
Describe the container-based security model

Module 2 - Implementing Security Basics

Describe the basics of security
Describe keystores
Describe certificates

Module 3 - Implementing Declarative Security

Describe declarative security
Describe realms, users, groups,and roles
Compare basic and form-based authentication
Describe SSL

Module 4 - Implementing Programmatic Security

Describe programmatic security
Use getRemoteUser and getUserPrincipal to implement security in server side code
Use isUserInRole to implement security in server- side code

Module 5 - Other Security Realms

Describe the other realms available in the Application Server
Implement the Directory Server as a realm
Implement a relational database as a realm

Module 6 - Review the Top 10 Web-Tier Security Risks

Review the top 10 web-tier security risks in Java EE web applications
Describe best practices for securing Java EE web applications