國立虎尾科技大學 |

The Definitive Guide to Security in Jakarta EE = Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /

紀錄類型:	書目-語言資料,印刷品 : Monograph/item
正題名/作者:	The Definitive Guide to Security in Jakarta EE/ by Arjan Tijms, Teo Bais, Werner Keil.
其他題名:	Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /
作者:	Tijms, Arjan.
其他作者:	Bais, Teo.
面頁冊數:	XVII, 638 p. 82 illus.online resource. :
Contained By:	Springer Nature eBook
標題:	Java (Computer program language). -
電子資源:	https://doi.org/10.1007/978-1-4842-7945-8
ISBN:	9781484279458

The Definitive Guide to Security in Jakarta EE = Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /
Tijms, Arjan.

The Definitive Guide to Security in Jakarta EESecuring Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /[electronic resource] :by Arjan Tijms, Teo Bais, Werner Keil. - 1st ed. 2022. - XVII, 638 p. 82 illus.online resource.

1: Security History -- 2: Jakarta EE Foundations -- 3: Jakarta Authentication -- 4: Jakarta Authorization -- 5: Jakarta Security -- 6: Java SE Underpinnings -- 7: EE Implementations -- 8: MicroProfile JWT -- Appendix A: Spring Security -- Appendix B: Apache Shiro -- Appendix C: Identity Management.

Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved.

ISBN: 9781484279458

Standard No.: 10.1007/978-1-4842-7945-8doiSubjects--Topical Terms:

686374
Java (Computer program language).

LC Class. No.: QA76.73.J38

Dewey Class. No.: 005.133

The Definitive Guide to Security in Jakarta EE = Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /
LDR:03367nam a22003855i 4500 001 1092745
003 DE-He213
005 20220413231804.0
007 cr nn 008mamaa
008 221228s2022 xxu| s |||| 0|eng d
020 $a 9781484279458 $9 978-1-4842-7945-8
024 7 $a 10.1007/978-1-4842-7945-8 $2 doi
035 $a 978-1-4842-7945-8
050 4 $a QA76.73.J38
072 7 $a UMX $2 bicssc
072 7 $a COM051280 $2 bisacsh
072 7 $a UMX $2 thema
082 0 4 $a 005.133 $2 23
100 1 $a Tijms, Arjan. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1205444
245 1 4 $a The Definitive Guide to Security in Jakarta EE $h [electronic resource] : $b Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More / $c by Arjan Tijms, Teo Bais, Werner Keil.
250 $a 1st ed. 2022.
264 1 $a Berkeley, CA : $b Apress : $b Imprint: Apress, $c 2022.
300 $a XVII, 638 p. 82 illus. $b online resource.
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
347 $a text file $b PDF $2 rda
505 0 $a 1: Security History -- 2: Jakarta EE Foundations -- 3: Jakarta Authentication -- 4: Jakarta Authorization -- 5: Jakarta Security -- 6: Java SE Underpinnings -- 7: EE Implementations -- 8: MicroProfile JWT -- Appendix A: Spring Security -- Appendix B: Apache Shiro -- Appendix C: Identity Management.
520 $a Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved.
650 0 $a Java (Computer program language). $3 686374
650 0 $a Programming languages (Electronic computers). $3 1127615
650 0 $a Data protection. $3 557764
650 1 4 $a Java. $3 1115949
650 2 4 $a Programming Language. $3 1365750
650 2 4 $a Data and Information Security. $3 1365785
700 1 $a Bais, Teo. $e author. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1400560
700 1 $a Keil, Werner. $e author. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1400561
710 2 $a SpringerLink (Online service) $3 593884
773 0 $t Springer Nature eBook
776 0 8 $i Printed edition: $z 9781484279441
776 0 8 $i Printed edition: $z 9781484279465
856 4 0 $u https://doi.org/10.1007/978-1-4842-7945-8
912 $a ZDB-2-CWD
912 $a ZDB-2-SXPC
950 $a Professional and Applied Computing (SpringerNature-12059)
950 $a Professional and Applied Computing (R0) (SpringerNature-43716)