國立虎尾科技大學 |

The Definitive Guide to Security in Jakarta EE = Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /

Record Type:	Language materials, printed : Monograph/item
Title/Author:	The Definitive Guide to Security in Jakarta EE/ by Arjan Tijms, Teo Bais, Werner Keil.
Reminder of title:	Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /
Author:	Tijms, Arjan.
other author:	Keil, Werner.
Description:	XVII, 638 p. 82 illus.online resource. :
Contained By:	Springer Nature eBook
Subject:	Data and Information Security. -
Online resource:	https://doi.org/10.1007/978-1-4842-7945-8
ISBN:	9781484279458

The Definitive Guide to Security in Jakarta EE = Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /
Tijms, Arjan.

The Definitive Guide to Security in Jakarta EESecuring Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /[electronic resource] :by Arjan Tijms, Teo Bais, Werner Keil. - 1st ed. 2022. - XVII, 638 p. 82 illus.online resource.

1: Security History -- 2: Jakarta EE Foundations -- 3: Jakarta Authentication -- 4: Jakarta Authorization -- 5: Jakarta Security -- 6: Java SE Underpinnings -- 7: EE Implementations -- 8: MicroProfile JWT -- Appendix A: Spring Security -- Appendix B: Apache Shiro -- Appendix C: Identity Management.

Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved.

ISBN: 9781484279458

Standard No.: 10.1007/978-1-4842-7945-8doiSubjects--Topical Terms:

1365785
Data and Information Security.

LC Class. No.: QA76.73.J38

Dewey Class. No.: 005.133

The Definitive Guide to Security in Jakarta EE = Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More /
LDR:03367nam a22003855i 4500 001 1092745
003 DE-He213
005 20220413231804.0
007 cr nn 008mamaa
008 221228s2022 xxu| s |||| 0|eng d
020 $a 9781484279458 $9 978-1-4842-7945-8
024 7 $a 10.1007/978-1-4842-7945-8 $2 doi
035 $a 978-1-4842-7945-8
050 4 $a QA76.73.J38
072 7 $a UMX $2 bicssc
072 7 $a COM051280 $2 bisacsh
072 7 $a UMX $2 thema
082 0 4 $a 005.133 $2 23
100 1 $a Tijms, Arjan. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1205444
245 1 4 $a The Definitive Guide to Security in Jakarta EE $h [electronic resource] : $b Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More / $c by Arjan Tijms, Teo Bais, Werner Keil.
250 $a 1st ed. 2022.
264 1 $a Berkeley, CA : $b Apress : $b Imprint: Apress, $c 2022.
300 $a XVII, 638 p. 82 illus. $b online resource.
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
347 $a text file $b PDF $2 rda
505 0 $a 1: Security History -- 2: Jakarta EE Foundations -- 3: Jakarta Authentication -- 4: Jakarta Authorization -- 5: Jakarta Security -- 6: Java SE Underpinnings -- 7: EE Implementations -- 8: MicroProfile JWT -- Appendix A: Spring Security -- Appendix B: Apache Shiro -- Appendix C: Identity Management.
520 $a Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved.
650 2 4 $a Data and Information Security. $3 1365785
650 2 4 $a Programming Language. $3 1365750
650 1 4 $a Java. $3 1115949
650 0 $a Data protection. $3 557764
650 0 $a Programming languages (Electronic computers). $3 1127615
650 0 $a Java (Computer program language). $3 686374
700 1 $a Keil, Werner. $e author. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1400561
700 1 $a Bais, Teo. $e author. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1400560
710 2 $a SpringerLink (Online service) $3 593884
773 0 $t Springer Nature eBook
776 0 8 $i Printed edition: $z 9781484279441
776 0 8 $i Printed edition: $z 9781484279465
856 4 0 $u https://doi.org/10.1007/978-1-4842-7945-8
912 $a ZDB-2-CWD
912 $a ZDB-2-SXPC
950 $a Professional and Applied Computing (SpringerNature-12059)
950 $a Professional and Applied Computing (R0) (SpringerNature-43716)