The definitive guide to security in Jakarta EE: securing Java-based enterprise applications with Jakarta security, authorization, authentication and more
Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and...
Gespeichert in:
| Beteiligte Personen: | , , |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | Englisch |
| Veröffentlicht: |
New York, NY
Apress
[2022]
|
| Schlagwörter: | |
| Links: | https://learning.oreilly.com/library/view/-/9781484279458/?ar |
| Zusammenfassung: | Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved Who This Book Is For Java developers using Jakarta EE and writing applications that need to be secured (every application). Basic knowledge of Servlets and CDI is assumed. Library writers and component providers who wish to provide additional authentication mechanisms for Jakarta EE also will find the book useful. |
| Beschreibung: | Includes index |
| Umfang: | 1 Online-Ressource (xvii, 638 Seiten : color illustrations) |
| ISBN: | 9781484279458 148427945X |
Internformat
MARC
| LEADER | 00000cam a22000002 4500 | ||
|---|---|---|---|
| 001 | ZDB-30-ORH-077856902 | ||
| 003 | DE-627-1 | ||
| 005 | 20240228121641.0 | ||
| 007 | cr uuu---uuuuu | ||
| 008 | 220513s2022 xx |||||o 00| ||eng c | ||
| 020 | |a 9781484279458 |c electronic bk. |9 978-1-4842-7945-8 | ||
| 020 | |a 148427945X |c electronic bk. |9 1-4842-7945-X | ||
| 035 | |a (DE-627-1)077856902 | ||
| 035 | |a (DE-599)KEP077856902 | ||
| 035 | |a (ORHE)9781484279458 | ||
| 035 | |a (DE-627-1)077856902 | ||
| 040 | |a DE-627 |b ger |c DE-627 |e rda | ||
| 041 | |a eng | ||
| 072 | 7 | |a COM051280 |2 bisacsh | |
| 082 | 0 | |a 005.8 |2 23 | |
| 100 | 1 | |a Tijms, Arjan |e VerfasserIn |4 aut | |
| 245 | 1 | 4 | |a The definitive guide to security in Jakarta EE |b securing Java-based enterprise applications with Jakarta security, authorization, authentication and more |c Arjan Tijms, Teo Bais, Werner Keil |
| 264 | 1 | |a New York, NY |b Apress |c [2022] | |
| 264 | 4 | |c ©2022 | |
| 300 | |a 1 Online-Ressource (xvii, 638 Seiten : color illustrations) | ||
| 336 | |a Text |b txt |2 rdacontent | ||
| 337 | |a Computermedien |b c |2 rdamedia | ||
| 338 | |a Online-Ressource |b cr |2 rdacarrier | ||
| 500 | |a Includes index | ||
| 520 | |a Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved Who This Book Is For Java developers using Jakarta EE and writing applications that need to be secured (every application). Basic knowledge of Servlets and CDI is assumed. Library writers and component providers who wish to provide additional authentication mechanisms for Jakarta EE also will find the book useful. | ||
| 650 | 0 | |a Java (Computer program language) | |
| 650 | 0 | |a Computer security | |
| 650 | 0 | |a Cloud computing | |
| 650 | 0 | |a Application software |x Development | |
| 650 | 2 | |a Computer Security | |
| 650 | 4 | |a Java (Langage de programmation) | |
| 650 | 4 | |a Sécurité informatique | |
| 650 | 4 | |a Infonuagique | |
| 650 | 4 | |a Logiciels d'application ; Développement | |
| 650 | 4 | |a Data protection | |
| 650 | 4 | |a Java (Computer program language) | |
| 650 | 4 | |a Programming languages (Electronic computers) | |
| 700 | 1 | |a Bais, Teo |e VerfasserIn |4 aut | |
| 700 | 1 | |a Keil, Werner |e VerfasserIn |4 aut | |
| 776 | 1 | |z 9781484279441 | |
| 776 | 0 | 8 | |i Erscheint auch als |n Druck-Ausgabe |z 9781484279441 |
| 966 | 4 | 0 | |l DE-91 |p ZDB-30-ORH |q TUM_PDA_ORH |u https://learning.oreilly.com/library/view/-/9781484279458/?ar |m X:ORHE |x Aggregator |z lizenzpflichtig |3 Volltext |
| 912 | |a ZDB-30-ORH | ||
| 912 | |a ZDB-30-ORH | ||
| 951 | |a BO | ||
| 912 | |a ZDB-30-ORH | ||
| 049 | |a DE-91 | ||
Datensatz im Suchindex
| DE-BY-TUM_katkey | ZDB-30-ORH-077856902 |
|---|---|
| _version_ | 1821494821635751936 |
| adam_text | |
| any_adam_object | |
| author | Tijms, Arjan Bais, Teo Keil, Werner |
| author_facet | Tijms, Arjan Bais, Teo Keil, Werner |
| author_role | aut aut aut |
| author_sort | Tijms, Arjan |
| author_variant | a t at t b tb w k wk |
| building | Verbundindex |
| bvnumber | localTUM |
| collection | ZDB-30-ORH |
| ctrlnum | (DE-627-1)077856902 (DE-599)KEP077856902 (ORHE)9781484279458 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>04005cam a22005652 4500</leader><controlfield tag="001">ZDB-30-ORH-077856902</controlfield><controlfield tag="003">DE-627-1</controlfield><controlfield tag="005">20240228121641.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">220513s2022 xx |||||o 00| ||eng c</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781484279458</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">978-1-4842-7945-8</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">148427945X</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">1-4842-7945-X</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627-1)077856902</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)KEP077856902</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ORHE)9781484279458</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627-1)077856902</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM051280</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Tijms, Arjan</subfield><subfield code="e">VerfasserIn</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="4"><subfield code="a">The definitive guide to security in Jakarta EE</subfield><subfield code="b">securing Java-based enterprise applications with Jakarta security, authorization, authentication and more</subfield><subfield code="c">Arjan Tijms, Teo Bais, Werner Keil</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">New York, NY</subfield><subfield code="b">Apress</subfield><subfield code="c">[2022]</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">©2022</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xvii, 638 Seiten : color illustrations)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes index</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved Who This Book Is For Java developers using Jakarta EE and writing applications that need to be secured (every application). Basic knowledge of Servlets and CDI is assumed. Library writers and component providers who wish to provide additional authentication mechanisms for Jakarta EE also will find the book useful.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Java (Computer program language)</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Cloud computing</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Application software</subfield><subfield code="x">Development</subfield></datafield><datafield tag="650" ind1=" " ind2="2"><subfield code="a">Computer Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Java (Langage de programmation)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Sécurité informatique</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Infonuagique</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Logiciels d'application ; Développement</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Data protection</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Java (Computer program language)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Programming languages (Electronic computers)</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Bais, Teo</subfield><subfield code="e">VerfasserIn</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Keil, Werner</subfield><subfield code="e">VerfasserIn</subfield><subfield code="4">aut</subfield></datafield><datafield tag="776" ind1="1" ind2=" "><subfield code="z">9781484279441</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe</subfield><subfield code="z">9781484279441</subfield></datafield><datafield tag="966" ind1="4" ind2="0"><subfield code="l">DE-91</subfield><subfield code="p">ZDB-30-ORH</subfield><subfield code="q">TUM_PDA_ORH</subfield><subfield code="u">https://learning.oreilly.com/library/view/-/9781484279458/?ar</subfield><subfield code="m">X:ORHE</subfield><subfield code="x">Aggregator</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">BO</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-91</subfield></datafield></record></collection> |
| id | ZDB-30-ORH-077856902 |
| illustrated | Not Illustrated |
| indexdate | 2025-01-17T11:20:28Z |
| institution | BVB |
| isbn | 9781484279458 148427945X |
| language | English |
| open_access_boolean | |
| owner | DE-91 DE-BY-TUM |
| owner_facet | DE-91 DE-BY-TUM |
| physical | 1 Online-Ressource (xvii, 638 Seiten : color illustrations) |
| psigel | ZDB-30-ORH TUM_PDA_ORH ZDB-30-ORH |
| publishDate | 2022 |
| publishDateSearch | 2022 |
| publishDateSort | 2022 |
| publisher | Apress |
| record_format | marc |
| spelling | Tijms, Arjan VerfasserIn aut The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more Arjan Tijms, Teo Bais, Werner Keil New York, NY Apress [2022] ©2022 1 Online-Ressource (xvii, 638 Seiten : color illustrations) Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier Includes index Refer to this definitive and authoritative book to understand the Jakarta EE Security Spec, with Jakarta Authentication & Authorization as its underlying official foundation. Jakarta EE Security implementations are discussed, such as Soteria and Open Liberty, along with the build-in modules and Jakarta EE Security third-party modules, such as Payara Yubikey & OIDC, and OmniFaces JWT-Auth. The book discusses Jakarta EE Security in relation to SE underpinnings and provides a detailed explanation of how client-cert authentication over HTTPS takes place, how certifications work, and how LDAP-like names are mapped to caller/user names. General (web) security best practices are presented, such as not storing passwords in plaintext, using HTTPS, sanitizing inputs to DB queries, encoding output, and explanations of various (web) attacks and common vulnerabilities are included. Practical examples of securing applications discuss common needs such as letting users explicitly log in, sign up, verify email safely, explicitly log in to access protected pages, and go direct to the log in page. Common issues are covered such as abandoning an authentication dialog halfway and later accessing protected pages again. What You Will Learn Know what Jakarta/Java EE security includes and how to get started learning and using this technology for today's and tomorrow's enterprise Java applications Secure applications: traditional server-side web apps built with JSF (Faces) as well as applications based on client-side frameworks (such as Angular) and JAX-RS Work with the daunting number of security APIs in Jakarta EE Understand how EE security evolved Who This Book Is For Java developers using Jakarta EE and writing applications that need to be secured (every application). Basic knowledge of Servlets and CDI is assumed. Library writers and component providers who wish to provide additional authentication mechanisms for Jakarta EE also will find the book useful. Java (Computer program language) Computer security Cloud computing Application software Development Computer Security Java (Langage de programmation) Sécurité informatique Infonuagique Logiciels d'application ; Développement Data protection Programming languages (Electronic computers) Bais, Teo VerfasserIn aut Keil, Werner VerfasserIn aut 9781484279441 Erscheint auch als Druck-Ausgabe 9781484279441 |
| spellingShingle | Tijms, Arjan Bais, Teo Keil, Werner The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more Java (Computer program language) Computer security Cloud computing Application software Development Computer Security Java (Langage de programmation) Sécurité informatique Infonuagique Logiciels d'application ; Développement Data protection Programming languages (Electronic computers) |
| title | The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more |
| title_auth | The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more |
| title_exact_search | The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more |
| title_full | The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more Arjan Tijms, Teo Bais, Werner Keil |
| title_fullStr | The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more Arjan Tijms, Teo Bais, Werner Keil |
| title_full_unstemmed | The definitive guide to security in Jakarta EE securing Java-based enterprise applications with Jakarta security, authorization, authentication and more Arjan Tijms, Teo Bais, Werner Keil |
| title_short | The definitive guide to security in Jakarta EE |
| title_sort | definitive guide to security in jakarta ee securing java based enterprise applications with jakarta security authorization authentication and more |
| title_sub | securing Java-based enterprise applications with Jakarta security, authorization, authentication and more |
| topic | Java (Computer program language) Computer security Cloud computing Application software Development Computer Security Java (Langage de programmation) Sécurité informatique Infonuagique Logiciels d'application ; Développement Data protection Programming languages (Electronic computers) |
| topic_facet | Java (Computer program language) Computer security Cloud computing Application software Development Computer Security Java (Langage de programmation) Sécurité informatique Infonuagique Logiciels d'application ; Développement Data protection Programming languages (Electronic computers) |
| work_keys_str_mv | AT tijmsarjan thedefinitiveguidetosecurityinjakartaeesecuringjavabasedenterpriseapplicationswithjakartasecurityauthorizationauthenticationandmore AT baisteo thedefinitiveguidetosecurityinjakartaeesecuringjavabasedenterpriseapplicationswithjakartasecurityauthorizationauthenticationandmore AT keilwerner thedefinitiveguidetosecurityinjakartaeesecuringjavabasedenterpriseapplicationswithjakartasecurityauthorizationauthenticationandmore AT tijmsarjan definitiveguidetosecurityinjakartaeesecuringjavabasedenterpriseapplicationswithjakartasecurityauthorizationauthenticationandmore AT baisteo definitiveguidetosecurityinjakartaeesecuringjavabasedenterpriseapplicationswithjakartasecurityauthorizationauthenticationandmore AT keilwerner definitiveguidetosecurityinjakartaeesecuringjavabasedenterpriseapplicationswithjakartasecurityauthorizationauthenticationandmore |