Go and buy this book

If you are new to Java, then you shouldn't buy this book.
If you are new to security, then you shouldn't buy this book.
If you prefer loads of examples instead of dense and precise explanations, then you shouldn't buy this book.
If you are looking for a pictorial guide on Java security, then you would probably have to go somewhere else as well.

However...

If you know your Java basics,
If you like completeness,
If you like preciseness,
If you want to know why the APIs look the way they do,
If you take nothing for granted,
If you want an update on latest changes,
If you like things to be drawn in a historical perspective,
If you want a book that you can pick up and read a chapter without having to go through it in a linear way,
If you are serious about security,
In that case you should now pick up your coat, and run to the nearest bookstore to buy this book.

The only thing I found odd in this book is the introduction into security, covering a discussion in general, and an overview of different types of security and access control models. The weird thing is that it introduces a lot of concepts, without actually refering to any of them in the chapters later on.

Other Reviews

• A complete coverage, but very complex and bad organized book
• Good book - Needs a complete revision from J2SE 1.4.2
• Go and buy this book
• Required Reading for Java Security
• Guardrails for JDK 1.2