Updates
Latest Tweet
What's New?
Check out for latest innovation, a computer based training video collection
Like this Page
Enterprise Java(TM) Security: Building Secure J2EE(TM) Applications Review by Vance Christiaanse
Excellent and Comprehensive
The first thing to say to anyone considering buying a book on the topic of enterprise Java security is that the topic is vast and constantly changing. No single book could satisfy every need. That being said, this book comes as close as any one book is likely to. I've been using this book for several weeks now and I have found it extremely valuable.
Since I make my living helping people write better Java code I was dismayed by the assumption in some of the code examples that FileInputStream's available() method is guaranteed to return the total size of the file. (The code on pages 430-431 is just one example.)A loop is required for code that must work every time.
Since I didn't find any infomation in the book about where to submit errors or comments I will mention one more--admittedly small--item here: on page 363 "9" is printed where "q" is meant. It's an interesting typo because it suggests this portion of the manuscript may have been originally written by hand and then transcribed by someone non-technical. Or perhaps I've been studying cryptography so much lately I'm starting to decrypt things that aren't there.
I would recommend this book to anyone seeking detailed and authoritative information on any aspect of J2EE security from the low level cryptography to high level architecture.