Best Java Security Book for J2EE and Web Services.

This is a great book - by far the best security design book for Java and J2EE (including Java SE 6 and Java EE 5) I have read to date. When I first heard about my coworkers talking about this book, I thought "oh great, another J2EE book!" Much to my surprise, this book is not just a how-to security API or patterns recipe book but much more than that - I see it as a collection of valuable suggestions and examples on how to choose security mechanisms and use them in J2EE applications and web services. Moreover, it tells you what the bestpractices, pitfalls and tradeoffs are for each design pattern option you take. Particularly, You will find this book as an ideal companion for CORE J2EE PATTERNS - Deepak Alur et al, which is my favorite for designing J2EE applications.

This book is as close to size of a pillow and I do understand why the authors gave only code snippets for selected examples instead of full implementation. The case study is just right, it discusses the scenario and how to incorporate the patterns right in to the application design..which is just right for a Java developer who is involved with Java enterprise applications and web services. The best practices and security checklist detailed in this book - helps a lot during development and when you want to deploy a J2EE application/web service in production.

Having said that, I prefer this book as a must-have for any serious Java developer/designer/architect who wants to build Security from understanding basics of WHAT and know WHY you should architect your J2EE system in a particular way using best practices (a long list) and not just HOW. Ultimately you will find this book as an onestop reference for building security in J2EE applications and web services.

Other Reviews

• Very practical security book for java architects
• Excellent Security Book for Java/J2EE Programmers and Architects
• Best Java Security Book for J2EE and Web Services.
• Java security made easy. Excellent title worth investing on.