‹ Back To Training

Secure Coding in Java EE

Timeline: 3 Days

Topics

Expand All › ‹ Collapse All

  • Why and what?
  • Characteristics of application security
  • Basic security mechanisms
  • Mutability of objects
  • Variable, method, class, and package scopes
  • Thread safety
  • Exception handling
  • Input validation
  • Role-based authentication
  • Specifying Security Constraints
  • Programmatic security
  • Declarative security
  • Denial of Service (DoS)
  • SQL Injection
  • Large files
  • XML and HTML issues
  • LDAP injection
  • XPath injection
  • Password storage
  • Error handling in the Java EE space
  • Type annotation syntax and the Checker Framework
  • Application-layer security
  • Transport-layer security
  • Message-layer security
  • Secure connection using SSL
  • Authentication mechanisms
  • Using Form-Based Login
  • Digital certificates
  • Using JDBC realm
  • Securing HTTP resources
  • Securing Application clients