Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management by Christopher Steel, Ramesh Nagappan and Ray Lai
- Binding:
- Hardcover
- Number of Pages:
- 1088
- ISBN:
- 0131463071
- Product Group:
- book
- Publisher:
- Prentice Hall
- Publication Date:
- Oct. 27, 2005
- BooksForGeeks.com ID:
- 2940
Reviews for Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
-
Quantity over quality
Rated out of 5 stars, March 12th, 2009
This book is certainly comprehensive, covering the full range of J2SE, J2ME and J2EE security technologies and standards, as well as the patterns themselves. From a reference point of view, there is nothing else out there with the same scope. Be aware, however, that it is a little dated. For example it talks about JAX-RPC rather than the JAX-WS standard which replaced it.
Much more significant, however, is that this is not a well written book at all. Security is hard, the number of acronyms is mind-boggling, and you really need a lucid guide to make sense of it all. This is not that guide. Just a random example, the following is on the notion of Trust in WS-Security: "Trust: A characteristic that one entity is willing to accept and rely upon for another entity to execute a set of actions and/or to make a set of assertions about a set of subjects and/or scopes". I thought I knew what trust meant until I read that.
Basically, if you get this book you will be doing a lot of cross-referencing on the web to validate your understanding. For me, that obviates half the point of getting it in the first place.