Chapter 9. Securing the Web Tier–Design Strategies and Best Practices
Topics in This Chapter
For J2EE applications, the Web tier represents the front door—the entry point for all users. It is also the most frequently used initial point of attack for an adversary looking for security weaknesses in an application. This chapter will review the vulnerabilities associated with the Web tier and the patterns used to protect against them.
Web-Tier Security Patterns
Authentication Enforcer
Problem
You need to verify that each request is from an authenticated entity, and since different classes handle different requests, authentication code is replicated in many places and the authentication mechanism can’t ...
Get Core Security Patterns: Best Practices and Strategies for J2EE™, Web Services, and Identity Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.