Chapter 9. Securing the Web Tier–Design Strategies and Best Practices

Topics in This Chapter

For J2EE applications, the Web tier represents the front door—the entry point for all users. It is also the most frequently used initial point of attack for an adversary looking for security weaknesses in an application. This chapter will review the vulnerabilities associated with the Web tier and the patterns used to protect against them.

Web-Tier Security Patterns

Authentication Enforcer

Problem

You need to verify that each request is from an authenticated entity, and since different classes handle different requests, authentication code is replicated in many places and the authentication mechanism can’t ...

Get Core Security Patterns: Best Practices and Strategies for J2EE™, Web Services, and Identity Management now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Core Security Patterns: Best Practices and Strategies for J2EE™, Web Services, and Identity Management by Christopher Steel, Ramesh Nagappan, Ray Lai

Chapter 9. Securing the Web Tier–Design Strategies and Best Practices

Web-Tier Security Patterns

Authentication Enforcer

Problem

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly