O'Reilly logo

Head First Servlets and JSP, 2nd Edition by Bert Bates, Bryan Basham, Kathy Sierra

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The Big Jobs in servlet security

The table below will give you a feel for the key items in servlet security. Authorization is the most time-consuming to implement and Authentication is next. From the servlet perspective, Confidentiality and Data Integrity are pretty easy to set up.[12]

Security concept

Who’s responsible?

Complexity level

Effort level

Exam importance

Authentication

Admin

medium

high

medium

Authorization

Deployer (mostly)

high

high

high

Confidentiality

Deployer

low

low

low

Data Integrity

Deployer

low

low

low

We’re going to emphasize Authorization in this chapter because it’s the most important and complex of the vendor-neutral security concepts.

[12] Actually, getting the SSL certification is not trivial, so by “easy” we mean “you don’t really do anything in your servlet code.”

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required