Chapter 6. Web Application Security

Terms you'll need to understand:

  • Authentication

  • Authorization

  • Data integrity

  • Auditing

  • Malicious code

  • Web site attacks

  • Security constraint

  • Login configuration

  • Security role

Techniques you'll need to master:

  • Define authentication.

  • Identify BASIC, DIGEST, FORM, and CLIENT-CERT authentication types.

  • Define data integrity.

  • Define auditing.

  • Describe malicious code and Web site attacks.

  • Identify the deployment descriptor element names, and their structure, that declare a security constraint, a Web resource, the login configuration, and a security role.

Web Application Security Overview

A Web application is fundamentally built to invite many people to access it. At least one of these people is a jerk or, worse, a malicious malcontent. ...

Get Java™ 2 Enterprise Edition (J2EE™) Web Component Developer Exam Cram™ 2 (Exam 310-080) now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.