Secure your Java apps from end to end, Part 2

In Part 2 of Todd Sundsted's examination of security, he discusses application security. Little mistakes during application development often lead to big security problems for developers and users. Todd introduces you to the most...



Secure your Java apps from end to end, Part 1

Security means many things to many people. For much of its history, Java security has meant virtual machine and byte code security. That notion neglects two equally important facets -- application and network security. In this series...



Build secure network applications with SSL and the JSSE API

SSL (Secure Socket Layer) is the de facto standard for securing a communication channel between two applications that converse over the Internet. Sun's JSSE (Java Secure Socket Extension) provides SSL support for Java applications....



Construct secure networked applications with certificates, Part 4

You can build applications using the tools and the information provided in the first three parts of this series on certificates. However, to build the most secure applications possible, you must understand the details of...



Construct secure networked applications with certificates, Part 3

Certificates and public-key cryptography are great when private keys remain private. When a private key is exposed, either accidentally or maliciously, the security provided by public-key cryptography ends. Enter the certificate...



Construct secure networked applications with certificates, Part 2

Although it's not the only runner in the certificate race, the X.509 certificate standard is so far ahead that its eventual victory is all but guaranteed. This month, Todd Sundsted describes X.509 certificates and introduces you to...



Construct secure networked applications with certificates, Part 1

Public-key cryptography's importance to network security must not be overlooked. However, trust issues challenge public-key cryptography's usage in enterprise-scale settings. In Part 1 of this series on certificates, Todd Sundsted...



Secure thread collaboration across protection domains

When threads collaborate across protection domains, they introduce interesting wrinkles into the science of building secure applications. This month, Todd Sundsted presents these scenarios and shows how to use the AccessControlContext...



Signed and sealed objects deliver secure serialized content

With the Java serialization mechanism, you can transport Java objects from one Java VM to another and place Java objects in persistent storage. It does not protect the serialized content, however, and thus introduces the possibility...



Alternative deployment methods, Part 3: The code

In Part 3 of his series on application deployment, Todd Sundsted looks at the code that supports the deployment tool he described in Part 2. This article explains the framework's operation, highlights its design features, and explores...



Alternative deployment methods, Part 2: The best of both worlds

Despite a history of black eyes and a reputation for being difficult to work with, Java applets are still the dominant client-side Java application-deployment technique in enterprise environments. Unfortunately, they are often not the...



Alternative deployment methods, Part 1: Beyond applets

When the issue of application deployment arises, developers typically consider the possibility of deployment as an applet. Often, this is not the correct approach. This month, Todd Sundsted begins an exploration of deployment...



JNDI overview, Part 3: Advanced JNDI

A JNDI service can be much more than a computerized card catalog. JNDI's object-storage capabilities allow it to play the role of resource administrator in your distributed applications and to provide simple, manageable object...



JNDI overview, Part 2: An introduction to directory services

As applications become more distributed, the efficient management and distribution of the information upon which they depend becomes more and more of a problem. Directory services such as LDAP (the Lightweight Directory Access...



XML and Java: A potent partnership, Part 4

In this final installment of his four-part series on XML and Java, Todd Sundsted completes his integration of JavaScript and Java and brings the ease-of-use and flexibility of a scripting language to his XML framework. (2,200 words)...



XML and Java: A potent partnership, Part 3

Nothing beats a scripting language when it comes to application flexibility and programmer productivity. This month, Todd Sundsted demonstrates how to integrate Java and JavaScript, both popular programming languages in their own...



XML and Java: A potent partnership, Part 2

One of XML's advantages over HTML is its extensibility. This feature makes it possible to use XML to describe information in ways that would be impossible with HTML. This month, Todd demonstrates how to build a framework for...



XML and Java: A potent partnership, Part 1

XML (Extensible Markup Language) began life as a "new and improved" HTML. It has since found a place not only on the Web but also in the enterprise. This month, Todd examines one aspect of XML's role in the enterprise: enterprise...



Messaging makes its move, Part 2

This month Todd completes the quest he began last month by putting the finishing touches on an implementation of the Java Message Service Specification written entirely in the Java programming language. You'll learn how to use the...



Messaging makes its move, Part 1

Messaging products have found their niche within enterprise applications as tools for coordinating distributed application components. What they do is remove the responsibility for ensuring messages are delivered reliably and...


Load More