In Part 2 of Todd Sundsted's examination of security, he discusses
application security. Little mistakes during application
development often lead to big security problems for developers and
users. Todd introduces you to the most...
Security means many things to many people. For much of its history,
Java security has meant virtual machine and byte code security.
That notion neglects two equally important facets -- application
and network security. In this series...
SSL (Secure Socket Layer) is the de facto standard for securing a
communication channel between two applications that converse over
the Internet. Sun's JSSE (Java Secure Socket Extension) provides
SSL support for Java applications....
You can build applications using the tools and the information
provided in the first three parts of this series on certificates.
However, to build the most secure applications possible, you must
understand the details of...
Certificates and public-key cryptography are great when private
keys remain private. When a private key is exposed, either
accidentally or maliciously, the security provided by public-key
cryptography ends. Enter the certificate...
Although it's not the only runner in the certificate race, the
X.509 certificate standard is so far ahead that its eventual
victory is all but guaranteed. This month, Todd Sundsted describes
X.509 certificates and introduces you to...
Public-key cryptography's importance to network security must not
be overlooked. However, trust issues challenge public-key
cryptography's usage in enterprise-scale settings. In Part 1 of
this series on certificates, Todd Sundsted...
When threads collaborate across protection domains, they introduce
interesting wrinkles into the science of building secure
applications. This month, Todd Sundsted presents these scenarios
and shows how to use the AccessControlContext...
With the Java serialization mechanism, you can transport Java
objects from one Java VM to another and place Java objects in
persistent storage. It does not protect the serialized content,
however, and thus introduces the possibility...
In Part 3 of his series on application deployment, Todd Sundsted
looks at the code that supports the deployment tool he described in
Part 2. This article explains the framework's operation, highlights
its design features, and explores...
Despite a history of black eyes and a reputation for being
difficult to work with, Java applets are still the dominant
client-side Java application-deployment technique in enterprise
environments. Unfortunately, they are often not the...
When the issue of application deployment arises, developers
typically consider the possibility of deployment as an applet.
Often, this is not the correct approach. This month, Todd Sundsted
begins an exploration of deployment...
A JNDI service can be much more than a computerized card catalog.
JNDI's object-storage capabilities allow it to play the role of
resource administrator in your distributed applications and to
provide simple, manageable object...
As applications become more distributed, the efficient management
and distribution of the information upon which they depend becomes
more and more of a problem. Directory services such as LDAP (the
Lightweight Directory Access...
In this final installment of his four-part series on XML and Java,
brings the ease-of-use and flexibility of a scripting language to
his XML framework. (2,200 words)
Nothing beats a scripting language when it comes to application
flexibility and programmer productivity. This month, Todd Sundsted
programming languages in their own...
One of XML's advantages over HTML is its extensibility. This
feature makes it possible to use XML to describe information in
ways that would be impossible with HTML. This month, Todd
demonstrates how to build a framework for...
XML (Extensible Markup Language) began life as a "new and improved"
HTML. It has since found a place not only on the Web but also in
the enterprise. This month, Todd examines one aspect of XML's role
in the enterprise: enterprise...
This month Todd completes the quest he began last month by putting
the finishing touches on an implementation of the Java Message
Service Specification written entirely in the Java programming
language. You'll learn how to use the...
Messaging products have found their niche within enterprise
applications as tools for coordinating distributed application
components. What they do is remove the responsibility for ensuring
messages are delivered reliably and...