Securing Java Web Applications
This advanced course shows experienced developers of Java web applications how to secure those applications and to apply best practices with regard to secure enterprise coding. Authentication, authorization, and input validation are major themes, and students get good exposure to basic Java cryptography for specific development scenarios, as well as thorough discussions of HTTPS configuration and certificate management, error handling, logging, and auditing.
- Generally, be prepared to develop secure Java web applications, or to secure existing applications by refactoring as necessary.
- Define security constraints and login configurations that instruct the web container to enforce authentication and authorization policies.
- Validate user input aggressively, for general application health and specifically to foil injection and XSS attacks.
- Configure a server and/or application to use one-way or two-way HTTPS.
- Apply application-level cryptography where necessary.
- Secure log files and establish audit trails for especially sensitive information or actions.
- Java programming experience is essential.
- Servlets programming experience is required.
- JSP page-authoring experience is recommended.
- Click here to request a price quote for group training.
- Click here to request
additional information or to be added to the interest list for this course. The interest list will notify you when this course and any closely related courses are scheduled for open enrollment.