| Acknowledgments | xiii |
| Introduction | xv |
| Case Study | xxi |
| Part I | J2EE Architecture and Technology Introduction | |
| 1 | The Java Basics: Security from the Ground Up | 3 |
| Java Then and Now | 4 |
| Java Language Architecture | 5 |
| The Java Virtual Machine | 5 |
| An Interpreted Language: Java Bytecodes | 6 |
| The Java Class Loader and Built-in Security | 6 |
| Other Language Features | 7 |
| Java Security Architecture | 7 |
| Protection Domains | 8 |
| Security Controls for Java Class Loading | 10 |
| Java Permissions | 12 |
| Java Security Policies | 13 |
| The Java Security Properties File | 14 |
| The Java Security Policy File | 15 |
| Security Manager Checking | 18 |
| Java Principals and Subjects | 19 |
| Summary | 20 |
| 2 | Introduction to JAAS, JCE, and JSSE | 21 |
| Java Authentication and Authorization Services (JAAS) | 22 |
| JAAS Architecture | 23 |
| JAAS Authentication | 24 |
| JAAS Authorization | 38 |
| Java Encryption | 41 |
| Encryption Fundamentals | 41 |
| Java Cryptography Extension (JCE) | 43 |
| The Keytool Utility | 46 |
| Java Secure Sockets Extension (JSSE) | 48 |
| SSL Fundamentals | 48 |
| Library and Certificate Installation | 49 |
| JSSE Demonstration Program | 50 |
| Securing JAR Files | 56 |
| The jarsigner Utility | 57 |
| The Sealed Directive | 57 |
| Summary | 58 |
| 3 | J2EE Architecture and Security | 59 |
| Middleware and Distributed Software Components | 60 |
| Middleware Development | 60 |
| Multitiered Application Development | 61 |
| The Multitiered Environment | 62 |
| J2EE Multitiered Technologies | 63 |
| Web Tier Components: Servlets and JSP | 65 |
| Servlets | 65 |
| JSP | 69 |
| JSP Use | 70 |
| Business Tier Components: EJBs | 71 |
| Services Provided by the EJB Container | 71 |
| Types of EJBs | 73 |
| EJB Deployment | 75 |
| Development Roles with J2EE | 75 |
| EJB Development | 78 |
| Other J2EE APIs | 85 |
| EJB Security Architecture | 87 |
| Principals and Roles | 87 |
| Declarative Security and Programmatic Security | 88 |
| System-Level Security | 89 |
| Security on the Presentation Tier | 89 |
| Security on the Business Tier | 92 |
| Defining Security Roles | 92 |
| Mapping Roles | 93 |
| Assigning Principals to Roles | 94 |
| Security for Resources | 95 |
| Summary | 97 |
| Part II | Java Application and Network Security | |
| 4 | Using Encryption and Authentication to Protect an Application | 101 |
| Application Security: The Process | 102 |
| System-level versus Application-level Security | 102 |
| Application Security Techniques | 103 |
| The Dangers of Storing Data Locally | 104 |
| Summary | 134 |
| 5 | Software Piracy and Code Licensing Schemes | 137 |
| The Dangers of Code Misuse | 138 |
| Another Licensing Strategy | 147 |
| Secret Key Storage | 148 |
| Summary | 156 |
| 6 | The Exposure of Bytecodes | 157 |
| The Dangers of Reverse-Engineering | 158 |
| The Dangers of Embedded Strings | 178 |
| Summary | 180 |
| 7 | Hacking Java Client-Server Applications: Another Tier to Attack | 181 |
| The Client-Server Implementation | 182 |
| The Dangers of A Client-Server Architecture | 183 |
| Watching the Basket: Application Database Security | 185 |
| Securing the Database Connection | 187 |
| Protecting the Client-Tier | 201 |
| Protecting Applet-based Clients | 213 |
| Protecting WebStart-based Clients | 227 |
| Summary | 233 |
| 8 | Java Network Applications: Potential Security Flaw Attacks | 235 |
| The Dangers of RMI | 236 |
| The Original RMI Application | 236 |
| Encrypting the Account Number and Balance | 245 |
| Using an SSL Connection between the Client and Server | 252 |
| Implementing Challenge/Response Authentication | 257 |
| Using an Authenticated Communications Channel | 260 |
| The Dangers of Loading Class and JAR Files Remotely | 274 |
| Summary | 276 |
| Part III | J2EE Security on the Web and Business Tiers | |
| 9 | This is .WAR: Exploiting Java Web Tier Components | 279 |
| The Sample Application: Web-Enabled | 281 |
| Implementing our Cache-Control Strategy | 315 |
| Summary | 319 |
| 10 | Shaking the Foundation: Web Container Strengths and Weaknesses | 321 |
| The Effects of Directory Listing | 322 |
| The Invoker Servlet | 324 |
| Stealing a Session | 328 |
| Generating a Server Key | 331 |
| Enabling HTTPS in Tomcat | 332 |
| Testing the Installation | 333 |
| Adding a Transport Guarantee | 334 |
| Client Certificate Authentication | 335 |
| Configuring Tomcat to use SSL with Client Authentication | 336 |
| Container Authentication Using a Client Certificate | 337 |
| Dealing with Overlapping Application Roles | 342 |
| Summary | 345 |
| 11 | Java Web Services Security | 347 |
| Web Services in Java | 348 |
| Web Services Technologies | 349 |
| The Web Services Developer Pack | 350 |
| The Web Services-Enabled Application Implementation | 351 |
| The Retirement Web Services Suite: Server Side | 352 |
| The Retirement Web Services Suite: Client Side | 355 |
| Web Services Application Vulnerabilities | 358 |
| Requiring SSL Connections | 361 |
| Implementing HTTP Authentication | 366 |
| Disabling WSDL Distribution | 368 |
| Enabling Programmatic Authorization | 370 |
| Passing Database Passwords As Context Parameters | 373 |
| Web Services Workflow Security | 374 |
| The Future of Web Services Security | 378 |
| SOAP Security Extensions: Digital Signature | 378 |
| WS-Security | 379 |
| Summary | 380 |
| 12 | Enterprise Java Beans: Security for the Business Tier | 381 |
| The EJB Application Implementation | 382 |
| The EJB Persistence Service | 383 |
| The Get and Set Balance Methods | 384 |
| The Beans | 385 |
| EJB Application Vulnerabilities | 389 |
| Common Pitfalls When Using Message-Driven Beans | 400 |
| The Message-Driven Bean Implementation | 401 |
| Summary | 411 |
| Index | 413 |
