JSP and Servlets training classes from Atlanta, GA     
Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses in the USAAccelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses in Canada     Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses in the UK     Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses in Ireland     Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses in the Netherlands     Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses in Sweden     Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses internationally  
1 877 849 1850   0808 234 2132   1 800 550 311   0 800 022 6730   020 795 420   +1 678 648 3113  
Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses   Home   Contact Us
Java Training JSP Training Struts Training Spring Framework Training Hibernate Training  EJB Training
JBoss Training  Java Web Services Training  Java EE Frameworks Training  Software Design Training
Java ME Training JSF Training  Design Patterns Training Apache Tomcat Training WebSphere Training Live Online Training

Ajax for Java Developers
Mastering the JSTL (Java Standard Tag Library) training
Authoring JSP Tag Libraries training
Jakarta Struts training
Introduction to JSF (JavaServer Faces)
Building Data-Driven JSP Web Sites with Dreamweaver training
Introduction to the Spring Framework training
Introduction to Hibernate training
Introduction to JMS (Java Message Service) training
Live Online Training



Please contact us
for GSA pricing
and CMAS pricing.

GSA - Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses
Contract #
GS-35F-0307T

CMAS Approved Contractor Accelebrate delivers SharePoint, ASP.NET, SQL Server, and Java training courses
Contract #
3-09-70-2645A



Recent Training Venues

Accelebrate has recently trained for clients in the following cities:

  • Huntsville, Alabama
  • Montgomery / Birmingham, Alabama
  • Anchorage, Alaska
  • Calgary, Alberta
  • Phoenix, Arizona
  • Tucson, Arizona
  • Fayetteville / Little Rock, Arkansas
  • Amsterdam, The Netherlands / Brussels, Belgium
  • Oakland / San Jose / San Francisco, California
  • Sacramento, California
  • Oceanside / San Diego, California
  • Pasadena / Orange County / Los Angeles, California
  • San Bernardino / Riverside, California
  • Boulder / Colorado Springs / Denver, Colorado
  • Washington, DC
  • Wilmington, Delaware
  • Manchester / London, England
  • DeLand / Orlando, Florida
  • Fort Lauderdale / Miami, Florida
  • Gainesville / Jacksonville, Florida
  • Saint Petersburg / Tampa, Florida
  • Titusville & Melbourne, Florida
  • Alpharetta & Atlanta, Georgia
  • Augusta & Savannah, Georgia
  • Macon & Columbus, Georgia
  • Boise, Idaho
  • Bloomington, Illinois
  • Chicago, Illinois
  • Indianapolis, Indiana
  • Cedar Rapids / Des Moines, Iowa
  • Dublin, Ireland
  • Wichita, Kansas
  • Paducah / Lexington / Louisville, Kentucky
  • Baton Rouge/New Orleans, Louisiana
  • Portland, Maine
  • Hagerstown & Frederick, Maryland
  • Greenbelt / Silver Spring / Baltimore, Maryland
  • Boston / Cambridge, Massachusetts
  • Hartford, Connecticut / Springfield, Massachusetts
  • Ann Arbor / Farmington Hills / Detroit, Michigan
  • Grand Rapids, Michigan
  • Flint, Michigan
  • Saint Paul / Minneapolis, Minnesota
  • Jackson, Mississippi
  • St. Louis, Missouri
  • Whiteman Air Force Base / Kansas City, Missouri
  • Lincoln / Omaha, Nebraska
  • Reno and Las Vegas, Nevada
  • Santa Fe / Albuquerque, New Mexico
  • Princeton, New Jersey & Philadelphia, Pennsylvania
  • Trenton, New Jersey
  • Albany, New York
  • Buffalo, New York
  • White Plains / New York City, New York
  • Charlotte, North Carolina
  • Durham / Raleigh, North Carolina
  • Bowling Green / Toledo, Ohio
  • Canton / Akron, Ohio
  • Cincinnati, Ohio
  • Cleveland & Columbus, Ohio
  • Dayton, Ohio
  • Tulsa / Oklahoma City, Oklahoma
  • Toronto, Ontario
  • Portland, Oregon
  • Pittsburgh, Pennsylvania
  • Providence, Rhode Island
  • Edinburgh / Glasgow, Scotland
  • Columbia & Charleston, South Carolina
  • Spartanburg & Greenville, South Carolina
  • Stockholm, Sweden
  • Chattanooga / Knoxville, Tennessee
  • Memphis / Jackson / Nashville, Tennessee
  • College Station and Houston, Texas
  • El Paso, Texas / Ciudad Juarez, Mexico
  • San Antonio / Austin, Texas
  • Wichita Falls & Dallas, Texas
  • Ogden / Salt Lake City, Utah
  • Burlington, Vermont
  • Fairfax / Dulles / McLean / Herndon / Reston, Virginia
  • Richmond / Alexandria / Arlington, Virginia
  • Virginia Beach / Norfolk, Virginia
  • Tacoma / Seattle, Washington
  • Madison / Milwaukee, Wisconsin

 

Java Web Application Security Training: Securing Java Web Applications
Print This Outline
E-mail This Outline
Get A Quote
Course Number: 293
Duration: 3 days
view class outline

Java Web Application Security Training Overview

This advanced course shows experienced developers of Java™ web applications how to secure those applications and to apply best practices with regard to secure enterprise coding. Authentication, authorization, and input validation are major themes, and students get good exposure to basic Java cryptography for specific development scenarios, as well as thorough discussions of HTTPS configuration and certificate management, error handling, logging, and auditing.

Location and Pricing

Most Accelebrate courses are taught on-site at our clients' locations worldwide for groups of 3 or more attendees and are customized to their specific needs. Please visit our client list to see organizations for whom we have recently delivered training. These courses can also be delivered as live, private online classes for groups that are geographically dispersed or wish to save on the instructor's or students' travel expenses. To receive a customized proposal and price quote private training at your site or online, please contact us.

In addition, some courses are available as live, online classes for individuals.  To see a schedule of online courses, please visit http://www.accelebrate.com/online_training/java.htm.

Java Web Application Security Training Prerequisites

  • Java programming experience is essential.
  • Servlets programming experience is required.
  • JSP page-authoring experience is recommended but not required.

Hands-on/Lecture Ratio

This class is 70% hands-on, 30% lecture, with the longest lecture segments lasting for 20 minutes.

Java Web Application Security Training Materials

All Java web application security training attendees receive comprehensive courseware covering all topics listed.

Software Needed on Each Student PC

  • JDK 5.0 or later
  • Eclipse WTP 2.0 or later
  • Additional lab files that Accelebrate will provide – please contact us if you need a detailed setup guide.

Java Web Application Security Training Objectives

All attendees will learn how to:

  • Secure new and existing Java web applications.
  • Define security constraints and login configurations that instruct the web container to enforce authentication and authorization policies.
  • Validate user input aggressively, for general application health and specifically to foil injection and XSS attacks.
  • Configure a server and/or application to use one-way or two-way HTTPS.
  • Apply application-level cryptography where necessary.
  • Secure log files and establish audit trails for especially sensitive information or actions.

Java Web Application Security Training Outline

  • Secure Web Applications
    • Threats and Attack Vectors
    • Server, Network, and Browser Vulnerabilities
    • Secure Design Principles
    • GET vs. POST
    • Container Authentication and Authorization
    • HTML Forms
    • Privacy Under /WEB-INF
    • HTTP and HTTPS
    • Other Cryptographic Practices
    • SOA and Web Services
    • The OWASP Top 10
  • Authentication and Authorization
    • HTTP BASIC and DIGEST Authentication Schemes
    • Declaring Security Constraints
    • User Accounts
    • Safeguarding Credentials in Transit
    • Replay Attacks
    • Authorization Over URL Patterns
    • Roles
    • FORM Authentication
    • Login Form Design
    • EJB Authorization
    • Programmatic Security
    • Programmatic Security in JSF
  • Secure Application Design
    • Single Points of Decision
    • Cross-Site Scripting
    • Validation vs. Output Escaping
    • Forceful Browsing
    • Cross-Site Request Forgery
    • Request Tokens
    • Injection Attacks
    • Protections in JDBC and JPA
    • Session Management
    • Taking Care of Cookies
    • Validating User Input
    • Validation Practices
    • Regular Expressions
    • JSF Validation
  • HTTPS and Certificates
    • Digital Cryptography
    • Encryption
    • SSL and Secure Key Exchange
    • Hashing
    • Signature
    • Keystores
    • keytool
    • Why Keys Aren't Enough
    • X.509 Certificates
    • Certificate Authorities
    • Obtaining a Signed Certificate
    • Configuring HTTPS
    • Client-Side Certificates
    • PKCS #12 and Trust Stores
    • CLIENT-CERT Authentication
  • Application-Level Cryptography
    • The Java Cryptography Architecture
    • Secure Random Number Generation
    • The KeyStore API
    • The Signature Class
    • The SignedObject Class
    • The MessageDigest Class
    • The Java Cryptography Extensions
    • The SecretKey and KeyGenerator Types
    • The Cipher Class
    • Choosing Algorithms and Key Sizes
    • Dangerous Practices
  • Error Handling, Auditing, and Logging
    • Secure Development Cycle
    • Error Handling and Information Leakage
    • Failing to a Secure Mode
    • Logging Practices
    • Appropriate Content for Logs
    • Auditing
    • Strategies: Filters, Interceptors, and Command Chains
    • Penetration Testing
    • Back Doors
  • Conclusion
 
Print This OutlineE-mail This OutlineGet A Quote

Java® and all Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries.

JBoss® and Hibernate® are registered trademarks of Red Hat, Inc.  Accelebrate, Inc. has no affiliation with Red Hat, Inc. and no courses offered by Accelebrate, Inc. are endorsed by Red Hat, Inc. in any way.

WebSphere® is a registered trademark of IBM. Accelebrate, Inc. has no affiliation with IBM.
 
Request Information for Group Training at Your Site   Request Information for Group Training at Your Site
 

Accelebrate®
Focuses on You!


Accelebrate’s courses are taught for private groups of 3 or more people at your site or online anywhere worldwide.

Don't settle for a "one size fits all" public class! Have Accelebrate deliver exactly the training you want, privately at your site or online, for less than the cost of a public class.

For pricing and to learn more, please contact us via information request form or phone, or email us at info@accelebrate.com today.
 
Accelebrate accomplished the goal of providing a thorough introduction to Java, JSP, JavaBeans and JSTL. Following this training, we will be able to hit the ground running!
 
—Jeff Paar
Jewelry Television
Knoxville, Tennessee
             
               

VB.NET, C#, ASP, & ASP.NET Training * Java Training * SQL Server Training
SharePoint Training * Adobe Training * PHP Training * XML Training * Perl Training Sitemap

“Accelebrate,” “Accelerated Learning Celebrated Results,” and the Accelebrate logo are registered trademarks of Accelebrate, Inc. All other product names and trademarks are property of their respective owners. Course outline content may mirror or be derived from the book that each student receives with the course. Otherwise, all content is copyright © 2003- by Accelebrate, Inc. of Atlanta, Georgia, USA. To contact us, please use the contact form, email info@accelebrate.com us, or call 1 877 849 1850 in the US and Canada, 0808 234 2132 in the UK, 1 800 550 311 in Ireland, or +1 678 648 3113 from all other locations.

Recent client sites: Birmingham, AL | Phoenix, AZ | Los Angeles, CA | Sacramento, CA | San Diego, CA | San Francisco, CA | San Jose, CA | Denver, CO | Washington, DC | Jacksonville, FL | Miami, FL | Orlando, FL | Tampa, FL | Atlanta, GA | Chicago, IL | Indianapolis, IN | Boston, MA | Baltimore, MD | Detroit, MI | Minneapolis, MN | Kansas City, MO | Saint Louis, MO | Charlotte, NC | Raleigh, NC | Albuquerque, NM | Las Vegas, NV | Albany, NY | New York City, NY | Cincinnati, OH | Cleveland, OH | Columbus, OH | Dayton, OH | Oklahoma City, OK | Toronto, ON | Portland, OR | Philadelphia, PA | Pittsburgh, PA | Memphis, TN | Nashville, TN | Austin, TX | Dallas, TX | Houston, TX | San Antonio, TX | Salt Lake City, UT | Seattle, WA | Dublin, Ireland | London, UK
About Accelebrate IT Training VB.NET, C#, and ASP.NET Training Java, Struts, and JSP Training Adobe Training Microsoft SQL Server Training XML Training, PHP Training, Perl Training, and Other Courses Database and Reporting Training