Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Secure Coding in Jakarta EE

Course Summary

The Secure Coding in Jakarta EE training course provides students with the background and knowledge required to create secure enterprise-class Jakarta Enterprise Edition (EE)-based applications, known previously as Java EE.

The course begins with a review of the core Java security model. Building on this, it then examines how to create secure Java web-based and enterprise-based applications, covering everything from security fundamentals to authentication and authorization strategies, to preventing cross-site scripting and sequel injections. The course concludes with analyzing tips, tricks, strategies, and design principles required to build secure Java applications.

Purpose
 Learn how to design secure and robust Java web-based and Enterprise Java Beans (EJB) applications.
Audience
 Advanced Jakarta EE programmers who need to write secure Java applications.
Role
Software Developer
Skill Level
Advanced
Style
Workshops
Duration
3 Days
Related Technologies
Java | Web Development | Cybersecurity

 

Productivity Objectives
  • Define what security is in Java.
  • Apply basic programmatic security to code.
  • Identify how to defend against an attack.
  • Indicate how to secure resources.

What You'll Learn:

In the Secure Coding in Jakarta EE training course, you'll learn:
  • Fundamentals
    • Why and what?
    • Characteristics of application security
    • Basic security mechanisms
  • Basic Security within Java SE 8
    • Mutability of objects
    • Variable, method, class, and package scopes
    • Thread safety
    • Exception handling
    • Input validation
  • Basic Security at the EE level
    • Role-based authentication
    • Specifying Security Constraints
    • Programmatic security
    • Declarative security
  • Programming Against an Attack
    • Denial of Service (DoS)
    • SQL Injection
    • Large files
    • XML and HTML issues
    • LDAP injection
    • XPath injection
    • Password storage
  • Defensive Programming
    • Error handling in the Jakarta EE space
    • Type annotation syntax and the Checker Framework
    • Application-layer security
    • Transport-layer security
    • Message-layer security
    • Secure connection using SSL
  • Securing Resources
    • Authentication mechanisms
    • Using Form-Based Login
    • Digital certificates
    • Using JDBC realm
    • Securing HTTP resources
    • Securing Application clients
real world content

Real-World Content

Project-focused demos and labs using your tool stack and environment, not some canned "training room" lab.
expert practitioners

Expert Practitioners

Industry experts that bring their battle scars into the classroom.
experiential learning

Experiential Learning

More coding than lecture, coupled with architectural and design discussions.
tailored outlines

Tailored Outlines

One-size-fits-all doesn't apply to training teams. That's where we come in!
“I appreciated the instructor's technique of writing live code examples rather than using fixed slide decks to present the material.”

VMware

Dive in and learn more

When transforming your workforce, it's important to have expert advice and tailored solutions. We can help. Tell us your unique needs and we'll explore ways to address them.

Let's chat

By filling out this form and clicking submit, you acknowledge our privacy policy.