Top

table of contents

Archive's Table of Contents Page
Chapter 1: Server Setup and Configuration
Chapter 2: A Fast Introduction to Basic Servlet Programming
Chapter 3: A Fast Introduction to Basic JSP Programming
Chapter 4: Using and Deploying Web Applications
Chapter 5: Controlling Web Application Behavior with web.xml
Chapter 6: A Sample Web Application: An Online Boat Shop
Chapter 7: Declarative Security
Chapter 8: Programmatic Security
Chapter 9: Servlet and JSP Filters
Chapter 10: The Application Events Framework
Chapter 11: New Tag Library Features in JSP 1.2
Chapter 12: The JSP Standard Tag Library

Source Code Archive

More Servlets and JavaServer Pages

Chapter 8: Programmatic Security

To view source code for other chapters in this book, mouse over the table of contents bar on the left.

Source Code from Chapter

Note: right-click or shift-click on the links to download the associated file.

• employee-pay.jsp. A JSP page that augments the internal Web site for hot-dot-com.com. The page shows plans for employee pay. Because of entries in web.xml, the page can be accessed only by users in the employee or executive roles. Although both groups can access the page, they see substantially different results. In particular, the planned pay scales for executives is hidden from the normal employees.
• web.xml. Deployment descriptor for the hotdotcom-internal application.
• tomcat-users.xml. Tomcat-specific password file.
• company-styles.css. Style sheet used by almost all JSP pages in the hotdotcom-internal application.
• hotdotcom-internal.war. The entire hotdotcom-internal application bundled in a WAR (Web ARchive) file.
• StockTip.java. Servlet that gives very hot stock tips. So hot that only authorized users (presumably ones who have paid the steepreasonable financial advisory fee) can access the servlet.
• stocks.war. The entire stocks application bundled in a WAR (Web ARchive) file.
• SecurityInfo.java. A servlet that redirects non-SSL requests to a URL that is identical to the URL of the original request except that http is changed to https. When an SSL request is received, the servlet presents a page that displays information on the URL, query data, key size, encryption algorithm, and client certificate.
• securityInfo.war. The entire securityInfo application bundled in a WAR (Web ARchive) file.

URLs Referenced in Chapter

• http://www.rfc-editor.org/. Starting place for finding on-line RFCs.
• http://java.sun.com/j2se/1.3/docs/api/java/security/cert/X509Certificate.html. On-line documentation for the X509Certificate class.

More Information

• J2EE training courses from the author. Available on-site at your company or at public venues.
  • Beginning/intermediate servlet and JSP training
  • Advanced servlet and JSP training
  • JSF (JavaServer Faces) training with Apache MyFaces, facelets, Tomahawk, and Ajax4jsf
  • Jakarta Struts training
  • Ajax and GWT training
  • Java 5 and 6 training
  • Customized training courses.
• Free online version of Core Servlets & JavaServer Pages. Complete text of book in PDF.
• Home page for Core Servlets and JavaServer Pages 2nd Edition (Vol 1). Includes the table of contents, index, sample chapters, source code archive, etc.
• Home Page for More Servlets and JavaServer Pages. Includes the table of contents, index, source code archive, etc.
• Free online version of More Servlets and JavaServer Pages.
• Servlet and JSP Programming Resources. Download sites, servers, IDEs, tutorials, books, job listings, and more.
• Tutorials and lecture notes on servlets, JSP, Struts, JSF, and Java 5. PDF version free for all. PowerPoint version free for qualified university instructors.
• Servlet and JSP programming resources. Specs, documentation, servers, IDEs, hosting providers, books, training, etc.
• Java Programming Resources. General resources on Java technology. Compilers, editors, IDEs, tutorials, books, user forums, and more.