Web Application Security

Objectives

• Learn the ways in which web applications are made secure
• Learn how to generate public/private key pairs and store them in a key store
• Learn how to generate a self-signed certificate
• Learn how to configure Tomcat to support https
• Learn how authentication works in web applications
• Learn how to add authentication to web application (login)
• Learn how to add authorization to a web application
• Learn how to generate password digests

Chapter Contents

• Overview
• Configure HTTPS
• The Persistent User Class
• Login Functionalty
• Security Filter
• Password Digests
• Exercises