Home

Java Enterprise Edition Advanced Security Architectures And Products Training

Training Description:

This is a customized training as requested by a client on advanced security architectures as applicable to Java Enterprise Edition.

The training focuses on implementation of security in multi-tier environments (with physically separated tiers), single sign-on (SSO), federated access implementation mechanisms, compliance requirements of web applications and avoiding the known vulnerabilities. The training also introduces products that can be used off-the shelf.

Training Objectives:

At the end of the training, participants will be able to
  1. Implement advanced security in a distributed multi-tier Java EE application.
  2. Implement Kerberos based authentication in Java applications.
  3. Use an LDAP server as a user registry.
  4. Use OpenSSO for advanced access management.
  5. Integrate OpenID support into applications.
  6. Implement federated access management features in Web Services environments (using WS-Federation)
  7. Secure applications to meet special compliance requirements.
  8. Avoid common known vulnerabilities in implementing Web applications.

Target Groups:

  1. Java Enterprise Edition Developers who are into advanced security.
  2. Read "Do I fit for that training?" if you are interested, but need help to determine whether you should participate or not.

Prerequisites:

  1. Ability to implement multi-tier Java Enterprise Edition applications.
  2. If you do not find yourself in such a state, also read "Do I fit for that training?".

Communication Language:

English

Duration:

3 days (24 hours)

Facilitator:

Kamal Wickramanayake (Profile)

Notes:

  1. This training is delivered with hands-on lab exercises.

Training Content:

  1. Security Requirements Of Multi-tier Applications
    • Java Authentication And Authorization Service (JAAS)
      • Java Authorization Contract for Containers (Java ACC)
        • Single Sign-On Techniques
          • Access Management For Web Applications
            • Federated Access Management
              • Virtual Federation
                • OpenID
                  • Light Weight Directory Access Protocol (LDAP)
                    • Kerberos
                      • OpenSSO
                        • WS-Federation
                          • Security Compliance Requirements Of Web Applications
                            • Avoiding Common Vulnerabilities In Web Applications
                              • Commonly Known Integration Issues And Remedies

                                Trainings over the Internet