Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Acknowledgments

    Acknowledgments

    “The learning and knowledge that we have, is, at the most, but little compared with that of which we are ignorant.”

    Plato (427–347 B.C.)

    The authors would like to extend their thanks to the Prentice Hall publishing team, including Greg Doench, Ralph Moore, Bonnie Granat, and Lara Wysong for their constant help and support in the process of creating this work.

    We also thank Judy Lin, Joe Uniejewski, Whitfield Diffie, Li Gong, John Crupi, Danny Malks, Deepak Alur, Radia Perlman, Glenn Brunette, Bill Hamilton, and Shaheen Nasirudheen for their initial feedback and for sharing their best thoughts and advice.

    Numerous others furnished us with in-depth reviews of the book and supported us with their invaluable expertise. Without their assistance, this book would not have become a reality. Our gratitude extends to Seth Proctor, Anne Anderson, Tommy Szeto, Dwight Hare, Eve Maler, Sang Shin, Sameer Tyagi, Rafat Alvi, Tejash Shah, Robert Skoczylas, Matthew MacLeod, Bruce Chapman, Tom Duell, Annie Kuo, Reid Williams, Frank Hurley, Jason Miller, Aprameya Puduthonse, Michael Howard, Tao Huang, and Sen Zhang.

    We are indebted to our friends at Sun Microsystems, RSA Security, VeriSign, Microsoft, Oracle, Agilent Technologies, JPMorganChase, FortMoon Consulting, AC Technology, Advanced Biometric Controls, and the U. S. Treasury’s Pay.Gov project for all their direct and indirect support and encouragement.

    Chris Steel

    I wish to thank all of the many people who contributed to my effort. First, I would like to thank the individuals that directly contributed content to my work.

    • Frank Hurley, who single-handedly wrote Chapter 2 and who contributed a lot of material and references to the discussion of security fundamentals. Without Frank, I would have missed a lot of the security basics.

    • Aprameya Paduthonse, who contributed several patterns across the Web and Business tiers. He also reviewed several chapters and was able to add content and fill in a lot of gaps quickly. Without Aprameya, I would have been even further behind schedule.

    • Jason Miller, who contributed vast amounts of knowledge about the Web tier and who was responsible for the technical details about how the Web-tier patterns fit together. His understanding of Struts and Web tier frameworks is unsurpassed.

    I also wish to express my deepest gratitude to our many reviewers. Their time and dedication to reviewing the book is what has kept this book on track.

    In particular, my thanks go to Robert Skoczylas, whose thorough reviews and many suggestions to the chapters about Web tier and Business tier patterns have made my work much more cohesive and understandable. I have not had a better reviewer than Robert.

    Ramesh Nagappan

    Security has been one of my favorite subjects ever since I started working at Sun Microsystems. Although I worked mostly on Java distributed computing, I had plenty of opportunities to experiment with security technologies. With my passion for writing, a book on security has always been one of my goals, and now it has become a reality with the completion of this mammoth project.

    It is always fun to have a look back and recall the genesis of this book: It was Sun’s JavaSmart Day—Developer’s conference in Boston (September 16, 2002), and after presenting to a huge audience on Web services security, Chris and I came out, tired and hungry. We sat down at The Cheesecake Factory, and while we refreshed ourselves, we came up with the idea of writing an applied security book for Java developers that would allow us to share our best kept secrets, tips, and techniques we’d been hiding up our sleeves. Over the course of the next few days, we created the proposal for this book. Greg Doench at Prentice Hall readily accepted our proposal, but Chris and I had a tough time keeping pace with the schedule. At one point, Greg asked me “Will the manuscript be ready before the Red Sox win the World Series—again?” Because Chris and I wanted to cover additional relevant topics in the book, it soon became an effort of much greater scope than initially planned. After a few months of increasing the scope of the book, Chris and I decided to invite Ray Lai to contribute to this book. That’s how our writing journey began. During the course of writing, it’s been great fun having a midnight conference call to discuss and share our thoughts and resolve issues. After more than two years of work on this book, I’m actually a bit surprised that it’s done. It’s a great feeling to see it turn out much beyond our thoughts as we envisioned back at The Cheesecake Factory.

    First, I would like to thank and recognize the people who have directly or indirectly influenced me by providing me with opportunities to learn and to gain experience in working with security technologies. I would not have been able to gain the expertise necessary for the writing of this book without those opportunities. Thus, my thanks are extended to:

    • Gary Lippert, Dave DiMillo, Li Gong, and Chris Steel, for giving me the opportunity to work with Java security technologies and J2EE application security projects.

    • Sunil Mathew and William Olsen, for introducing me to real-world Web services projects and providing me with opportunities to test-drive my Web services security prototypes.

    • Doug Bunting, for having introduced me to participation in Web services standards initiatives, particularly the OASIS WS-CAF and WS-Security working groups.

    • Wayne Ashworth and Dan Fisher for giving me access to the world of Smart Cards and opportunities to work on Smart Card application prototypes.

    • Art Sands, Chris Sands, Tuomo Lampinen, Jeff Groves, and Travis Hatmaker for allowing me to play with Biometric technologies and for providing opportunities to work on biometrics integration with Sun Identity Management products.

    • Luc Wijns, Charles Andres, Sujeet Vasudevan for all the trust and confidence on my expertise and giving me a opportunity to prototype the Java Card-based Identity Management solution for a prestigious national ID project.

    Second, I was fortunate enough to have an excellent team of reviewers whose insightful comments and suggestions considerably increased the quality of my work.

    My sincere thanks go to Glenn Brunette, Shaheen Nasirudeen, Tommy Szeto, Sang Shin, Robert Skoczylas, Tejash Shah, Eve Maler, Rafat Alvi, Sameer Tyagi, Bruce Chapman, Tom Duell, Annie Kuo, and Reid Williams for all the excellent review comments that I incorporated into the chapters.

    My special thanks go to Patric Chang and Matthew MacLeod for all their encouragement and recognition during my work on this book.

    Finally, the largest share of credit goes to my loving wife Joyce, my son Roger, my little girl Kaitlyn ‘Minmini,’ and my parents for all their love, inspiration, and endless support. Only through their love and support was I able to accomplish this goal.

    Ray Lai

    I want to give thanks to God, who answered my prayer to complete this book, and to my family, who waited for me every night and weekend while I was writing.

    I would like to also express thanks to the following individuals for their support:

    • Dr. Glen Reece, Kumar Swaminathan, and Samir Patel for their management and moral support.

    • Rafat Alvi, Glenn Brunette, Dwight Hare, Eve Maler, and Seth Procter, for their critical and honest review to ensure technical accuracy of the manuscript.

    • Anne Anderson, for her critical review and suggestions for Chapter 7.