Java Development for Secure Systems Certification Training

Live Online & Classroom Certification Training

This course is for you if you want to secure your Java application using the Java security API. The course has an in depth coverage of concepts like JAAS, Cryptography, permissions and policies and privileged actions.

(4.7) 148 Learners
Instructed by SPRINGPEOPLE

No Public/Open-house class on the topic scheduled at the moment!

Course Description


Java Development for Secure Systems training teaches attendees the broad range of Java security challenges and how to successfully remedy them. This course starts with basic concepts of code security - what the Java SE runtime does to protect the system from Java code and Java code from other Java code - and good secure-coding practices. It then takes students through exercises in basic cryptography skills using the appropriate Java API. Finally it moves on to enterprise software and the issues related to component-based architectures such as Web applications EJBs and Java messaging components.


At the end of Java Development for Secure Systems training course, the participants will be able to:

  • Understand how the Java language and standard-platform architecture solve many low-level security problems for all Java code.n
  • Design and implement security policies for Java applications, servers and components.

Duration - 3 Days


Solid Java programming experience is assumed - both structured and object-oriented techniques. knowledge of Core Java and Some knowledge of Java EE architecture and development is also required

Course Curriculum

Expand All
  • Holistic Security Practices
  • Threats to the User
  • The Class Loader and Bytecode Verifier
  • System Classes and the Core API
  • SecurityManager and AccessController
  • Permissions
  • Implication
  • CodeSources
  • Policies
  • Configuring Java SE Security
  • Dynamic Policies
  • Privileged Actions
  • Encryption and Digital Signature
  • Keystores
  • Keys and Certificates
  • Certificate Authorities
  • The KeyStore API
  • Signing JARs
  • Signed CodeSources
  • Additional Policy Semantics
  • Code Injection
  • Final Classes and Methods
  • Singletons, Factories, and Flyweights
  • Methods, Collections, and Data Hiding
  • Sealing JARs
  • Code Obfuscation
  • Object Serialization
  • Threats to Identity and Privacy
  • The Java Cryptography Extensions
  • The Signature Class
  • SignedObjects
  • The Java Cryptography Extensions
  • SecretKeys and KeyGenerator
  • The Cipher Class
  • Dangerous Practices
  • HTTP and JSSE
  • Pluggable Authentication Logic
  • JAAS
  • Packages and Interfaces
  • Subjects and Principals
  • ANDs and ORs
  • Impersonation Methods
  • Permissions for JAAS Use
  • LoginContext and LoginModule
  • Configuring JAAS
  • CallbackHandler and Callbacks
  • Implementing a JAAS Client
  • Implementing a LoginModule
  • Java EE Servers as Code Hosts
  • Tomcat Security Configuration
  • Declaring Roles
  • Securing URLs
  • HTTP Authentication Schemes
  • Securing EJBs
  • Programmatic Security
  • JAAS in Java EE
  • Realms and LoginModules
  • JAAS in Tomcat
  • JACC
  • Certifying a Java EE Application
  • HTTPS Configuration
  • Presentation-Tier Vulnerabilities
  • User Accounts
  • MVC and Security
  • Validating User Input
  • SQL Injection
  • Cross-Site Scripting
  • Reflected XSS
  • Defeating XSS
  • Penetration Testing
  • Error Handling and Information Leakage
  • Logging and Auditing


SpringPeople works with top industry experts to identify the leading certification bodies on different technologies - which are well respected in the industry and globally accepted as clear evidence of a professional’s “proven” expertise in the technology. As such, these certification are a high value-add to the CVs and can give a massive boost to professionals in their career/professional growth.

Our certification courses are fully aligned to these high-profile certification exams; at the end of the course, participants will have detailed knowledge, be eligible and be fully ready take up these certification exams and pass with flying colours.



SpringPeople Corporate Learning Center

Job Trends

About the Instructor

Founded in 2009, SpringPeople is a global premier eLearning marketplace for Online Live, Instructor-led classes in the region. It is a certified training delivery partner of leading technology creators, namely Pivotal, Elastic, Lightbend, EMC, VMware, MuleSoft, RSA, and... Read More

Course Rating and Reviews


Average Rating
5 Stars
4 Stars
3 Stars
2 Stars
1 Star

SPRINGPEOPLE SpringPeople Trainer


Course Material:
Class Experience:
The trainer was pretty new to the training and the class was not helpful. Not at all recommended. Failed to satisfy my requirements

SPRINGPEOPLE SpringPeople Trainer

Satheesh Viswanathan

Course Material:
Class Experience:
As the course focuses more towards the certification, the difficulty level of the labs & exercises could have been increased.

SPRINGPEOPLE SpringPeople Trainer

Deepak Kodigepalli

Course Material:
Class Experience:
Wifi connectivity was a bit slow and were experiencing intermittent disconnects

This class is intended for participants with some prior exposure to the technology and are now looking to build up their expertise on the topic.

On successful completion of the course, participants will be eligible to sit of the related certification exam (see course overview). All participants receive a course completion certificate, demonstrating their expertise on the subject.

Total duration of the online, live instructor led sessions. Sessions are typically delivered as short lectures (2-hrs weekdays/3-hrs weekends) and detailed hands-on guidance.

Expected offline lab work hours that participants will need to complete and submit to the trainer, during and after the instructor-led online sessions.

  1. We are happy to refund full fee paid - no questions asked - should you feel that the training is not up to your expectations.
  2. Our dedicated team of expert training enablement advisors are available on email, phone and chat to assist you with your queries.
  3. All courseware, including session recordings, will always be available to access to you for future reference and rework.

Contact Us

+91-80-6567-9700 (BLR)

Schedule a Call

Related Courses

Recently Viewed