As a registered member of SearchAppSecurity.com, you're entitled to a complimentary copy of Chapter 15 of JavaServer Faces The Complete Reference written by Chris Schalk, Ed Burns and James Holmes and published by McGraw-Hill Osborne Media.
This chapter, "Securing JavaServer Faces Applications," introduces some high-level security concepts and then reviews the fundamentals of the security features provided by the Java EE Platform Web tier.
Ideal for the 3 million-plus Java developers, this fast-paced tutorial offers in-depth coverage of JavaServer Faces (JSF) -- Sun Microsystem's Web application architecture for the future. Co-written by the #1 JSF experts in the Java community, this book offers the most complete resource on JSF available. The book has extensive coverage on JSF custom component development. It serves as a thorough introduction to Ajax technology and techniques. And it has numerous custom JSF component examples, including Ajax-enabled components.
>> Buy the book
Dig Deeper on Topics Archive
Five drawbacks to choosing JSF as your web application framework
Asynchronously invoking a second managed bean method in JavaSever Faces (JSF)
Advanced JSF Tutorial: The single page interface (SPI) with Facelets, Ajax and HTML5