In this chapter we have discussed only authentication and access control, but there’s a lot more to web application security. You also need to ensure that no one listening on the network can read the data. In addition, you need to consider ways to verify that the data has not been modified. The common terms for these concepts (also used in the Servlet 2.2 specification) are confidentiality and data privacy for the first, and integrity checking for the second.

On an intranet, users can usually be trusted not to use network listeners to get to data they shouldn’t see. But on the Internet, you can make no assumptions. If you provide access to sensitive data, you have to make sure it’s protected appropriately. Network security is a huge subject area, and clearly not within the scope of this book. Therefore I will touch on only the most common way to take care of both confidentiality and integrity checking: the Secure Socket Layer (SSL) protocol.

SSL is a protocol based on public key cryptography: it relies on a public key and a private key pair. Messages sent by someone, or something (such as a server), are encoded using the private key, and can be decoded by the receiver only by using the corresponding public key. Besides confidentiality and integrity checking, public key cryptography also provides the means for very secure authentication: if a message can be decoded with a certain public key, you know it was encoded with the corresponding private key. ...