In this chapter, we put our security patterns, best practices, and strategies to the test. We began by looking at a real-world scenario. We derived the requirements and then we systematically put our new-found skills to use, creating a secure Web portal application. It wasn't easy, but we made it through. You now have some experience in architecting, designing, and implementing a secure Web portal application. We also understand how and when to apply the core security patterns in traditional J2EE Web applications as well as Web services. We have also been introduced to using the Security Disciplines in the software development life cycle described in Chapter 8, "The Alchemy of Security Design: Methodology, Patterns, and Reality Checks." These disciplines define activities that need to take place within the software development process to ensure that security is baked, monitored, and kept up-to-date within the system throughout its lifetime. |