Rating: 
Summary: Required reading for anyone planning to use the Java SA
Review: This book provides comprehensive coverage of the Java Security Architecture. As with all good security books, this one begins with an introduction to the fundamentals of computer and network security. For those new to Java security, there is also brief intro to security of the Java language and platform. The book quickly gets into the details of the new Security Architecture, with a detailed description of what is there, why it is there and how to use it. Sections on deploying and customizing the SA are of practical use to anyone in this situation. The book also contains a concise and useful discussion of object security and how to go about getting it. There is a detailed discussion of the Java Cryptography Architecture, a must if you plan on using the cryptographic functionality. The book concludes with a thought-provoking section on future directions. This book stands out because of the insightful discussions on why design decisions were made and the implications of these decisions. This makes the book interesting reading even if you aren't going to implement the SA in the immediate future. If you are planning on implementing the SA, don't do it without this book within grabbing distance.
Rating: 
Summary: Simple coverage
Review: This uninspired coverage of the Security API is a real disappointment considering that it comes from Sun. The Security API is not trivial and the 150 pages that cover Security API classes are not sufficient to provide the in-depth analysis needed to understand and manipulate the API. This book is a good overview of the Security API. There are some good general security discussions, and some historical perspectives on why the API is designed the way it is. I read this book after reading the O'Reilly security book which is much more thorough.
| 
