Securing JSF Applications Against the OWASP Top Ten (PDF, 266 kB)
Presented at ApachCon US 2006, OWASP 2007, and JSFOne 2008
Watch the video from OWASP 2007
Controlling Page Sequencing with an Event-Driven State Machine
CFDJ article circa 2004. JSF now does this better, and Spring Webflow *much* better.
Comprehensive ColdFusion MX for Programmers (PDF, 809 kB)
Five day training course I wrote in 2000 and updated in 2003. Lots of good system Web app design & security stuff in later chapters that’s not language-dependent.
Running a Perfect Web Site (Que, 1995)
Sorry, can’t resist putting this up here. It’s so out of date it’s not even funny, but it made the best-sellers list in “the day.” If you learned the Web from this book, I’d like to hear from you. Kindly drop me a line at [this blog name] at gmail.com with “book” in the subject and let me know what you’re doing now (hopefully, not garbage collection).
All articles above are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. To attribute the work to me, simply include “Licensed from David M. Chandler” and a link to this page. And, of course, I’d like to hear from you, though it’s not required (unless you want to license under some other terms).