Book Review: Zend Framework 1.8 Application Development
Its necessary to use a framework to collaborate with developers and also its useful to speed up development process. Zend Framework is one of the most popular PHP framework which consists of extendable tools and libraries. “Zend Framework 1.8 Application Development” covers Zend Frameworks basics and advanced usage of the framework.
Some Php and Object Oriented Programming knowledge is necessary to fully understand and benefit the book. Contents of the book is:
Preface
Chapter 1: Creating a Basic MVC Application
Chapter 2: The Zend Framework MVC Architecture
Chapter 3: Storefront Basic Setup
Chapter 4: Storefront Models
Chapter 5: Implementing the Catalog
Chapter 6: Implementing User Accounts
Chapter 7: The Shopping Cart
Chapter 8: Authentication and Authorization
Chapter 9: The Administration Area
Chapter 10: Storefront Roundup
Chapter 11: Storefront Optimization
Chapter 12: Testing the Storefront
Appendix: Installing Supporting Software
Index
Also, you can download the free chapter which is “Chapter 7 The Shopping Cart“.
The good part is, examples are enough to understand and follow and explained in detail.
The bad part is current zend framework is at 1.9.6 however, the book discusses zf 1.8 which is enough to understand basics of the framework. Also, I was expecting to see integration of third party tools like doctrine, smarty and jquery … etc. which strengths the Zend Framework.
I’d say suggest this book for someone who wants to start development with ZF.
Security in Java EE Part 1
Object Oriented application development provides developers to divide application into different layers such as database layer, business layer, presentation layer … etc. Multi layer application development approach provides easy to develop and maintain large scale projects. However, this approach addresses one of the most important issue, security.
Java EE consists of components ejb, web, web services, application clients … etc. Each of these components can be deployed into different containers or same container. Security is handled by the containers; a container provides programming or declarative security. Programming security is embedded control mechanism that is used when declarative security is insufficient. Declarative security defines applications security configuration out of the application via configuration files. Also, annotations define set of security rules by class files.
Java provides some security implementation mechanisms like;
- JAAS: Java Authorization and Authentication Service consists of APIs to enable authorization and access control against to agents (user, account, service … )
- Java GSS: Java Generic Security Services consists of APIs to enable securely exchange messages between applications.
- JCE: Java Cryptography Extension provides framework implementations for encryption, key generation, key agreement and (MAC) Message Authentication Code algorithms.
- JSSE: Java Secure Socket Extension provides implementation for a Java version of SSL and TLS protocols.
- SASL: Simple Authentication and Security Layer a protocol for authentication and optional establishment of a security layer between client and server applications.
Reference:
http://java.sun.com/j2se/1.5.0/docs/guide/security/