121. Securing Java Web Applications
Version 7.0

Classroom Setup Guide

System Requirements

Hardware Requirements (Minimum) Core i5, 1.8 GHz, 4 gig RAM, 1 gig disk space.
Hardware Requirements (Recommended) Core i5, 2.5 GHz GHz, 8 gig RAM, 1 gig disk space.
Operating System Tested on Windows 7 and 8, Mac OS 10.8. Most exercises are fully portable over operating systems, web servers, and major web browsers. The demonstration of HTTPS-configuration in Chapter 5 focuses on Internet Explorer 10 and Tomcat 8, with brief notes on configuration for other browsers. Browsers continue to evolve rapidly -- especially where security is concerned -- and other configurations desired in the classroom should be tested by the instructor prior to class time.
Network and Security Limited privileges required -- please see our standard security requirements.
Software Requirements All free downloadable tools.

Setting Up Tools and Environment

Course software will require the following tools to be set up on student and instructor machines. Capstone Courseware provides tool setup instructions on the Web - the URL is given for each required package.

The Java Platform, Standard Edition (Java SE) JDK, version 7:


The Java SE 7 API documentation:


Crimson text editor, version 3.70:


For Mac users especially, we recommend installing the Chrome web browser, in order better to see the "before picture" for many web-hack demonstrations and lab exercises.


This course includes support for Eclipse Luna for Java EE Developers. Use the following link to download and install Eclipse, and unzip the downloaded archive anywhere on the local machine (even c:\ is fine, as this will put the tool at c:\eclipse).


Installing Lab Software

Download the lab archive:


For Windows systems, unzip this archive to the c:\ root — or to another location if necessary, but note that other locations will require some adjustment of the lab environment at the beginning of class.

For Mac, Linux, and other UNIX systems, unzip to the student's $HOME directory, or to any preferred location.