This book is little more than an API guide, and it isn't a very good one at that.

It should have provided a broad view of Java security issues both for the programmer and the end user. Instead, it's only useful to people who can't read documentation.

I just got my copy of "Securing Java" from Amazon.com, and it seems like it's what this O'Reilly book should have been. Go get that instead!!!!