0% found this document useful (0 votes)

34 views

Download full The Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More 1st Edition Arjan Tijms ebook all chapters

ebook

Uploaded by

otvosrotash

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

34 views

Download full The Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More 1st Edition Arjan Tijms ebook all chapters

ebook

Uploaded by

otvosrotash

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 49

Full download ebooks at https://ebookmeta.

com

The Definitive Guide to Security in Jakarta EE:

Securing Java-based Enterprise Applications
with Jakarta Security, Authorization,
Authentication and More 1st Edition Arjan Tijms
For dowload this book click link below
https://ebookmeta.com/product/the-definitive-guide-to-
security-in-jakarta-ee-securing-java-based-enterprise-
applications-with-jakarta-security-authorization-
authentication-and-more-1st-edition-arjan-tijms/

OR CLICK BUTTON

DOWLOAD NOW
More products digital (pdf, epub, mobi) instant
download maybe you interests ...

The Definitive Guide to Security in Jakarta EE:

Securing Java-based Enterprise Applications with
Jakarta Security, Authorization, Authentication and
More 1st Edition Arjan Tijms
https://ebookmeta.com/product/the-definitive-guide-to-security-
in-jakarta-ee-securing-java-based-enterprise-applications-with-
jakarta-security-authorization-authentication-and-more-1st-
edition-arjan-tijms-2/

The Definitive Guide to Jakarta Faces in Jakarta EE 10:

Building Java-Based Enterprise Web Applications, 2nd
Edition Bauke Scholtz

https://ebookmeta.com/product/the-definitive-guide-to-jakarta-
faces-in-jakarta-ee-10-building-java-based-enterprise-web-
applications-2nd-edition-bauke-scholtz-2/

The Definitive Guide to Jakarta Faces in Jakarta EE 10:

Building Java-Based Enterprise Web Applications 2nd
Edition Bauke Scholtz

Pro Jakarta Persistence in Jakarta EE 10: An In-Depth

Guide to Persistence in Enterprise Java Development
Jungmann

https://ebookmeta.com/product/pro-jakarta-persistence-in-jakarta-
ee-10-an-in-depth-guide-to-persistence-in-enterprise-java-
development-jungmann/
Java EE to Jakarta EE 10 Recipes: A Problem-Solution
Approach for Enterprise Java 3rd Edition Josh Juneau

https://ebookmeta.com/product/java-ee-to-jakarta-ee-10-recipes-a-
problem-solution-approach-for-enterprise-java-3rd-edition-josh-
juneau/

Introducing Jakarta EE CDI: Contexts and Dependency

Injection for Enterprise Java Development 1st Edition
Luqman Saeed

https://ebookmeta.com/product/introducing-jakarta-ee-cdi-
contexts-and-dependency-injection-for-enterprise-java-
development-1st-edition-luqman-saeed/

Beginning Cloud Native Development with MicroProfile,

Jakarta EE, and Kubernetes: Java DevOps for Building
and Deploying Microservices-based Applications 1st
Edition Tarun Telang
https://ebookmeta.com/product/beginning-cloud-native-development-
with-microprofile-jakarta-ee-and-kubernetes-java-devops-for-
building-and-deploying-microservices-based-applications-1st-
edition-tarun-telang/

Jakarta EE Recipes 1st Edition Josh Juneau

https://ebookmeta.com/product/jakarta-ee-recipes-1st-edition-
josh-juneau/

Cryptography and Cryptanalysis in Java: Creating and

Programming Advanced Algorithms with Java SE 17 LTS and
Jakarta EE 10 1st Edition Stefania Loredana Nita

https://ebookmeta.com/product/cryptography-and-cryptanalysis-in-
java-creating-and-programming-advanced-algorithms-with-java-
se-17-lts-and-jakarta-ee-10-1st-edition-stefania-loredana-nita-2/
The Definitive Guide to
Security in Jakarta EE
Securing Java-based Enterprise
Applications with Jakarta Security,
Authorization, Authentication
and More

Arjan Tijms
Teo Bais
Werner Keil
The Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise
Applications with Jakarta Security, Authorization, Authentication and More
Arjan Tijms Teo Bais
AMSTERDAM, Noord-Holland, The Netherlands Utrecht, Utrecht, The Netherlands

Werner Keil
Bad Homburg vdH, Hessen, Germany

ISBN-13 (pbk): 978-1-4842-7944-1 ISBN-13 (electronic): 978-1-4842-7945-8

https://doi.org/10.1007/978-1-4842-7945-8

Copyright © 2022 by Arjan Tijms, Teo Bais, and Werner Keil

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the
material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now
known or hereafter developed.
Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with
every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an
editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the
trademark.
The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not
identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to
proprietary rights.
While the advice and information in this book are believed to be true and accurate at the date of publication,
neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or
omissions that may be made. The publisher makes no warranty, express or implied, with respect to the
material contained herein.
Managing Director, Apress Media LLC: Welmoed Spahr
Acquisitions Editor: Steve Anglin
Development Editor: Laura Berendson
Coordinating Editor: Mark Powers
Cover designed by eStudioCalamar
Cover image by Vincent Law on Unsplash (www.unsplash.com)
Distributed to the book trade worldwide by Apress Media, LLC, 1 New York Plaza, New York, NY 10004,
U.S.A. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail [email protected], or visit www.
springeronline.com. Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science
+ Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation.
For information on translations, please e-mail [email protected]; for reprint,
paperback, or audio rights, please e-mail [email protected].
Apress titles may be purchased in bulk for academic, corporate, or promotional use. eBook versions and
licenses are also available for most titles. For more information, reference our Print and eBook Bulk Sales
web page at http://www.apress.com/bulk-sales.
Any source code or other supplementary material referenced by the author in this book is available to
readers on GitHub (www.github.com). For more detailed information, please visit http://www.apress.com/
source-code.
Printed on acid-free paper
Table of Contents
About the Authors��xv

About the Technical Reviewer��xvii

Chapter 1: Security
History�� 1
The Beginning�� 1
Enter Jakarta EE�� 3
Enter Jakarta Authorization�� 5
Enter Jakarta Authentication�� 6
Foreshadowing Shiro Part I - IL DRBAC�� 8
Enter Spring Security�� 11
Where is Jakarta Authentication? Enter JAuth�� 18
Foreshadowing Shiro Part II - JSecurity�� 19
Jakarta Authentication - Edging closer�� 22
Jakarta Authentication - Finally in Jakarta EE�� 28
Enter OmniSecurity�� 29
Enter Jakarta Security�� 36

Chapter 2: Jakarta
EE Foundations�� 41
Physical Security�� 41
Technological Security�� 42
Application Security�� 42
OS Security�� 43
Network Security�� 43
Policies and Procedures�� 43
Key Principles of Security�� 44

iii
Table of Contents

Features of a Security Mechanism�� 45

Distributed Multitiered Applications�� 46
Single-Tier vs. Multitiered Applications�� 46
The Jakarta EE Approach�� 47
Security in Jakarta EE�� 48
Simple Application Security Walkthrough�� 49
Looking Ahead�� 53
Authentication�� 53
Something You Know�� 54
Something You Have�� 54
Something You Are�� 54
Latest Trends in Authentication Methods�� 55
Authentication Examples in Practice�� 56
Authorization�� 58
Access Control Lists�� 59
Access Control Models�� 60
RBAC (Role-Based Access Control)�� 63
Benefits of RBAC�� 63
RBAC – Key Principles�� 64
RBAC in Jakarta EE�� 65
Digital Certificates�� 67
What Is a Digital Certificate�� 68
Introduction to TLS�� 68
Who Can Issue Certificates?�� 70
Looking Ahead�� 72
Authentication Mechanisms�� 73
What Is an Authentication Mechanism?�� 73
What Does an Authentication Mechanism Specify?�� 74
Jakarta EE Authentication Mechanisms�� 74

iv
Table of Contents

Identity Stores�� 82
What Is an Identity Store?�� 83
What Is the Purpose of an Identity Store?�� 83
Identity Store and Jakarta EE�� 83
Looking Ahead�� 90

Chapter 3: Jakarta
Authentication�� 91
What Is Jakarta Authentication?�� 91
Jakarta Authentication in Jakarta EE�� 93
The Authentication Mechanism�� 97
The Basic Authentication Mechanism�� 98
The Form Authentication Mechanism�� 99
Jakarta Authentication’s ServerAuthModule�� 102
Example ServerAuthModule�� 106
Example ServerAuthModule – GlassFish�� 112
Example ServerAuthModule – Tomcat�� 113
Example ServerAuthModule – Basic�� 114
Example ServerAuthModule – Basic with Container Identity Store�� 121
Obtaining Key Stores and Trust Stores�� 125
Semi-auto Register Session�� 130
Creating a Session�� 130
Continuing a Session�� 131
Using a Custom Principal�� 133
Wrapping the Request and Response�� 137
The Message Policy�� 140
The AuthConfigProvider�� 141
Case Study – Implementation-Specific Identity Stores�� 147
Tomcat�� 149
Jetty�� 152
Undertow�� 156
JBoss EAP/WildFly�� 158

v
Table of Contents

Resin�� 163
GlassFish�� 167
Open Liberty�� 174
WebLogic�� 177

Chapter 4: Jakarta
Authorization�� 179
What Is Jakarta Authorization?�� 179
Jakarta Authorization in Jakarta EE�� 180
Java SE Types Used�� 184
java.security.CodeSource�� 184
java.security.ProtectionDomain�� 184
java.security.Policy�� 185
java.security.PermissionCollection�� 185
The Authorization Module�� 185
PolicyConfigurationFactory�� 186
PolicyConfiguration�� 188
Policy�� 202
Transforming Security Constraints to Permissions�� 213
Authorization Queries�� 216
Get All Users Roles�� 217
Has Access�� 220
Role Mapping�� 221
Alternative Mappings�� 223

Chapter 5: Jakarta
Security�� 227
What Is Jakarta Security?�� 227
Jakarta Security in Jakarta EE�� 228
The HttpAuthenticationMechanism�� 230
Example HttpAuthenticationMechanism�� 233
Example IdentityStore�� 240
Security Flow�� 245

vi
Table of Contents

Default Authentication Mechanisms�� 260

The Basic Authentication Mechanism�� 262
The Form Authentication Mechanism�� 264
The Custom Form Authentication Mechanism�� 268
Default Identity Stores�� 281
The Database Identity Store�� 283
The LDAP Identity Store�� 285
Identity Stores Using Application Services�� 285
Authentication Mechanism Interceptors�� 286
Auto Apply Session�� 286
Remember Me�� 288
Activating Remember-Me Service�� 289
Logging Out�� 293
Custom Principals�� 294
Jakarta Security and Tomcat�� 301
Simplified Custom Authorization Rules�� 305
Dynamically Adding an Interceptor to a Built-in CDI Bean�� 315

Chapter 6: Java
SE Underpinnings�� 319
Java Authentication and Authorization Service (JAAS)�� 319
Common Classes�� 320
JAAS Authentication�� 323
JAAS Authorization�� 333
Introduction to Cryptography�� 339
Key Concepts in Cryptography�� 340
Two Basic Encryption Methods�� 340
Symmetric Encryption�� 340
Asymmetric Encryption�� 342
Symmetric vs. Asymmetric Encryption�� 343

vii
Table of Contents

X.509 Digital Certificates�� 343

Key Features of an X.509 Certificate�� 344
Common Applications of X.509�� 344
Key Pairs and Signatures�� 345
Certificate File Name Extensions�� 345
Certificate Chains�� 347
Anatomy of an X.509 Certificate�� 350
JCE Providers�� 361
The Need for JCE Providers�� 362
Available JCE Providers�� 363
How to Install a JCE Provider�� 366
How JCE Providers Work�� 368
Bouncy Castle�� 373
Key Generation and Key Agreement (Public Key Infrastructure (PKI)) and Message
Authentication Code�� 380
How PKI Works�� 380
Key Generation�� 381
Elliptic Curve Cryptography�� 384
Key Agreement�� 387
Message Authentication Codes�� 390
PKI Conclusions�� 393
TLS in Java and TLS 1.3�� 394
What Is TLS�� 394
Why TLS Is Important�� 394
Benefits of TLS 1.3�� 395
How TLS Works�� 396
TLS Protocol Details�� 397
TLS in Java�� 401
Takeaways on TLS�� 406
Java SE Underpinnings Outro�� 406

viii
Table of Contents

References�� 406
Appendix A. Commonly Used AuthPermissions in JAAS�� 408
Appendix B. Supported Algorithms Provided by SunJCE (Bundled JCE Provider)�� 409
Appendix C. Supported Algorithms by Bouncy Castle�� 410

Chapter 7: Jakarta
EE Implementations�� 413
Overview�� 413
Specification Usage�� 413
Contribution Activity�� 418
Implementation Usage�� 421
Implementation Components�� 426
GlassFish�� 428
Authentication�� 428
Exousia�� 434
Soteria�� 444
Example Configuration�� 449
WildFly�� 452
Authentication�� 452
Authorization�� 455
Security�� 457
Open Liberty/WebSphere Liberty�� 457
User Registry�� 458
LTPA keys�� 459
REST API Access Roles�� 459
Jakarta EE Security Packages Used�� 460
Develop Dependent Features�� 461
Example Application�� 461
Tomcat/TomEE�� 466
Authentication�� 466
Authorization�� 470
Security�� 473

ix
Table of Contents

Chapter 8: MicroProfile
JWT�� 475
What Is JWT?�� 475
Use Cases�� 475
Why Do We Need JWT?�� 476
How Does It Work?�� 479
JWT Structure�� 481
Header�� 481
Payload�� 483
“iss” (Issuer) Claim�� 483
“sub” (Subject) Claim�� 484
“aud” (Audience) Claim�� 484
“exp” (Expiration Time) Claim�� 484
“nbf” (Not Before) Claim�� 484
“iat” (Issued At) Claim�� 484
“jti” (JWT ID) Claim�� 485
Signature�� 485
The Trouble with HS256�� 485
Obtaining the Public Key�� 487
MicroProfile in Relation to Jakarta EE�� 487
MP-JWT As an Authentication Mechanism for Jakarta EE�� 490
Why Do We Need MicroProfile JWT?�� 490
Using JWT Bearer Tokens to Protect Services�� 502
Mapping MP-JWT Tokens to Jakarta EE Container APIs�� 503
CDI Injection Requirements�� 503
Jakarta REST Container API Integration�� 509
jakarta.ws.rs.core.SecurityContext.getUserPrincipal()�� 509
jakarta.ws.rs.core.SecurityContext#isUserInRole(String)�� 509
Using Jakarta Annotations�� 509
Other Jakarta EE Integration�� 509
Jakarta Servlet�� 511

x
Table of Contents

Example Application�� 511

Role Handling�� 515
Running the Tests�� 518
Future Improvements�� 518
Conclusion�� 518

Appendix A: Spring Security�� 521

What Is Spring Security?�� 521
Brief History�� 521
Overview�� 522
Concepts�� 522
Spring Security Reactive�� 532
Example Application�� 534
Servlet�� 534
Reactive�� 536
Comparison to Jakarta EE Security�� 538

Appendix B: Apache Shiro�� 541

What Is Shiro?�� 541
Brief History�� 541
Overview�� 542
Subject�� 542
SecurityManager�� 542
Realm�� 543
Features�� 543
Primary Features�� 544
Comparison to JAAS�� 550
Using Shiro with Jakarta EE�� 551
Servlets�� 551
Remember Me�� 554
Behavior on Session Expiration�� 555

xi
Table of Contents

Synchronous POST Without Remember Me�� 555

Synchronous POST with Remember Me�� 556
Asynchronous POST Without Remember Me�� 556
Asynchronous POST with Remember Me�� 556
Using a JSF Form�� 556
Programmatic Login�� 558
Programmatic Logout�� 562
Make Shiro JSF Ajax Aware�� 563
Configuring JDBC Realm�� 565
JPA Model and EJB Service�� 567
Register User�� 570
Hashing the Password�� 573
Using Shiro with Spring�� 574
Spring Security�� 574
Outlook�� 576

Appendix C: Identity Management�� 577

Java Identity API�� 577
A Very Brief History�� 577
Why Was It Needed?�� 578
Overview of Java Identity API�� 578
Usage of the Identity API�� 581
Lessons Learned from the Identity API�� 584
Keycloak�� 584
What Is Keycloak?�� 584
Brief History�� 584
Overview of Keycloak�� 585
Using Keycloak with Jakarta EE�� 598
Using Keycloak with Spring�� 609

xii
Table of Contents

Shibboleth�� 616
What Is Shibboleth?�� 616
Origin of the Term�� 616
Brief History�� 616
Overview of Shibboleth�� 617
Using Shibboleth with Jakarta EE�� 619
Summary�� 626

Index�� 627

xiii
About the Authors
Arjan Tijms was a JSF (JSR 372) and Security API (JSR 375) EG member and is currently
project lead for a number of Jakarta projects including Jakarta Security, Authentication,
Authorization, and Faces and Expression Language. He is the cocreator of the popular
OmniFaces library for JSF that was a 2015 Duke’s Choice Award winner and has
coauthored two books: The Definitive Guide to JSF in Java EE 8 and Pro CDI 2 in Java
EE 8. Arjan holds an MSc degree in computer science from the University of Leiden,
the Netherlands. He has been involved with Jakarta EE Security since around 2010, has
created a set of tests that most well-known vendors have used (IBM, Oracle, Red Hat)
to improve their offerings, was part of the JSR 375 (EE Security) EG, and has been the
main architect of the security API and its initial RI implementation Soteria. Arjan has
also written and certified the MicroProfile JWT implementation for Payara. He has been
mentored by Sun’s (later Oracle’s) security expert Ron Monzillo. He has written a large
series of blog posts about EE Security that have attracted a lot of views. As such, writing a
book about Jakarta EE Security is very natural to him.

Teo Bais is a software development manager, Scrum master, and programmer who
contributes to the prosperity of the (software) community in several ways. He is the
founder and leader of Utrecht Java User Group, which counts over 2600 members and
has hosted over 45 events and amazing speakers (James Gosling, Uncle Bob, and over 20
Java Champions, among others), and is running three programs: Devoxx4kids, Speaker
Incubator, and uJCP. Teo served JSR-385 (JSR of the Year 2019) as an EG member and
was nominated as JCP Participant of the Year in 2019. Teo Bais enjoys sharing his
knowledge as a public speaker to help others achieve their goals in career and life.

Werner Keil is a cloud architect, Eclipse RCP, and Microservices expert for a large
bank. He helps Global 500 Enterprises across industries and leading IT vendors. He
worked for over 30 years as IT manager, PM, coach, SW architect, and consultant for
the finance, mobile, media, transport, and public sectors. Werner develops enterprise
systems using Java, Java/Jakarta EE, Oracle, IBM, Spring or Microsoft technologies,
JavaScript, Node.js, Angular, and dynamic or functional languages. Werner is Committer

xv
Another random document with
no related content on Scribd:
“Course,” decided Ted. “He can’t walk. But you don’t have to hear
him sing if you don’t want to, or he can sit beside you if you don’t
want to hold him. Only don’t let him fall.”
“I’s goin’ to sing,” declared Baby William, and he began on the tenth
or maybe the fifteenth verse. Sometimes he put the first and last
verses together and made an entirely new one, so one never could
tell when the song ended except when Trouble stopped singing.
“Oh, well, you can sing, and you can sit on the seat next to me,”
said Jimmie. “I’m much obliged for the ride.”
“You’re an advertisement like a newspaper,” explained Janet.
“And I think he ought to sort of holler out like, and say what a fine
ride he was havin’ so’s more would come,” went on Ted. “We’ve got
to make money somehow.”
“I’ll holler,” promised Jimmie.
So, as he rode in the goat wagon, with Trouble on the seat beside
him, while Teddy drove and Janet tried to look as if she had
collected her first fare, Jimmie called out:
“Come on and ride, everybody! It’s great! A penny for a little ride, a
nickel for a bigger! Come on! Come on! Come on and ride!”
His shouts, the painted sign on Nicknack, the voice of Trouble
singing his queer song now and then, and Jan and Ted walking
beside the goat wagon drew the attention of the few people they
passed on the country road.
But none of them seemed to want a ride, and at the few houses
they passed, though some children came to the gates and looked
very much as though they would like to ride, they shook their heads,
for they had no money—not even a penny.
“Well, I’m havin’ lots of fun,” said Jimmie, after a while. “But maybe
I’d better——”
Just then Nicknack saw a bunch of green grass beside the road he
thought he would like to chew. He made a sudden jump for it, and
so quickly that Jimmie toppled off the seat backward and fell with a
“ker-thump” on the grass beside the road.
“Whoa!” called Ted.
“Look out for Trouble!” exclaimed Jan.
Baby William, too, had tumbled off the seat when Jimmie had fallen,
but Trouble only rolled to the bottom of the wagon, and there he
stayed, on his back, his eyes wide open looking up at the sky.
“Are you hurt, Baby?” asked Jan, anxiously.
“Nope,” answered Trouble. “Did de goat runned away?”
“No, he only gave a jump and Jimmie fell out,” answered Ted. “Are
you hurt, Jimmie?” he asked the other boy.
“Nope! Not a bit, Teddy! I’m used to tumbles like that. The grass is
as soft as a haystack. But I guess I’ve had enough ride. I’ve got to
go to the store for my mother. Good-bye!” and he ran off down the
road. “Thanks!” he called back, over his shoulder, almost forgetting
this part of it. “I had a dandy ride, and I wish I had some money to
give you.”
“Oh, that’s all right,” answered Ted, putting Trouble up on the seat
again.
And he and Jan walked on beside Nicknack, hoping someone with
even a penny would hail them and ask for a ride.
When the wagon came to the house in which Mary Seaton lived, she
was out in the front yard.
“Oh, Mary!” cried Jan, “don’t you want a ride?”
“Indeed I do!” answered the little girl. And out she ran and got in
the seat.
“Does I hab to sing for her?” asked Trouble.
“What does he mean by singin’?” asked Mary.
“Like dis,” explained Trouble. “I likes you, Mary, so I sings.” And he
started all over again at the first verse. Mary liked the song so much
that she had Trouble sing it all the way through. By this time she
had been given a ride quite a way down the road, and then as Ted
turned the goat around Mary seemed to notice, for the first time,
that Jan and Ted were walking.
“Why don’t you ride?” she asked. “There’s room.”
“Oh, we have had lots of rides,” explained Jan. “Besides you’re our
first regular passenger. You can give me your five cents now if you
want to.”
“My five cents?”
“Yes.”
“What for?”
“Your fare. Didn’t you see the sign?” and Jan pointed to the one on
Nicknack’s side.
“Oh! Why, I haven’t any money!” cried Mary. “I’ll have to get right
out! I thought you were asking me to ride as you often do.”
“We’re trying to make money for the Crippled Home,” explained
Janet. “But I guess we won’t take in much, Ted.”
“No. I guess not,” and her brother sadly shook his head.
“I’m goin’ to sing again!” announced Trouble. “You mus’ all lis-ten!”
CHAPTER XVIII
LOST IN THE WOODS

Janet and the others laughed when Baby William finished his funny
little song, Mary joining in, though she looked a bit ashamed when
she thought of having taken a ride without paying for it.
“But really I didn’t mean to,” she said. “I never read the sign on your
goat. I thought it was a new kind of summer blanket to keep off the
flies.”
“Oh well, it’s all right,” replied Janet kindly. “I guess maybe we can
get somebody else to ride and pay pennies.”
“I’ll ask my mother for some,” offered Mary.
“Oh, no! Don’t!” begged Janet. “It’s all right! We gave you the ride
for nothing, and it would be Indian-giving to take money now.”
“My mother’s going to do something for the Home when it has the
fair,” announced Mary.
“That’ll be nice,” remarked Ted slowly, but he was thinking of
something else. “I guess we’ll have to go away far off, where nobody
knows us, and give rides for five cents and a penny,” he added more
briskly.
“Go away off?” asked Janet wonderingly.
“Yes, off on some other road. Here we know everybody, and course
we were glad to give Mary and Jimmie rides, but that isn’t makin’
money,” went on Ted earnestly. “You see if we came to somebody
we didn’t know we wouldn’t mind askin’ ’em to pay, like the waffle
and lollypop man did us.”
“Oh, did you meet him?” asked Mary. “Isn’t he nice? He comes every
year, and he’s always the same. I like him!”
“We liked his waffles!” laughed Ted. “But what’ll we do, Jan?”
“I guess we’ll have to go a little farther from here to get money for
the Home,” agreed his sister. “And maybe folks what haven’t heard
Trouble’s song so often would give pennies to hear him sing.”
“Maybe,” said Teddy. He was not quite sure about it.
“Well, I’m much obliged for my ride,” put in Mary. “And I’ll give you
for the Home the first penny I get.”
“Thanks,” answered Jan. “Now we’ll ride ourselves;” and she got in
the seat when Mary got out, while Ted took his place in front and
then, Jan holding Trouble, away started the Curlytops once more to
see what they could do to help Hal and the other little lame boys
and girls by making the Home, where they spent so many sad
months, a little happier place.
Janet and Teddy were so deeply interested in getting to some
stretch of road where they were not known, so that they might ask
strange children to have goat rides, and charge for them, that they
never thought of sending word back to Cherry Farm that they were
going off farther than they usually did. They just drove Nicknack on
and on, away from the little village of Elmburg near which Grandpa
Martin lived, out past Clover Lake and on to a strange country road
that led through the woods.
“There’s a house and some children playing in the yard,” said Janet
as they came within sight of a large white farmhouse. “Let’s ask if
they don’t want a ride.”
The way in which two boys and three girls crowded to the fence as
the goat wagon drove up seemed to show that the children did want
a ride very much.
“Down the road and back for five cents,” explained Ted, as he
pointed to the sign on Nicknack’s side, while the goat ate grass. “Or
you can have a short ride for a penny.”
“I’ll go and ask my mother,” said the oldest girl. “Now don’t any of
you dare go outside the fence!” she warned the others—her smaller
brothers and sisters it seemed. “If you do a gobile might hit you.”
“What’s a gobile?” asked Janet.
“It’s what he calls an automobile,” explained the older girl, and she
pointed to a small boy about the size of Trouble.
She hurried into the house, the others, meanwhile, looking eagerly
through the fence palings at the goat and wagon. Jan and Ted had
gotten out, ready for business in case this family of boys and girls
wanted a ride.
“Maw gimme a quarter,” explained the girl when she came hurrying
back, “and she says will you give us all a ride down the road and
back and keep us out half an hour so she can git some rest.”
“All right,” said Janet. “We’ll give you a nice ride for twenty-five
cents. But will you let my little brother stay in the wagon with you?
He’s too small to walk and we can’t leave him.”
“Sure he can come,” said the girl, whose hair was almost red. “I’ll
hold him on my lap. I’m used to children.”
“If you hold him maybe he won’t sing,” Ted told her.
“Sing? Oh, I don’t mind singin’. I like it!” said the almost red-haired
girl with a laugh. “Our Babs sings lots, though we never can tell
what he’s sayin’,” and she pointed to the smallest child.
“I will not sing!” decided Trouble, with a little stamp of his foot. “I
will not sing ’less I wide on Nicknack’s back!”
“Well, you can’t do that,” stated Ted. “Get in now, everybody,” he
went on, “and we’ll give you a good ride.”
“Here’s your quarter,” said the girl, who was taller than Jan. “Better
take it ’fore I lose it. I’m always losin’ somethin’. Maw says I’d lose
my head if it wasn’t fast. Shouldn’t much mind though. I hate red
hair. Don’t you?” she asked Janet fiercely.
“Not when it’s the color yours is,” answered Ted’s sister. “I think it’s
lovely!”
“Oh, do you?” and the other girl, whose name was Maude, smiled
and seemed pleased. “I like curls best, like yours.”
“They’re too tangly,” announced Janet, shaking her head.
“Well, this is a start!” exclaimed Ted as his sister put in her pocket
the twenty-five cent piece—the first money they had earned for the
Home.
The Curlytops gave the Pratt children—that was the name of the
family—a good long ride down the road and back. They kept them
out over an hour, for when Ted would have driven back to the yard
to let off his passengers Jan whispered to him to keep on so Mrs.
Pratt could have her half-hour rest. It was very hard to tell whether
a half-hour or fifteen minutes or an hour had gone by.
Trouble, too, got over his fit of sulks and sang his funny song, much
to the delight of Maude and her brothers and sisters. Babs, the Pratt
baby, also sang and he and Trouble gave a sort of duet which
sounded very strange, as each one tried to sing louder than the
other, and no one could tell what either said.
“I wish you’d come over to-morrow,” said Maude, when, at last, the
goat ride was over. “I think maw’ll give another quarter to be quiet.”
“We’ll see,” half-promised Jan. “We want to make all the money we
can as Grandpa Martin is poor, and he can’t give as much as he has
before to the Crippled Home. His crops failed.”
“All but cherries,” explained Ted. “He’s got bushels of them!”
“I wish we had,” said Maude. “I love cherries.”
Once more the Curlytops drove on down the road. It was not late
yet, and Ted wanted to see if he could not earn more money. They
passed several houses, some where there were children, but none of
them had any money to pay for rides. At one place, though, where a
little boy was playing with a nurse maid in the front yard they were
called to by the boy’s mother, who engaged Ted to drive the little
fellow up and down, with the nurse to hold him, and when the ride
was over, at which the little boy cried, the lady gave Janet fifty
cents.
“Oh, but it isn’t worth that much—not such a short ride,” Janet said.
“I’m giving the money to the Home,” said the lady softly. “I had
another little boy—once. I haven’t him now,” and she took up the
small lad whom the nurse was holding and pressed him closely in
her arms.
“Whew! what a lot of money we have!” cried Ted, as he turned
Nicknack toward Cherry Farm a little later. “Seventy-five cents! You’d
better tie it in your handkerchief, Jan, and then tie the handkerchief
on your neck so you won’t lose it.”
“Can’t tie my handkerchief on my neck. It’s too little. But I’ll put it in
my pocket—it’ll be all right there;” and this she did.
They were now on the road that led through the woods, and they
were talking so earnestly about how surprised those at home would
be over the seventy-five cents, and Trouble was singing his Mother
Goose song so loudly, that none of them—especially Jan and Ted—
noticed when Nicknack left the main road and turned into a side
path that led beneath the trees.
It was not until the wagon got clear off even the side path and
nearly upset, because the goat pulled it over a big tree root, that
Ted called: “Whoa!” and looked about him.
“Why! Why!” he exclaimed. “Where are we?”
“In the woods,” answered Janet calmly.
“I know—yes. But what woods? We didn’t come here before.”
“Maybe it’s a short cut to Cherry Farm,” said his sister.
Ted looked all about him. He could see nothing in the woods that he
had ever seen before, not a house or a barn was in sight.
“Janet,” he said, and he spoke in a whisper, half afraid Trouble would
hear and be frightened, “Jan, we—we’re lost!”
“Lost? In these woods?”
“Yep! We’re lost!” and Ted got down out of the wagon and tied
Nicknack to a tree.
CHAPTER XIX
THE LOLLYPOP MAN

“What you doin’ that for?” asked Jan, as she saw her brother
knotting the rope that was fast to the goat’s horns: “What you
making it so tight for?”
“So Nicknack won’t walk off. I don’t want him to be any more lost
than he is.”
“Really are we lost, Ted?”
“Don’t you guess so?”
Jan looked about among the trees. It did seem as though they were
a great way from Cherry Farm. They could see no houses or barns.
There was no sign of a regular road, such as the one on which
carriages and automobiles were wont to pass. And it was very still
and quiet in the woods. It was getting dark, too!
“What—what are we goin’ to do?” asked Janet.
Though she was used to looking after her brother, and doing things
for him, even if he was a year older than herself, still now she turned
to him for comfort. She wanted to know what he was going to do.
“Don’t you know the way back home?” asked Janet, anxiously.
Ted shook his head slowly.
“Nope,” he answered. “Do you?”
Janet shook her head, sadly this time.
“You playin’ a game?” asked Trouble. “I want to play, too. I’s twired
ob singin’!”
“I should think you would be!” exclaimed Janet, putting her arms
around him as he sat in the goat wagon. “Oh, Trouble! If we
shouldn’t ever get back home again!”
“I want to be home now! I’s hungry!” cried Baby William.
Ted and Jan looked at one another. This was one bad thing about
being lost—the getting hungry part. Of course there were other bad
parts, too—such as being out alone in the dark, not having a nice
bed in which to cover up to go to sleep.
“Course, leaves are all right to sleep in when you’re camping,” said
Teddy. “But we’re not camping now.”
This was after he and Jan had looked about in the woods hoping to
find a path that would take them back to the main road that led to
Cherry Farm.
But they had not found the path. Nicknack had wandered far into
the woods just as it pleased him to go, and he had not kept track of
the way he had come. Before Jan or Ted had noticed him he had
strayed very far from the path. Now he could not find it again.
Nicknack was not like a dog or a cat which could find its way home
again, sometimes when it had gone miles and miles away.
“I’s hungry!” announced Trouble again. “I want some tookies!”
“What’ll we do?” asked Janet. “We haven’t any to give him.”
“Dat’s in my Muvver Hubbard song, about her dog an’ ze bone!”
wailed Trouble. “But I don’t want ze bones—I want ze tookies!”
“I wish I had one for you, Trouble, dear,” said Jan. “But there isn’t a
one left.” She looked in a little box under the seat, a box Grandpa
Martin had made for the children to use as a sort of lunch basket.
They often put pieces of cake or some cookies in it, or even
sandwiches which their mother or Grandma Martin made for them, if
they were to go on a long ride. But now only a few cookie crumbs in
a paper bag were all Janet found.
“I wants more!” cried Trouble, when he had hungrily eaten these. “I
wants more!”
“Ted, we’ll just have to find the way home,” said his sister.
“I wish I could,” he answered slowly. “It wouldn’t be so bad if we
were campin’ out, for then we’d have somethin’ to eat. We are goin’
campin’ with grandpa some day,” he went on. “He said so—on Star
Island, maybe. But then we’ll have lots to eat, and we won’t mind if
we’re lost.”
“Well, I mind it now, and so does Trouble!” declared Jan. “Let’s look
again for the way home.”
They left Nicknack tied, and, holding the hands of Trouble, the two
Curlytops wandered about in the woods. They took care not to go
too far away from the goat wagon, for they did not want to lose
sight of that. Such a thing must never happen. The goat did not
seem worried. He nibbled bits of grass, leaves and ferns and then
knelt down and stretched out on his side and seemed to go to sleep.
“It must be gettin’ night,” said Jan in a whisper, as they came back,
not having found anything that looked like a path.
“It isn’t very dark,” answered Ted hopefully.
“No. But see, Nicknack’s going to bed.”
“Oh, well he often sleeps in the daytime,” went on her brother.
“Anyhow it’s dark because there’s so many trees in the woods. If we
could get out on the road it would be light.”
“But we can’t find our way out,” said Janet, and her voice shook a
little. “If we go too far we’ll get more lost than ever. Oh dear! I wish
we hadn’t come! I want mother and daddy and grandma and
grandpa. I want to go home!”
“Maybe they’ll come looking for us,” said Ted eagerly.
“They won’t know where to find us.”
“We can holler! Come on! Let’s do that!”
Jan and Ted made their voices sound as loudly as they could in calls
that echoed through the woods. Trouble, too, joined in, sometimes
singing his funny song.
“Here we are! Here we are!” cried Jan and Ted.
But, though they called and shouted no one seemed to hear them.
Every once in a while they would stop and listen, but they heard no
answer. The only noises were the country sounds—the fluttering of
the birds through the trees, with now and then a song from one of
the feathered creatures. The leaves blew in the wind, making a
rustling, and sometimes, when the bushes moved, Trouble would
hide behind Jan, for he was afraid.
“Oh, what shall we do?” asked Jan, half ready to cry, while it seemed
to grow darker in the woods. “We are truly lost, Ted, and what shall
we do? Look, Nicknack is fast asleep!”
The goat’s eyes were closed. He had eaten his supper and gone to
sleep. He was not worried about being lost. Any place was home to
him if his friends, the Curlytops, were there. But it was different with
the children.
“I’ll tell you what we’ll do,” said Ted, at length.
“What?” asked his sister.
“We’ll holler a little more, and then, if no one answers us, we’ll start
and go.”
“Where will we go to?”
“I don’t know. We’ll go any way at all. We’ll be sure to get
somewhere, and maybe somebody will find us and take us home.
Come on now, let’s all holler real loud.”
They got no answer, however; so presently Teddy awakened the
goat, the children got into the wagon and let Nicknack draw them
along through the wood. It was an uncomfortable, rough ride,
however, over tree roots and ruts, and after a while the children
stopped the goat and got out once more.
“Now, let’s holler again,” suggested Teddy.
“And you sing, Trouble,” begged Jan. “Sing real loud!”
“Don’t want to. I’se twired of singing!”
“Then cry. Maybe you’ll make more noise that way.”
And cry Trouble did, loudly wailing, while Jan and Ted shouted at the
tops of their voices and the bottoms too, as Ted said afterward.
“Hello! Hello! Hello!” they cried. “Hello!”
Hark! What was that? Some one answering? Surely yes!
Through the woods came a voice:
“Oh, ho! Oh, ho! I love a goat! Some day I will get me a goat! I will
feed him on lollypops and soap! Oh, ho for a goat! Oh, ho!”
Ted and Jan looked at one another. Then they both cried joyfully:
“The lollypop man! It’s the lollypop man!”
And so it was. Through the trees they saw his red wagon and white
horse going along what must have been a woodland road.
“Here we are! Here we are!” cried Jan.
“Over here!” added Ted. “We’re not lost any more! The lollypop man
has found us!”
CHAPTER XX
CHEWING CHERRY CANDY

“Well, well! What have we here?” asked Mr. Sam Sander, the hot
waffle and lollypop man, as he saw the rather tumbled-about and
frightened Curlytop children running toward him. “What’s it all
about?”
“We’re lost!” explained Jan.
“We were,” added her brother. “Not any more.”
“And I singed, I did,” put in Trouble. “Only I’s twired an’ I wants
dubby-dubby now.”
“He means he’s tired and hungry,” explained Jan.
“Well, well! This is too bad!” said the kind lollypop man. “How did it
happen?”
“Nicknack, our goat, lost us,” declared Ted. “He’s over there under
the trees. But we heard you singing and came to you.”
“And I’m glad you did,” said Mr. Sander. “I was singing because I’ve
sold most of my lollypops. But I have a few waffles left and you
hungry ones shall eat them. Oh, ho! I don’t love a goat if he loses
little children!” he sang. “I don’t love bad goats!”
“Oh, it wasn’t Nicknack’s fault,” said Jan earnestly. “We had him out,
giving rides to make money for the Home, and we got seventy-five
cents!”
Then as they ate the waffles, hot off the griddle, they told Mr.
Sander what had happened. He went back with them to get
Nicknack and led the goat to the waffle wagon. He was tied fast to
the rear end, and then the children, getting into the little house on
wheels, were soon driven back to Cherry Farm.
“Oh, where have you Curlytops been?” asked Mother Martin. “We
have all been so worried about you! And grandpa is just starting to
get some men to help find you.”
“The lollypop man found us,” said Jan. “We’re sorry, but we didn’t
mean to get lost. Oh, we had ever so many adventures!”
And she and Ted told them all, while Trouble fell asleep in his
mother’s arms as grandpa came back, glad he did not have to hunt
for the lost children. The lollypop man told how he happened to be
taking a short cut through the woods, or he never would have
passed the place where the Curlytops were lost in the woods. By a
mere chance he found them.
So everything came out all right you see, and when a few days later,
Jan and Ted gave the seventy-five cents to Hal to take to the Home,
the lame boy brought back a letter of thanks from the manager.
“We’re going to have the fair next week,” Hal said. “And right after
that Dr. Wade is going to make my foot all better.”
“Will you walk—different then?” asked Ted.
“Yes, I’ll walk just like you, I guess. But of course not at first. It’s got
to get well after the doctor does something to it. Will you come to
the fair?”
The Curlytops said they would, and Mother Martin promised to take
them. There were busy times at Cherry Farm, for the cakes were to
be baked as Grandma Martin had promised. Mother Martin made
some also. And what a crowd of people came to see the lame boys
and girls. They also came to buy the candy, cakes and other things
the people gave for the helpless ones.
“Are you making a lot of money?” asked Mother Martin of Mrs. Burr,
the woman who had charge of the fair.
“Not as much as we would like to,” she answered. “We hoped to
make enough to pay for having made the Home larger, but I fear we
shall not. We will need about a hundred dollars more, and I do not
see where we are to get it. Everyone has given all he can.”
“Grandpa Martin would give the hundred dollars if he could,” said
Jan who, with her mother, heard what was said. “But he lost lots of
his money.”
“I know, my dear,” replied Mrs. Burr with a smile. “Your grandfather
has always been kind and good to us. Perhaps next year he will be
able to help us more.”
There was a good time at the Home fair, even if not as much money
was made as was hoped for. The crippled children, many of whom
were given rides in the Curlytops’ goat wagon, were glad to see so
many visitors, and Hal took great pride in showing Jan and Ted
around the place, and explaining everything.
“I know lots about it,” he said, “’cause I’ve been here longest. But if
I get well I’ll have to go away and I’ll miss being here.”
“But you’ll be well,” said Jan. “Won’t that be fine!”
“Yes. But I wish everybody here would be well,” said Hal softly.
“Maybe they will when they get some new machines for making
crooked legs and feet straight.”
At one end of the long hall where the fair was being held, a booth,
or curtained-off place, had been set up for a Punch and Judy show.
This was to amuse the children who came with their parents, and
the little tots, as well as some of the older boys and girls, had
laughed at the funny way Mr. Punch whacked everyone with his
stick, and then cried, in his squeaky voice:
“That’s the way to do it! That’s the way I do it!”
The man giving the Punch and Judy show had gone through several
performances, as different crowds came and went, and now it was
time for another.
“Let’s go down again and listen to him,” said Janet to Hal and Ted,
as they stood talking together at the other end of the room. “I like
to hear the funny, squeaky voice of Mr. Punch.”
“So do I,” said Teddy.
“It’s like some of the fairy stories I like to read,” said Hal in a low
voice. “It comes out that way, lots of times.”
“How do you mean?” asked Janet.
“Oh, everybody gets whacked so much, and pounded and yelled at,
and then, after a while, they have it easy and the one that hits them
is sorry. That’s the way it is with Mr. Punch. He gets sorry after a
while.”
“He gets sorry after he’s scared a whole lot,” said Janet, who had
watched the little show twice. “Anybody can be good when they’re
scared.”
“Grandpa’s hired man was scared when Nicknack, our goat, got
loose the first day after we got him,” remarked Teddy.
“Was he afraid the goat would butt him?” asked Hal.
“No, I guess he was afraid Nicknack would get away and not come
back,” Teddy answered. “But come on! That Punch and Judy show is
going to start.”
Boys and girls, and some of the grown folks, were gathering at the
lower end of the hall, and behind the curtains could be seen
something moving. Down underneath was hidden the man who
made the queer little doll-images go through their funny capers,
moving about and seeming to speak. Though really, of course, it was
the man himself, hidden behind the curtain, doing the talking.
“Hello, everybody!” squeaked Mr. Punch, as he paraded across on
the tiny stage, and he shook his hands at the children (or at least he
seemed to be doing that) and all the children laughed while the
grown-ups smiled.
“I’m not afraid of anybody!” cried Mr. Punch, as he shook his stick.
“I’m not afraid even of Nicknack the goat!”
“Ha! Ha!” laughed Teddy and Janet, while Hal and some others
joined in. Everyone looked at the Curlytops.
“I’d like to have a ride on Nicknack,” went on Mr. Punch. “Oh, I’m not
afraid of him! I’ll show him how to do it!” and he banged his stick
down with a loud whack that made the children jump.
“How’d he know about our goat?” asked Janet in surprise.
“Oh, I guess somebody must have told him,” Hal said. “Once, when I
lived at home, they took me to a Punch and Judy show, and the man
who worked it made a lot of jokes about the boys and girls. I guess
their fathers and mothers told him to. It was lots of fun.”
Mr. Punch kept on talking and acting in a most funny and jolly way
and soon the roomful of children was laughing.
“Where’s Trouble?” suddenly asked Ted, looking at his sister, while
they were waiting for the next scene in the Punch and Judy show.
“He was here a minute ago,” she answered. “I guess he went back
to mother,” for Mrs. Martin was in the rear of the hall with some
other ladies.
Ted and Janet were wondering whether they had better not go and
look for their little brother when the curtain of the little Punch and
Judy theater opened and a real man, and not one of the doll-
images, looked out and said:
“Some one has taken the funny little bear I use in the next part of
the show. Has any little boy or girl been playing around my booth
and taken the bear?”
There was silence a moment, and then from the back of the hall up
piped the voice of Trouble, saying:
“I’se got it! I was goin’ to show him to my goat!”
Everybody laughed when Baby William came walking up with the toy
bear which had a part in the show. The little boy, wandering around
behind the curtain when no show was going on, had opened the
draperies and taken out the little bear. He gave it back to the man.
“Ah, now the show can go on,” said the man, as he pulled the
curtain over the stage. And when the laughter had stopped, and
everything was ready, the curtain was thrust aside once more and
Mr. Punch cried:
“That’s the way to do it! That’s the way I do it!”
And so the entertainment went on until the fair came to an end, and
the children went home, talking about what they had seen and
heard.
“It’s too bad they didn’t make all the money they wanted,” said
Grandpa Martin at Cherry Farm the following day. “I wish I had lots
of dollars, so I could give as much as I’d like. But with poor crops,
and the farm not paying well, I can’t—that’s all,” and he shook his
head sadly.
“When are you going to pick the cherries?” asked Ted. “They must
be ripe now.”
“They are, and ready to pick. I never saw so many! Why, I’ll have to
give them away I guess, to get rid of them. I never had such a crop.
There are bushels and bushels of them!”
“What—goats?” asked a voice behind the Curlytops, and, turning,
they saw the jolly lollypop man.
“What have you so much of?” he asked. He had left his red wagon
and white horse in the road, and had come up to the porch on which
the Curlytops were seated talking to grandpa.
“It’s cherries I have so many of, not goats,” was Mr. Martin’s answer.
“I have the biggest crop in years, and I don’t know where to sell
them.”
“Then I can tell you where, and you will get a good price for them,”
replied the lollypop man. “That’s what I came to see you about.”
“Do you come to buy my cherries?” asked Grandpa Martin.
“That’s what I do,” was the reply. “I don’t want them for myself
though, but for a man from whom I buy my lollypops. This man has
a big candy factory, and he is going to make a new kind of sweets
called ‘Chewing Cherry Candy.’ He has made a little for samples, and
it sells better, even, than my lollypops and waffles. I know, for I have
tried it.”
Ted and Jan were growing excited.
“To make this candy lots of cherries are needed. The manufacturer is
in the market for bushels and bushels of ’em, and so far hasn’t been
able to get half of what he wants. I told one of his men about the
big crop up here and especially about this grove on Cherry Farm,
and I’ve come now to buy up all I can. He’ll pay big and he’ll give
me a good commission and he’ll get plenty of the finest cherries in
the world, so everything is all right for everybody and the world is a
fine place.”
“Well, that certainly is good news!” cried Grandpa Martin. “Why, if I
can sell all my cherries I’ll have some money, no matter if the flood
did spoil most of my crops.”
“Oh, won’t that be great!” cried Ted in delight.
“And if you sell enough cherries you can give some money to the
Crippled Home, can’t you?” asked Janet, softly.
“I can and will, my dear,” said Grandpa Martin.
“Let’s go and look at the cherries,” said the lollypop man. “Hurray!”
Oh, what a lot of cherries there were! No wonder Grandpa Martin’s
place was called Cherry Farm! The trees in the grove bent down
their branches which were laden with red cherries and black. Some
were purple, and when the Curlytops ate them their faces and hands
were all stained.
“’Ist like we tipped over de ink bottle!” laughed Trouble, who was
given one or two cherries, not enough to make him ill, but enough
to color him.
Then there were some big white cherries, with red cheeks, and
Grandpa Martin called them “ox-hearts.” And when the Curlytops
asked him why, not seeing anything about them like an ox, they
were told the cherries had that name because of their large size.
“You have the finest crop of cherries of anyone around here!” said
the lollypop man when he had gone through the grove. “My friend,
the candy man, will buy all you want to sell, and pay you well. Then
you will have plenty of money.”
“I’ll sell all my wife doesn’t want to can, and all these little Curlytops
don’t want to eat,” laughed Grandpa Martin.
“Oh, how glad I am!” cried Jan. “Now grandpa can give some money
to Hal’s Crippled Home!”
And so Grandpa Martin could. His cherries sold for much more
money than ever before, being sent to the factory where the
Chewing Cherry Candy was made. And, a little later, the lollypop
man drove past the house with his red wagon and white horse and
called:
“Oh, ho! Oh, ho! I love a goat. Come see my white coat, and get
some cherry candy! Oh, ho! Oh, ho! Come get cherry candy!”
This the Curlytops did, and they said the new cherry chewing candy
was the best they had ever eaten. Perhaps it was because it had in it
some of Grandpa Martin’s cherries.
At any rate Grandpa Martin was given quite a sum of money for his
cherry crop, and he could afford to give the hundred dollars to the
Home for Crippled Children.
“Is Hal going to be cured?” asked Ted one day, after he, with Jan
and Trouble, had been for a ride with Nicknack.
“The doctor is going to try to cure him to-morrow,” said Mother
Martin. “We are to go over the day following and see how he is.”
And when they went, they found Hal sitting in an easy chair, his feet
and legs covered with blankets. He was very pale, but he smiled.
“Oh!” exclaimed Jan a bit sadly, “can’t you—walk?”
“He will soon walk better than ever,” said the nurse softly.
“And then you’ll see me chase after the Mosquito Dwarf and drive
him away from Princess Blue Eyes!” laughed Hal. “Just wait! I’ll run a
race with Nicknack soon.”
“But don’t get our goat too tired,” said Jan. “For we may want to
give the Princess Blue Eyes a ride.”
“That’s so!” laughed Hal. “We’ll ride her to her golden throne, down
by the ocean waves where the green palms grow, and then——”
He stopped and seemed to be looking away, past the white clouds
that were scudding across the blue sky.
“Then what?” asked Jan, for she thought it sounded like a story in
which one has stopped after telling halfway through.
“Then,” said Hal softly, “maybe the Princess Blue Eyes won’t need
me any more.”
“Oh, yes she will!” put in Ted. “There’s lots of mosquitoes left yet. I
feel ’em biting me!”
And a few weeks later Hal could walk as straight as anyone, though
he had to go slowly until his leg and foot fully healed. But he was
very happy, and so were many other boys and girls in the Home who
were cured and made more comfortable, because of the money
Grandpa Martin gave when he sold so many cherries.
Then followed many fine vacation days at Cherry Farm. I could not
begin to tell you all the Curlytops did if I had a book twice the size of
this one. But I can tell you about some of the things in another book
to be called “The Curlytops on Star Island; Or, Camping Out with
Grandpa.” In that you may read how Ted and Jan, to say nothing of
Trouble, went to the island in Clover Lake, and had many
adventures.
“Well, what shall we do to-day?” asked Ted of Jan, as they went out
on the porch one morning, about a week after Hal had been cured
and the chewing cherry candy made.
“Let’s go for a ride with Nicknack,” said Jan.
As they were going back to the stable where they kept their goat,
they heard some one calling:
“Stop it now! You stop it!”
“What’s that?” asked Janet.
“Sounds like Trouble,” answered Ted.
It was Trouble. Baby William had taken Nicknack’s rope, by which
the goat was tied to a stake just outside the barn, and this rope the
little fellow had made fast to a wheelbarrow. Trouble wanted to have
Nicknack pull him, but every time the goat straightened out the rope
the wheelbarrow would upset, and Trouble, who had climbed in to
get a ride, would be spilled out. But he fell on the soft grass and was
not hurt.
“Oh, Trouble! What are you doing?” cried Jan, as her little brother
tipped over for perhaps the fifth time, though of course Nicknack did
not mean to do it.
“Me goin’ to gib rides an’ make money to buy cherries—’cause
grandpa’s all goned,” was the answer. “Giddap, ole Nicknack!”
Nicknack, reaching for a choice bit of grass, overturned the
wheelbarrow again, and out popped the little boy.
“Oh, you dear bunch of Trouble!” cried Mother Martin, as she
laughingly ran to pick him up. “You are always doing something!”
And so he was. But, for that matter, so were the Curlytops. And,
leaving them to have more fun on Cherry Farm, we will say good-
bye.
THE CURLYTOPS SERIES
By HOWARD R. GARIS
12mo. Cloth. Illustrated. Jacket in full colors.
Price per volume, 50 cents. Postage 10 cents additional.

1. THE CURLYTOPS AT CHERRY FARM

or Vacation Days in the Country
A tale of happy vacation days on a
farm.

2. THE CURLYTOPS ON STAR ISLAND

or Camping Out with Grandpa
The Curlytops camp on Star Island.

3. THE CURLYTOPS SNOWED IN

or Grand Fun with Skates and Sleds
The Curlytops on lakes and hills.

4. THE CURLYTOPS AT UNCLE

FRANK’S RANCH
or Little Folks on Ponyback
Out West on their uncle’s ranch they
have a wonderful time.

5. THE CURLYTOPS AT SILVER LAKE

or On the Water with Uncle Ben
The Curlytops camp out on the
shores of a beautiful lake.

6. THE CURLYTOPS AND THEIR PETS

or Uncle Toby’s Strange Collection
An old uncle leaves them to care for
his collection of pets.
7. THE CURLYTOPS AND THEIR
PLAYMATES
or Jolly Times Through the Holidays
They have great times with their
collection of animals.

8. THE CURLYTOPS IN THE WOODS

or Fun at the Lumber Camp
Exciting times in the forest for
Curlytops.

9. THE CURLYTOPS AT SUNSET BEACH

or What Was Found in the Sand
The Curlytops have a fine time at the
seashore.

10. THE CURLYTOPS TOURING AROUND

or The Missing Photograph Albums
The Curlytops get in some moving
pictures.

11. THE CURLYTOPS IN A SUMMER

CAMP
or Animal Joe’s Menagerie
There is great excitement as some
mischievous monkeys break out of
Animal Joe’s Menagerie.

12. THE CURLYTOPS GROWING UP

or Winter Sports and Summer
Pleasures
The Curlytops are involved in the
loss of a book and how they recovered
it.
13. THE CURLYTOPS AT HAPPY HOUSE
or The Mystery of the Chinese Vase
The Curlytops explored and found
plenty of enjoyment.

14. THE CURLYTOPS AT THE CIRCUS

or The Runaway Elephant
The Curlytops have a grand time
finding the elephant.

These books may be purchased wherever books are sold.

Send for Our Free Illustrated Catalogue.

CUPPLES & LEON COMPANY, Publishers New York

The Teddy Books
by Howard R. Garis
In Teddy, Mr. Garis gives his readers a
sturdy, pleasant youngster of about ten
years who has an eye and ear for mystery.
You will like Teddy for his carefree youth, his
audacity and his ability to take every adventure as it
comes. Read these stories and follow Teddy through a
happy succession of laughter, adventure and unusual
mystery.
12mo. Cloth. Illustrated. Jacket in colors.
Price, per volume, 50 cents.
Postage 10 cents additional.

1. TEDDY AND THE MYSTERY DOG

Teddy decides to build a club-house with the aid of three
or four of his chums. Before it is finished a strange dog
appears through the bushes and leads the boys into many
strange adventures.

2. TEDDY AND THE MYSTERY MONKEY

Teddy goes off on a merry chase after Billo, a delightful
chimpanzee who likes bananas and the freedom of the
woods.

3. TEDDY AND THE MYSTERY CAT

Once again Ted and his love for animals leads him into
startling adventures—this time with a mystery cat whose
alarming actions keep the boys guessing a long time.

4. TEDDY AND THE MYSTERY PARROT

A strange man with gold rings in his ears and a bright red
bandana about his neck leaves a beautiful parrot, named
Peter, in Mrs. Traddle’s candy store, and then disappears.
Teddy and his friends take the parrot but lose him. Then
follows a merry hunt for the mystery parrot and its owner.
These books may be purchased wherever books are sold.
Send for Our Free Illustrated Catalogue.

CUPPLES & LEON COMPANY, Publishers New

York
BUDDY SERIES
By HOWARD R. GARIS
Author of the Famous “Curlytops Series”
12mo. Cloth. Illustrated.
With colored jacket.
Price 50 cents per volume.
Postage 10 cents additional.
The author presents a distinctly modern juvenile series of
stories for boys. Here we observe a really fascinating
character-study of an up-to-date young lad, whose
exceedingly energetic mind, and whose overflowing youth
and vitality, are constantly leading him into new and more
tangled situations, from which by wit, courage and luck,
he manages to extricate himself in safety.

1. BUDDY ON THE FARM

Or, A Boy and His Prize Pumpkin

2. BUDDY IN SCHOOL
Or, A Boy and His Dog

3. BUDDY AND HIS WINTER FUN

Or, A Boy in a Snow Camp

4. BUDDY AT RAINBOW LAKE

Or, A Boy and His Boat

5. BUDDY AND HIS CHUM

Or, A Boy’s Queer Search

6. BUDDY AT PINE BEACH

Or, A Boy on the Ocean

The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life
From Everand
The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good Life
Mark Manson
4/5 (6129)
Principles: Life and Work
From Everand
Principles: Life and Work
Ray Dalio
4/5 (627)
The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are
From Everand
The Gifts of Imperfection: Let Go of Who You Think You're Supposed to Be and Embrace Who You Are
Brene Brown
4/5 (1148)
Never Split the Difference: Negotiating As If Your Life Depended On It
From Everand
Never Split the Difference: Negotiating As If Your Life Depended On It
Chris Voss
4.5/5 (935)
The Glass Castle: A Memoir
From Everand
The Glass Castle: A Memoir
Jeannette Walls
4/5 (8215)
Grit: The Power of Passion and Perseverance
From Everand
Grit: The Power of Passion and Perseverance
Angela Duckworth
4/5 (631)
Sing, Unburied, Sing: A Novel
From Everand
Sing, Unburied, Sing: A Novel
Jesmyn Ward
4/5 (1253)
The Perks of Being a Wallflower
From Everand
The Perks of Being a Wallflower
Stephen Chbosky
4/5 (8365)
Shoe Dog: A Memoir by the Creator of Nike
From Everand
Shoe Dog: A Memoir by the Creator of Nike
Phil Knight
4.5/5 (860)
Her Body and Other Parties: Stories
From Everand
Her Body and Other Parties: Stories
Carmen Maria Machado
4/5 (877)
The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers
From Everand
The Hard Thing About Hard Things: Building a Business When There Are No Easy Answers
Ben Horowitz
4.5/5 (361)
Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race
From Everand
Hidden Figures: The American Dream and the Untold Story of the Black Women Mathematicians Who Helped Win the Space Race
Margot Lee Shetterly
4/5 (954)
Steve Jobs
From Everand
Steve Jobs
Walter Isaacson
4/5 (2923)
Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future
From Everand
Elon Musk: Tesla, SpaceX, and the Quest for a Fantastic Future
Ashlee Vance
4.5/5 (484)
The Emperor of All Maladies: A Biography of Cancer
From Everand
The Emperor of All Maladies: A Biography of Cancer
Siddhartha Mukherjee
4.5/5 (277)
A Man Called Ove: A Novel
From Everand
A Man Called Ove: A Novel
Fredrik Backman
4.5/5 (4972)
Angela's Ashes: A Memoir
From Everand
Angela's Ashes: A Memoir
Frank McCourt
4.5/5 (444)
Brooklyn: A Novel
From Everand
Brooklyn: A Novel
Colm Toibin
3.5/5 (2061)
The Art of Racing in the Rain: A Novel
From Everand
The Art of Racing in the Rain: A Novel
Garth Stein
4/5 (4281)
The Yellow House: A Memoir (2019 National Book Award Winner)
From Everand
The Yellow House: A Memoir (2019 National Book Award Winner)
Sarah M. Broom
4/5 (100)
The Little Book of Hygge: Danish Secrets to Happy Living
From Everand
The Little Book of Hygge: Danish Secrets to Happy Living
Meik Wiking
3.5/5 (447)
Yes Please
From Everand
Yes Please
Amy Poehler
4/5 (1987)
The World Is Flat 3.0: A Brief History of the Twenty-first Century
From Everand
The World Is Flat 3.0: A Brief History of the Twenty-first Century
Thomas L. Friedman
3.5/5 (2283)
Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America
From Everand
Devil in the Grove: Thurgood Marshall, the Groveland Boys, and the Dawn of a New America
Gilbert King
4.5/5 (278)
Bad Feminist: Essays
From Everand
Bad Feminist: Essays
Roxane Gay
4/5 (1068)
The Outsider: A Novel
From Everand
The Outsider: A Novel
Stephen King
4/5 (1993)
The Woman in Cabin 10
From Everand
The Woman in Cabin 10
Ruth Ware
3.5/5 (2641)
A Tree Grows in Brooklyn
From Everand
A Tree Grows in Brooklyn
Betty Smith
4.5/5 (1936)
The Sympathizer: A Novel (Pulitzer Prize for Fiction)
From Everand
The Sympathizer: A Novel (Pulitzer Prize for Fiction)
Viet Thanh Nguyen
4.5/5 (125)
A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story
From Everand
A Heartbreaking Work Of Staggering Genius: A Memoir Based on a True Story
Dave Eggers
3.5/5 (692)
Team of Rivals: The Political Genius of Abraham Lincoln
From Everand
Team of Rivals: The Political Genius of Abraham Lincoln
Doris Kearns Goodwin
4.5/5 (1912)
Wolf Hall: A Novel
From Everand
Wolf Hall: A Novel
Hilary Mantel
4/5 (4074)
On Fire: The (Burning) Case for a Green New Deal
From Everand
On Fire: The (Burning) Case for a Green New Deal
Naomi Klein
4/5 (75)
Fear: Trump in the White House
From Everand
Fear: Trump in the White House
Bob Woodward
3.5/5 (830)
Manhattan Beach: A Novel
From Everand
Manhattan Beach: A Novel
Jennifer Egan
3.5/5 (901)
Rise of ISIS: A Threat We Can't Ignore
From Everand
Rise of ISIS: A Threat We Can't Ignore
Jay Sekulow
3.5/5 (143)
John Adams
From Everand
John Adams
David McCullough
4.5/5 (2544)
The Light Between Oceans: A Novel
From Everand
The Light Between Oceans: A Novel
M L Stedman
4.5/5 (790)
Business Incubation Management System Documenation
No ratings yet
Business Incubation Management System Documenation
131 pages
APN-049 Process Bus - Circuit Breaker Position Feedback Via GOOSE
No ratings yet
APN-049 Process Bus - Circuit Breaker Position Feedback Via GOOSE
11 pages
The Unwinding: An Inner History of the New America
From Everand
The Unwinding: An Inner History of the New America
George Packer
4/5 (45)
Little Women
From Everand
Little Women
Louisa May Alcott
4/5 (105)
The Constant Gardener: A Novel
From Everand
The Constant Gardener: A Novel
John le Carré
3.5/5 (109)
Synopsis For Mini Project
No ratings yet
Synopsis For Mini Project
14 pages
Database Systems
No ratings yet
Database Systems
2 pages
CA Cutsheet MP Rotator EM
No ratings yet
CA Cutsheet MP Rotator EM
4 pages
Allegro Reactor
No ratings yet
Allegro Reactor
10 pages
User Guide
No ratings yet
User Guide
57 pages
202409 Hitachi Presentation for Indonesia (Company and Compressor)
No ratings yet
202409 Hitachi Presentation for Indonesia (Company and Compressor)
38 pages
York Comissioning Form
No ratings yet
York Comissioning Form
6 pages
Fivt Assignment-Lo-1 Time - 2 Hrs
No ratings yet
Fivt Assignment-Lo-1 Time - 2 Hrs
6 pages
Types of Rational Numbers
No ratings yet
Types of Rational Numbers
4 pages
The Various Media in The Age of Information POINTERS
100% (1)
The Various Media in The Age of Information POINTERS
6 pages
HPE Single Phase 1GB UPS Network Management Module User Guide-A00044618en - Us
No ratings yet
HPE Single Phase 1GB UPS Network Management Module User Guide-A00044618en - Us
143 pages
Complete Web Development Roadmap
No ratings yet
Complete Web Development Roadmap
1 page
Robotics Applicatin Areas
No ratings yet
Robotics Applicatin Areas
10 pages
Ed Paper June 2023
No ratings yet
Ed Paper June 2023
1 page
Ajax Load cell installation and Operating procedure for SLCM
No ratings yet
Ajax Load cell installation and Operating procedure for SLCM
14 pages
01 - Powera Spectra Infinity - Enhanced Wired Controller Xbox Manual - 2021 - 1644275191
No ratings yet
01 - Powera Spectra Infinity - Enhanced Wired Controller Xbox Manual - 2021 - 1644275191
4 pages
Network Science Meets Circuit Theory: Resistance Distance, Kirchhoff Index, and Foster's Theorems With Generalizations and Unification
No ratings yet
Network Science Meets Circuit Theory: Resistance Distance, Kirchhoff Index, and Foster's Theorems With Generalizations and Unification
14 pages
Graph 110 - Fall 2018 - Greg Kammer
No ratings yet
Graph 110 - Fall 2018 - Greg Kammer
3 pages
AIML Module - 03
No ratings yet
AIML Module - 03
34 pages
Steel Standards: ASTM A252 ASTM A500 CSA G40.21
No ratings yet
Steel Standards: ASTM A252 ASTM A500 CSA G40.21
1 page
Grade 10 P.E Lesson 2
No ratings yet
Grade 10 P.E Lesson 2
27 pages
J.L. Schafer - Analysis of Incomplete Multivariate Data-Chapman and Hall - CRC (1997)
No ratings yet
J.L. Schafer - Analysis of Incomplete Multivariate Data-Chapman and Hall - CRC (1997)
514 pages
Interaction Curves & Design of RCC Column3
No ratings yet
Interaction Curves & Design of RCC Column3
5 pages
FINAL II PU MATHEMATICS 2024-25
No ratings yet
FINAL II PU MATHEMATICS 2024-25
38 pages
CUCM BK C95ABA82 00 Admin-Guide-100 Chapter 01101011
No ratings yet
CUCM BK C95ABA82 00 Admin-Guide-100 Chapter 01101011
2 pages
Hitachi Unified Compute Platform RS For VMware Interoperability Matrix - 080320-B
No ratings yet
Hitachi Unified Compute Platform RS For VMware Interoperability Matrix - 080320-B
3 pages
Automatic Generation Control Using Artificial Neural Network Based Narma L
No ratings yet
Automatic Generation Control Using Artificial Neural Network Based Narma L
8 pages
JUNIPER Professional Services
No ratings yet
JUNIPER Professional Services
2 pages

Download full The Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More 1st Edition Arjan Tijms ebook all chapters

Uploaded by

Download full The Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More 1st Edition Arjan Tijms ebook all chapters

Uploaded by

Full download ebooks at https://ebookmeta.

The Definitive Guide to Security in Jakarta EE:

The Definitive Guide to Security in Jakarta EE:

The Definitive Guide to Jakarta Faces in Jakarta EE 10:

The Definitive Guide to Jakarta Faces in Jakarta EE 10:

Pro Jakarta Persistence in Jakarta EE 10: An In-Depth

Introducing Jakarta EE CDI: Contexts and Dependency

Beginning Cloud Native Development with MicroProfile,

Jakarta EE Recipes 1st Edition Josh Juneau

Cryptography and Cryptanalysis in Java: Creating and

ISBN-13 (pbk): 978-1-4842-7944-1 ISBN-13 (electronic): 978-1-4842-7945-8

Copyright © 2022 by Arjan Tijms, Teo Bais, and Werner Keil

About the Technical Reviewer�������������������������������������������������������������������������������xvii

Appendix A: Spring Security��������������������������������������������������������������������������������� 521

Appendix B: Apache Shiro������������������������������������������������������������������������������������ 541

Synchronous POST Without Remember Me������������������������������������������������������������������������� 555

Appendix C: Identity Management������������������������������������������������������������������������ 577

1. THE CURLYTOPS AT CHERRY FARM

2. THE CURLYTOPS ON STAR ISLAND

3. THE CURLYTOPS SNOWED IN

4. THE CURLYTOPS AT UNCLE

5. THE CURLYTOPS AT SILVER LAKE

6. THE CURLYTOPS AND THEIR PETS

8. THE CURLYTOPS IN THE WOODS

9. THE CURLYTOPS AT SUNSET BEACH

10. THE CURLYTOPS TOURING AROUND

11. THE CURLYTOPS IN A SUMMER

12. THE CURLYTOPS GROWING UP

14. THE CURLYTOPS AT THE CIRCUS

These books may be purchased wherever books are sold.

CUPPLES & LEON COMPANY, Publishers New York

1. TEDDY AND THE MYSTERY DOG

2. TEDDY AND THE MYSTERY MONKEY

3. TEDDY AND THE MYSTERY CAT

4. TEDDY AND THE MYSTERY PARROT

CUPPLES & LEON COMPANY, Publishers New

1. BUDDY ON THE FARM

3. BUDDY AND HIS WINTER FUN

4. BUDDY AT RAINBOW LAKE

5. BUDDY AND HIS CHUM

6. BUDDY AT PINE BEACH

You might also like

About the Technical Reviewer��xvii

Appendix A: Spring Security�� 521

Appendix B: Apache Shiro�� 541

Synchronous POST Without Remember Me�� 555

Appendix C: Identity Management�� 577