PacktLib: GlassFish Security

GlassFish Security


About the Author

About the Reviewers


Java EE Security Model

Overview of Java EE architecture

Understanding a typical Java EE application

Accessing protected resource inside a Web module

Understanding the EJB modules

Understanding the application client module

Declaring security roles in Application level


GlassFish Security Realms

Security realms

GlassFish security realms

Adding a custom authentication method to GlassFish


Designing and Developing Secure Java EE Applications

Understanding the sample application

Analyzing sample application business logic

Implementing the Business and Persistence layers

Developing the Presentation layer

Deploying the application client module in the Application Client Container


Securing GlassFish Environment

Securing a host operating system

Estimating security risks: Auditing


Securing GlassFish

Administrating GlassFish

Securing different network listeners

Hosting multiple domains using one IP

Sharing security context between different applications using SSO


Introducing OpenDS: Open Source Directory Service

Storing hierarchical information: Directory services

Introducing OpenDS

Installing and administrating OpenDS

Administrating and managing OpenDS

Embedding OpenDS

Replicating Directory Information Tree (DIT)


OpenSSO, the Single sign-on Solution

What is SSO

What is OpenSSO

Authentication chaining

Securing our applications using OpenSSO


Securing Java EE Applications using OpenSSO

Understanding Policy Agents

Installing J2EE Agent 3.0 for GlassFish


Securing Web Services by OpenSSO

Java EE and Web Services security

Understanding Web Services security

Developing secure Web Services

Downloading and installing Web Services security agents

Securing the Echo Web Service