PacktLib: GlassFish Security

GlassFish Security

Credits

About the Author

About the Reviewers

Preface

Java EE Security Model

Overview of Java EE architecture

Understanding a typical Java EE application

Accessing protected resource inside a Web module

Understanding the EJB modules

Understanding the application client module

Declaring security roles in Application level

Summary

GlassFish Security Realms

Security realms

GlassFish security realms

Adding a custom authentication method to GlassFish

Summary

Designing and Developing Secure Java EE Applications

Understanding the sample application

Analyzing sample application business logic

Implementing the Business and Persistence layers

Developing the Presentation layer

Deploying the application client module in the Application Client Container

Summary

Securing GlassFish Environment

Securing a host operating system

Estimating security risks: Auditing

Summary

Securing GlassFish

Administrating GlassFish

Securing different network listeners

Hosting multiple domains using one IP

Sharing security context between different applications using SSO

Summary

Introducing OpenDS: Open Source Directory Service

Storing hierarchical information: Directory services

Introducing OpenDS

Installing and administrating OpenDS

Administrating and managing OpenDS

Embedding OpenDS

Replicating Directory Information Tree (DIT)

Summary

OpenSSO, the Single sign-on Solution

What is SSO

What is OpenSSO

Authentication chaining

Securing our applications using OpenSSO

Summary

Securing Java EE Applications using OpenSSO

Understanding Policy Agents

Installing J2EE Agent 3.0 for GlassFish

Summary

Securing Web Services by OpenSSO

Java EE and Web Services security

Understanding Web Services security

Developing secure Web Services

Downloading and installing Web Services security agents

Securing the Echo Web Service

Summary