CARVIEW

MOTORHOMES

Select Language

HTTP/2 302 server: nginx date: Mon, 13 Oct 2025 07:40:10 GMT content-type: text/plain; charset=utf-8 content-length: 0 x-archive-redirect-reason: found capture at 20121009080454 location: https://web.archive.org/web/20121009080454/https://www.packtpub.com/glassfish-security/book server-timing: captures_list;dur=0.881154, exclusion.robots;dur=0.030920, exclusion.robots.policy;dur=0.013676, esindex;dur=0.017054, cdx.remote;dur=230.293687, LoadShardBlock;dur=1070.259139, PetaboxLoader3.datanode;dur=490.393337, PetaboxLoader3.resolve;dur=242.300723 x-app-server: wwwb-app225 x-ts: 302 x-tr: 1389 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 set-cookie: wb-p-SERVER=wwwb-app225; path=/ x-location: All x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() HTTP/2 200 server: nginx date: Mon, 13 Oct 2025 07:40:12 GMT content-type: text/html; charset=utf-8 x-archive-orig-server: Apache x-archive-orig-x-powered-by: PHP/5.3.6 x-archive-orig-expires: Sun, 19 Nov 1978 05:00:00 GMT x-archive-orig-cache-control: store, no-cache, must-revalidate, post-check=0, pre-check=0 x-archive-orig-x-packt-clean: 1 x-archive-orig-x-cache-version: 1 x-archive-orig-date: Tue, 09 Oct 2012 08:04:58 GMT x-archive-orig-x-varnish: 457090595 x-archive-orig-age: 0 x-archive-orig-via: 1.1 varnish x-archive-orig-connection: close x-archive-orig-x-packt-v: 0 x-archive-orig-x-country-code: US x-archive-guessed-content-type: text/html x-archive-guessed-charset: utf-8 memento-datetime: Tue, 09 Oct 2012 08:04:54 GMT link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate", ; rel="first memento"; datetime="Mon, 11 Apr 2011 18:10:02 GMT", ; rel="prev memento"; datetime="Sat, 30 Jun 2012 12:55:44 GMT", ; rel="memento"; datetime="Tue, 09 Oct 2012 08:04:54 GMT", ; rel="next memento"; datetime="Thu, 11 Oct 2012 16:54:12 GMT", ; rel="last memento"; datetime="Sat, 14 Jan 2017 10:09:18 GMT" content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org x-archive-src: WPO-20121009070847-crawl435/WPO-20121009075418-08321.warc.gz server-timing: captures_list;dur=0.950053, exclusion.robots;dur=0.033457, exclusion.robots.policy;dur=0.015110, esindex;dur=0.019874, cdx.remote;dur=138.984192, LoadShardBlock;dur=571.596593, PetaboxLoader3.datanode;dur=479.217090, PetaboxLoader3.resolve;dur=515.898265, load_resource;dur=547.172777 x-app-server: wwwb-app225 x-ts: 200 x-tr: 1479 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 x-location: All x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() content-encoding: gzip GlassFish Security | Packt Publishing

Special eBook Offer:
Buy any two eBooks together and get 50% off.
View Best-Selling Bundles

My Account | Newsletters | User Groups | Contact | About Us

GlassFish Security

Masoud Kalali

Jump to: Overview | Reviews | The Author | Sample Chapters

Click here to view more images

eBook: $26.99
Formats: PDF, PacktLib, ePub and Mobi formats

$22.94
save 15%!

Print + free eBook + free PacktLib access to the book: $71.98

$40.49
save 44%!

Free Shipping! UK, US, Europe and selected countries in Asia.

Also available on:

Overview

Table of Contents

The Author

Reviews

Downloads

Secure your GlassFish installation and J2EE applications
Develop secure Java EE applications including Web, EJB, and Application Client modules
Secure web services using GlassFish and OpenSSO web service security features
Support SSL in GlassFish including Mutual Authentication and Certificate Realm with this practical guide

Book Details

Language : English
Paperback : 296 pages [ 235mm x 191mm ]
Release Date : May 2010
ISBN : 1847199380
ISBN 13 : 9781847199386
Author(s) : Masoud Kalali
Topics and Technologies : All Books, Security and Testing, Java, Open Source, Web Services

Preface
Chapter 1: Java EE Security Model
Chapter 2: GlassFish Security Realms
Chapter 3: Designing and Developing Secure Java EE Applications
Chapter 4: Securing GlassFish Environment
Chapter 5: Securing GlassFish
Chapter 6: Introducing OpenDS: Open Source Directory Service
Chapter 7: OpenSSO, the Single sign-on Solution
Chapter 8: Securing Java EE Applications using OpenSSO
Chapter 9: Securing Web Services by OpenSSO
Index

Preface

Chapter 1: Java EE Security Model
- Overview of Java EE architecture
- Understanding a typical Java EE application
- Accessing protected resource inside a Web module
  - Deployment descriptors
  - Understanding Java EE security terms
  - Defining constraints on resources
  - Authenticating and authorizing users
    - Adding authentication to a web application
    - Authorizing using deployment descriptor
  - Managing session information
  - Adding transport security
  - Using programmatic security in web applications
  - Using security annotations
- Understanding the EJB modules
  - Securing EJB modules using annotations
  - Mapping roles to principals and groups
  - Accessing the security context programmatically
  - Using EJB interceptors for auditing and security purposes
  - Enforcing authentication in EJB modules
- Understanding the application client module
- Declaring security roles in Application level
- Summary

Chapter 2: GlassFish Security Realms
- Security realms
  - Authenticating using security realms
  - Reusing security assets
- GlassFish security realms
  - Administrating security realms
  - Creating a file realm
  - Creating the JDBC realm
  - Using the LDAP realm to secure web applications
    - Downloading and installing OpenDS 2.2
    - Creating the LDAP realm
  - Creating the certificate realm
    - Public key cryptography
    - Digital signature
    - Key stores and trust stores
    - Managing certificates
  - Creating the Solaris realm
  - Developing custom realms
    - Developing the custom realm
    - Installing and configuring
- Adding a custom authentication method to GlassFish
- Summary

Chapter 3: Designing and Developing Secure Java EE Applications
- Understanding the sample application
- Analyzing sample application business logic
- Implementing the Business and Persistence layers
  - Implementing the Persistence layer
- Developing the Presentation layer
  - Implementing the Conversion GUI
    - Implementing the Converter servlet
    - Implementing the authentication frontend
    - Configuring deployment descriptors
    - Specifying the security realm
- Deploying the application client module in the Application Client Container
  - Configuring Application Client Container security
- Summary

Chapter 4: Securing GlassFish Environment
- Securing a host operating system
  - Defining security at the OS level
    - Creating the installation directory
    - Creating the GlassFish user
    - Logging in as a GlassFish user
    - Restricting access to the filesystem
    - Restricting access to network interfaces
    - Restricting access to ports
    - Enforcing storage usage limitation
  - Implementing restrictions in the application server level
    - Securing the Java Runtime environment from unprivileged access
    - Implementing the policy manager
    - Securing the GlassFish using security manager
    - Alternative container policy providers
- Estimating security risks: Auditing
  - Enabling the default auditing module
  - Developing custom auditing modules
- Summary

Chapter 5: Securing GlassFish
- Administrating GlassFish
  - Using CLI for administration tasks
    - Implementing security in CLI
- Securing different network listeners
  - Securing HTTP listeners
  - Securing ORB listeners
  - Securing JMX listeners
- Hosting multiple domains using one IP
- Sharing security context between different applications using SSO
  - Enabling SSO in virtual server
- Summary

Chapter 6: Introducing OpenDS: Open Source Directory Service
- Storing hierarchical information: Directory services
  - Connecting directory services to software systems
- Introducing OpenDS
  - Understanding OpenDS backend and services
- Installing and administrating OpenDS
  - Installing OpenDS and DSML gateway
    - Understanding the system requirements
    - Downloading and installing OpenDS server
    - Studying the OpenDS directory structure
    - Installing and configuring the DSML gateway
- Administrating and managing OpenDS
  - Importing and exporting data
    - Importing LDIF files
    - Exporting database content into LDIF file
  - Backing up and restoring data
    - Creating a backup of OpenDS data
    - Restoring server state using backups
  - Enabling JMX Connection Handler
- Embedding OpenDS
  - Benefits of embedded mode capability of OpenDS
  - Preparing the environment
- Replicating Directory Information Tree (DIT)
  - OpenDS replication mechanism
  - Setting up an Asynchronous replication infrastructure
- Summary

Chapter 7: OpenSSO, the Single sign-on Solution
- What is SSO
- What is OpenSSO
  - OpenSSO functionalities
    - Controlling user access
    - Federation Management
    - Identity Web Services
    - OpenSSO architecture
    - OpenSSO realms
  - Installing OpenSSO in GlassFish
  - Configuring OpenSSO for authentication and authorization
- Authentication chaining
  - Realm Authentication
  - User Authentication
- Securing our applications using OpenSSO
  - Authenticating users by the RESTful interface
  - Authorizing using REST
  - SSO using REST
- Summary

Chapter 8: Securing Java EE Applications using OpenSSO
- Understanding Policy Agents
  - Specifying access privileges by defining policies
  - Protecting diverse types of containers using Policy Agents
  - Working of OpenSSO agents
    - Protecting different types of resources
  - Exploring outstanding features of Policy Agents
    - Managing Centralized Agent Configuration
    - Managing agents in groups
    - Applying agents configuration on-the-fly
    - Having more control over the installation process
- Installing J2EE Agent 3.0 for GlassFish
  - Placing the sample application under OpenSSO protection
    - Changing sample application descriptor files
    - Configuring the agent to protect the sample application
    - Defining access rules
- Summary

Chapter 9: Securing Web Services by OpenSSO
- Java EE and Web Services security
  - Securing Web Services in a Web module
  - Web Services security in EJB modules
  - EJB-based Web Services authentication in GlassFish
- Understanding Web Services security
  - Understanding SOAP message structure
- Developing secure Web Services
- Downloading and installing Web Services security agents
  - Creating a Web Service Client profile
  - Creating a Web Service Provider profile
- Securing the Echo Web Service
  - Developing an Echo Service Consumer
  - Authenticating a service call using WSP
    - Configuring WSP for enforcing authentication
    - Configuring WSC to support authentication
- Summary

Index

Masoud Kalali

Masoud Kalali has a software engineering degree and has been working on software development projects since 1998. He has experience with a variety of technologies (.NET, J2EE, CORBA, and COM+) on diverse platforms (Solaris, Linux, and Windows). His experience is in software architecture, design, and server-side development.

Masoud has published several articles at Java.net and Dzone. He has authored multiple refcards, published by Dzone, including Using XML in Java, Java EE Security and GlassFish v3 refcards. He is one of founder members of NetBeans Dream Team and a GlassFish community spotlighted developer.

Masoud's main area of research and interest includes service-oriented architecture and large scale systems' development and deployment and in his leisure time he enjoys photography, mountaineering and camping.

Masoud blog on Java EE, Software Architecture and Security at his java.net blog and you can follow him at his twitter account

Masoud can be reached via Kalali@gmail.com in case you had some queries about the book or if you just felt like talking to him about software engineering.

The book is efficient, has a clean layout and contains a logical progression of current JAVA EE and GlassFish Specific security topics. If you are developing Java EE 6 applications that reside in the GlassFish application server, “GlassFish Security” should be included in your project reference material. Keep up the good work Packt!

This book proposes to address the security of a JavaEE application and is a good guide for those who want to understand the security model for JavaEE and be accompanied by the implementation.

Sample chapters

You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

Code Downloads

Download the code and support files for this book.

Errata

- 5 submitted: last submission 09 Aug 2012

Errata type: Graphics | Page number: 52 | Errata date: 02/02/2012

In the additional properties table, the entry for Digest Algorithm should be the word none instead of being empty.

Errata type: Code | Page number: 50 | Errata date:

insert into groups values('jack',manager);
should be
insert into groups values('jack','manager');

Errata type: Code | Page number: 237 | Errata date: 06/29/2010

Method(operationName = "stringEcho")
should be
Method(operationName = "@WebMethod")

Errata type: Typo | Page number: 22 | Errata date: 07/03/2010

Here is a example snippet to add encryption support for a set of resources:
should be
Here is an example snippet to add encryption support for a set of resources:

Errata type: Technical | Page number: 104 | Errata date: 13 July 10

Install GlassFish in/opt/app-server and revoke all access permissions to this directory from groups who we do not want to allow to access the resource.
should be
Install GlassFish in /opt/app-server and revoke all access permissions to this directory from groups who we do not want to allow to access the resource.

Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.

What you will learn from this book

Develop secure Java EE applications including Web, EJB, and Application client modules.
Reuse the security assets you have by learning GlassFish security realms in great details along with the sample for each realm.
Secure GlassFish installation including operating system security and JVM policy configuration.
Secure Java EE applications using OpenSSO and set up Single Sign-On (SSO) between multiple applications.
Secure web services using Java EE built-in features, OpenSSO and WS-Security.
Secure network listeners and passwords using GlassFish provided facilities.
Learn using OpenSSO services, SDKs, and agents to secure Java EE enterprise applications including Web Services.
Learn using OpenDS both as administrator and as an LDAP solution developer.
All command lines and more than 90% of the book content applies for both GlassFish 3.x and 2.x.

Special Offers

PacktLib gives you access to this and 600+ other titles with an annual or monthly subscription.

Annual subscription:

$220.00 per annum

Monthly subscription:

$21.99 per month

Buy any two eBooks and get 50% off

Add any two eBooks to your cart, and 50% will be taken off their total price

OSWorkflow: A guide for Java developers and architects to integrating open-source Business Process Management

Simply click below to add these two eBooks to your cart

View our bestselling Java bundles

In Detail

Security was, is, and will be one of the most important aspects of Enterprise Applications and one of the most challenging areas for architects, developers, and administrators. It is mandatory for Java EE application developers to secure their enterprise applications using Glassfish security features.

Learn to secure Java EE artifacts (like Servlets and EJB methods), configure and use GlassFish JAAS modules, and establish environment and network security using this practical guide filled with examples. One of the things you will love about this book is that it covers the advantages of protecting application servers and web service providers using OpenSSO.

The book starts by introducing Java EE security in Web, EJB, and Application Client modules. Then it introduces the Security Realms provided in GlassFish, which developers and administrators can use to complete the authentication and authorization setup. In the next step, we develop a completely secure Java EE application with Web, EJB, and Application Client modules.

The next part includes a detailed and practical guide to setting up, configuring, and extending GlassFish security. This part covers everything an administrator needs to know about GlassFish security, starting from installation and operating environment security, listeners and password security, through policy enforcement, to auditing and developing new auditing modules.

Before starting the third major part of the book, we have a chapter on OpenDS discussing how to install, and administrate OpenDS. The chapter covers importing and exporting data, setting up replications, backup and recovery and finally developing LDAP based solutions using OpenDS and Java.

Finally the third part starts by introducing OpenSSO and continues with guiding you through OpenSSO features, installation, configuration and how you can use it to secure Java EE applications in general and web services in particular. Identity Federation and SSO are discussed in the last chapter of the book along with a working sample.

Inspired from real development cases, this practical guide shows you how to secure a GlassFish installation and how to develop applications with secure authentication based on GlassFish, Java EE, and OpenSSO capabilities.

Approach

Security is driven by requirement and design and we implement security on the basis of the requirements provided by analysts. In this book, we take a programmatic approach to understand Java EE and GlassFish security.

You will find plenty of code samples in this book. It is easy to secure your application when you have a demonstration of a complete and working application explained in the book, isn't it? Each chapter starts with the importance and relevance of the topic by introducing some Java EE applications requirement, which will encourage you to read it further.

Who this book is for

This book is for application designers, developers and administrators who work with GlassFish and are keen to understand Java EE and GlassFish security.

To take full advantage of this book, you need to be familiar with Java EE and GlassFish application servers. You will love this book if you are looking for a book that covers Java EE security and using GlassFish features to create secure Java EE applications, or to secure the GlassFish installation and operating environment and using OpenSSO.