GlassFish Security. open source community experience distilled. security measures. Secure your GlassFish installation, Web applications,



Similar documents
WebSphere Training Outline

enterprise^ IBM WebSphere Application Server v7.0 Security "publishing Secure your WebSphere applications with Java EE and JAAS security standards

OpenAM. 1 open source 1 community experience distilled. Single Sign-On (SSO) tool for securing your web. applications in a fast and easy way

CHAPTER 1 - JAVA EE OVERVIEW FOR ADMINISTRATORS

Oracle WebLogic Server 11g Administration

Oracle WebLogic Server 11g: Administration Essentials

Secure the Web: OpenSSO

This training is targeted at System Administrators and developers wanting to understand more about administering a WebLogic instance.

Java EE 7: Back-End Server Application Development

Introduction to Sun ONE Application Server 7

Novell Access Manager

JBS-102: Jboss Application Server Administration. Course Length: 4 days

No.1 IT Online training institute from Hyderabad URL: sriramtechnologies.com

How To Protect Your Computer From Being Hacked On A J2Ee Application (J2Ee) On A Pc Or Macbook Or Macintosh (Jvee) On An Ipo (J 2Ee) (Jpe) On Pc Or

Glassfish Architecture.

Oracle WebLogic Foundation of Oracle Fusion Middleware. Lawrence Manickam Toyork Systems Inc

Procase Consulting. APEX 4.1 Introduction. Oleg Mochkin

Basic TCP/IP networking knowledge of client/server concepts Basic Linux commands and desktop navigation (if don't know we will cover it )

5 Days Course on Oracle WebLogic Server 11g: Administration Essentials

Architectural Overview

Oracle Identity Analytics Architecture. An Oracle White Paper July 2010

WebLogic Server 11g Administration Handbook

Determine the process of extracting monitoring information in Sun ONE Application Server

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 5

WebSphere Server Administration Course

Single Sign On In A CORBA-Based

Running and Testing Java EE Applications in Embedded Mode with JupEEter Framework

Spring Security 3. rpafktl Pen source. intruders with this easy to follow practical guide. Secure your web applications against malicious

Crawl Proxy Installation and Configuration Guide

Administering User Security

MESSAGING SECURITY USING GLASSFISH AND OPEN MESSAGE QUEUE

MagDiSoft Web Solutions Office No. 102, Bramha Majestic, NIBM Road Kondhwa, Pune Tel: /

Project SailFin: Building and Hosting Your Own Communication Server.

Interstage Application Server V7.0 Single Sign-on Operator's Guide

Enabling SSL and Client Certificates on the SAP J2EE Engine

IBM WebSphere Server Administration

Contents 1 Overview 2 Introduction to WLS Management Services iii

Oracle EXAM - 1Z Java EE 6 Web Services Developer Certified Expert Exam. Buy Full Product.

1Z Oracle Weblogic Server 11g: System Administration I. Version: Demo. Page <<1/7>>

Integrating EJBCA and OpenSSO

Learn Oracle WebLogic Server 12c Administration For Middleware Administrators

Oracle EXAM - 1Z Oracle Weblogic Server 11g: System Administration I. Buy Full Product.

esoc SSA DC-I Part 1 - Single Sign-On and Access Management ICD

Learning GlassFish for Tomcat Users

GlassFish v3. Building an ex tensible modular Java EE application server. Jerome Dochez and Ludovic Champenois Sun Microsystems, Inc.

Stronger Authentication with Biometric SSO

[paf i/t1 enterpri. Getting Started with IBM. FileNet P8 Content Manager. Enterprise Content Management platform

Gabriel Magariño. Software Engineer. Overview Revisited

IBM Security Identity Manager Version 6.0. Security Guide SC

OpenSSO: Simplify Your Single-Sign-On Needs. Sang Shin Java Technology Architect Sun Microsystems, inc. javapassion.com

Technical White Paper - JBoss Security

Software Architecture Document

SAP SECURITY AND AUTHORIZATIONS - RISK MANAGEMENT AND COMPLIANCE WITH LEGAL REGULATIONS IN THE SAP ENVIRONMENT

OpenSSO Monitoring Euro User Groups Winter 2010

JBOSS ESB. open source community experience distilled. Beginner's Guide. Enterprise. Magesh Kumar B

1. Introduction Auditing Handlers and Audit Trails Configure the Built-In Handler Create a Custom Audit Handler...

WEBLOGIC ADMINISTRATION

StreamServe Persuasion SP5 StreamStudio

FioranoMQ 9. High Availability Guide

CONFIGURATION AND APPLICATIONS DEPLOYMENT IN WEBSPHERE 6.1

ITG Software Engineering

CloudCERT (Testbed framework to exercise critical infrastructure protection)

Single Sign On. Configuration Checklist for Single Sign On CHAPTER

JEE Web Applications Jeff Zhuk

BlackBerry Enterprise Service 10. Version: Configuration Guide

Table of Contents. Introduction. Audience. At Course Completion

Chapter 4. Architecture. Table of Contents. J2EE Technology Application Servers. Application Models

ActiveVOS Server Architecture. March 2009

Angel Dichev RIG, SAP Labs

1 What Are Web Services?

CIS 3615 Secure Software Development

Blackboard Learn TM, Release 9 Technology Architecture. John Fontaine

Architecture and Mode of Operation

JVA-122. Secure Java Web Development

Sun Access Manager CAC Authentication Deployment Configuration Guide

FileMaker Server 14. FileMaker Server Help

TIBCO Silver Fabric Continuity User s Guide

CA SOA Security Manager

BEAWebLogic. Server. Configuring and Managing WebLogic Server

Oracle Exam 1z0-102 Oracle Weblogic Server 11g: System Administration I Version: 9.0 [ Total Questions: 111 ]

JBoss SOAP Web Services User Guide. Version: M5

1z0-102 Q&A. DEMO Version

Avatier Identity Management Suite

Java Servlet 3.0. Rajiv Mordani Spec Lead

GlassFish OpenSSO CAC Authentication Deployment Configuration Guide

Xerox DocuShare Security Features. Security White Paper

WELCOME TO Open Source Enterprise Architecture

Oracle Database 11g: Security. What you will learn:

App Orchestration 2.0

How To Configure The Jasig Casa Single Sign On On A Workstation On Ahtml.Org On A Server On A Microsoft Server On An Ubuntu (Windows) On A Linux Computer On A Raspberry V

rpafi/jl open source Apache Axis2 Web Services 2nd Edition using Apache Axis2 Deepal Jayasinghe Create secure, reliable, and easy-to-use web services

Delegated Administration Quick Start

Transcription:

GlassFish Security Secure your GlassFish installation, Web applications, EJB applications, application client module, and Web Services using Java EE and GlassFish security measures Masoud Kalali PUBLISHING BIRMINGHAM - MUMBAI open source community experience distilled

Preface 1 Chapter 1: Java EE Security Model 7 Overview of Java EE architecture 8 Understanding a typical Java EE application 8 Accessing protected resource inside a Web module 11 Deployment descriptors 13 Understanding Java EE security terms 13 Defining constraints on resources 15 Authenticating and authorizing users 16 Adding authentication to a web application 17 Authorizing using deployment descriptor 19 Managing session information 19 Adding transport security 21 Using programmatic security in web applications 23 Using security annotations 25 Understanding the EJB modules 26 Securing EJB modules using annotations 30 Mapping roles to principals and groups 33 Accessing the security context programmatically 33 Using EJB interceptors for auditing and security purposes 34 Enforcing authentication in EJB modules 35 Understanding the application client module 37 Declaring security roles in Application level 39 Summary 40 Chapter 2: GlassFish Security Realms Security realms 42 Authenticating using security realms 42 Reusing security assets 43 41^

GlassFish security realms 43 Administrating security realms 44 Creating a file realm 45 Creating the JDBC realm 50 Using the LDAP realm to secure web applications 55 Downloading and installing OpenDS 2.2 56 Creating the LDAP realm 58 Creating the certificate realm 61 Public key cryptography 62 Digital signature 63 Key stores and trust stores 63 Managing certificates 64 Creating the Solaris realm 71 Developing custom realms 71 Developing the custom realm 71 Installing and configuring 74 Adding a custom authentication method to GlassFish 75 Summary 76 Chapter 3: Designing and Developing Secure Java EE Applications 77 Understanding the sample application 78 Analyzing sample application business logic 78 Implementing the Business and Persistence layers 79 Implementing the Persistence layer 80 Developing the Presentation layer 83 Implementing the Conversion GUI 84 Implementing the Converter servlet 85 Implementing the authentication frontend 87 Configuring deployment descriptors 89 Specifying the security realm 91 Deploying the application client module in the Application Client Container 92 Configuring Application Client Container security 97 Summary 100 Chapter 4: Securing GlassFish Environment 101 Securing a host operating system 102 Defining security at the OS level 102 Creating the installation directory 105 Creating the GlassFish user 105 Logging in as a GlassFish user 106 Restricting access to the filesystem 106 Restricting access to network interfaces 106 Restricting access to ports 107

Enforcing storage usage limitation 107 Implementing restrictions in the application server level 112 Securing the Java Runtime environment from unprivileged access 112 Implementing the policy manager 113 Securing the GlassFish using security manager 116 Alternative container policy providers 120 Estimating security risks: Auditing 121 Enabling the default auditing module 122 Developing custom auditing modules 123 Summary 124 Chapter 5: Securing GlassFish 125 Administrating GlassFish 125 Using CLI for administration tasks 126 Implementing security in CLI 128 Securing different network listeners 135 Securing HTTP listeners 136 Securing ORB listeners 139 Securing JMX listeners 140 Hosting multiple domains using one IP 141 Sharing security context between different applications using SSO 144 Enabling SSO in virtual server 145 Summary 146 Chapter 6: Introducing OpenDS: Open Source Directory Service 147 Storing hierarchical information: Directory services 148 Connecting directory services to software systems 149 Introducing OpenDS 150 Understanding OpenDS backend and services 153 Installing and administrating OpenDS 154 Installing OpenDS and DSML gateway 154 Understanding the system requirements 154 Downloading and installing OpenDS server 154 Studying the OpenDS directory structure 158 Installing and configuring the DSML gateway 158 Administrating and managing OpenDS 160 Importing and exporting data 161 Importing LDIF files 162 Exporting database content into LDIF file 163 Backing up and restoring data 163 Creating a backup of OpenDS data 164 Restoring server state using backups 166 Enabling JMX Connection Handler 167 Embedding OpenDS 170 [iii]

Benefits of embedded mode capability of OpenDS 170 Preparing the environment 171 Replicating Directory Information Tree (DIT) 173 OpenDS replication mechanism 174 Setting up an Asynchronous replication infrastructure 175 Summary 177 Chapter 7: OpenSSO, the Single sign-on Solution 179 WhatisSSO 180 What is OpenSSO 181 OpenSSO functionalities 183 Controlling user access 183 Federation Management 185 Identity Web Services 186 OpenSSO architecture 188 OpenSSO realms 190 Installing OpenSSO in GlassFish 190 Configuring OpenSSO for authentication and authorization 194 Authentication chaining 196 Realm Authentication 198 User Authentication 199 Securing our applications using OpenSSO 199 Authenticating users by the RESTful interface 200 Authorizing using REST 202 SSO using REST 204 Summary 210 Chapter 8: Securing Java EE Applications using OpenSSO 211 Understanding Policy Agents 212 Specifying access privileges by defining policies 213 Protecting diverse types of containers using Policy Agents 214 Working of OpenSSO agents 215 Protecting different types of resources 216 Exploring outstanding features of Policy Agents 217 Managing Centralized Agent Configuration 217 Managing agents in groups 218 Applying agents configuration on-the-fly 218 Having more control over the installation process 218 Installing J2EE Agent 3.0 for GlassFish 218 Placing the sample application under OpenSSO protection 224 Changing sample application descriptor files 225 Configuring the agent to protect the sample application 226 Defining access rules 229 Summary 233

Chapter 9: Securing Web Services by OpenSSO 235 Java EE and Web Services security 236 Securing Web Services in a Web module 236 Web Services security in EJB modules 236 EJB-based Web Services authentication in GlassFish 237 Understanding Web Services security 239 Understanding SOAP message structure 244 Developing secure Web Services 245 Downloading and installing Web Services security agents 248 Creating a Web Service Client profile 250 Creating a Web Service Provider profile 251 Securing the Echo Web Service 253 Developing an Echo Service Consumer 253 Authenticating a service call using WSP 255 Configuring WSP for enforcing authentication 256 Configuring WSC to support authentication 258 Summary 259 Index 261

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information