| |
| |
|
|
Secure your GlassFish installation, Web applications, EJB applications, Application Client modules, and Web services
- Secure your GlassFish installation and J2EE applications
- Develop secure Java EE applications including Web, EJB, and Application Client modules
- Secure web services using GlassFish and OpenSSO web service security features
- Support SSL in GlassFish including Mutual Authentication and Certificate Realm with this practical guide
|
|
- Buy one eBook, get 20% off
- Buy two eBooks, get 35% off
- Buy two print books, get 18% off
|
Request a Review Copy
Send us feedback on this title
Ask a question about this title
Language English
Paperback 252 pages [191mm x 235mm]
Release date
Expected April 2010
ISBN 1847199380
ISBN 13 978-1-847199-38-6
Author(s)
Masoud Kalali
Topics and Technologies
Open Source, Java
Special eBook Discount Offer |
 | + |  | Buy this eBook with GlassFish Administration eBook and get 50% discount on both. Just enter gfsgfa in the 'Promotion Code' field and click 'Update' during checkout. The discount will be applied. |
|
Inspired from real development cases, this practical guide shows you how to secure a GlassFish installation and how to develop applications with secure authentication based on GlassFish, Java EE, and OpenSSO capabilities.
Security was, is, and will be one of the most important aspects of Enterprise Applications and one of the most challenging areas for architects, developers, and administrators. It is mandatory for Java EE application developers to secure their enterprise applications using Glassfish security features.
Learn to secure Java EE artifacts (like Servlets and EJB methods), configure and use GlassFish JAAS modules, and establish environment and network security using this practical guide filled with examples. One of the things you will love about this book is that it covers the advantages of protecting application servers and web service providers using OpenSSO.
The book starts by introducing Java EE security in Web, EJB, and Application Client modules. Then it introduces the Security Realms provided in GlassFish, which developers and administrators can use to complete the authentication and authorization setup. In the next step, we develop a completely secure Java EE application with Web, EJB, and Application Client modules.
The next part includes a detailed and practical guide to setting up, configuring, and extending GlassFish security. This part covers everything an administrator needs to know about GlassFish security, starting from installation and operating environment security, listeners and password security, through policy enforcement, to auditing and developing new auditing modules.
Finally the third part starts by introducing OpenSSO and continues with guiding you through OpenSSO features, installation, configuration and how you can use it to secure Java EE applications in general and web services in particular. Identity Federation and SSO are discussed in the last chapter of the book along with a working sample.
- Secure Java EE artifacts by using Java EE 5 and 6 security features in both annotation and deployment descriptor modes
- Implement container-provided authentication and authorization
- Achieve environment and transport security by analyzing every GlassFish security realm in great detail along with samples for each of them
- Take advantage of Principal propagation from one container to another
- Secure GlassFish installation including operating system security and JVM policy configuration
- Secure listeners and passwords by learning how environmental factors affect GlassFish security
- Authenticate, authorize, and audit Web services using OpenSSO
- Secure Java EE applications using OpenSSO and set up Single Sign-On (SSO) between multiple applications
- Secure web services using OpenSSO, WS-Security, WS-Trust, and SAML
Security is driven by requirement and design and we implement security on the basis of the requirements provided by analysts. In this book, we take a programmatic approach to understand Java EE and GlassFish security.
You will find plenty of code samples in this book. It is easy to secure your application when you have a demonstration of a complete and working application explained in the book, isn't it? Each chapter starts with the importance and relevance of the topic by introducing some Java EE applications requirement, which will encourage you to read it further.
This book is for application designers, developers and administrators who work with GlassFish and are keen to understand Java EE and GlassFish security.
To take full advantage of this book, you need to be familiar with Java EE and GlassFish application servers. You will love this book if you are looking for a book that covers Java EE security and using GlassFish features to create secure Java EE applications, or to secure the GlassFish installation and operating environment and using OpenSSO.
Masoud Kalali
Masoud Kalali holds a software engineering degree and has been working on software development projects since 1998. He has experience with a variety of technologies (.Net, J2EE, CORBA, and COM+) on diverse platforms (Solaris, Linux, and Windows). His experience is in software architecture, design, and server-side development. Masoud has several articles in Java.net. He is one of founder members of NetBeans Dream Team. Masoud's main area of research and interest includes web services and Service Oriented Architecture along with large-scale and high-throughput system development and deployment. Masoud was involved with GlassFish from its early days and authored several articles and reference cards for GlassFish
| |
|
