GlassFish Security

Secure your GlassFish installation, Web applications, EJB applications, Application Client modules, and Web services
Preview in Mapt

GlassFish Security

Masoud Kalali

Secure your GlassFish installation, Web applications, EJB applications, Application Client modules, and Web services
Mapt Subscription
FREE
$29.99/m after trial
eBook
$10.00
RRP $26.99
Save 62%
Print + eBook
$44.99
RRP $44.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$10.00
$44.99
$29.99 p/m after trial
RRP $26.99
RRP $44.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


GlassFish Security Book Cover
GlassFish Security
$ 26.99
$ 10.00
Mastering Linux Security and Hardening Book Cover
Mastering Linux Security and Hardening
$ 39.99
$ 10.00
Buy 2 for $20.00
Save $46.98
Add to Cart

Book Details

ISBN 139781847199386
Paperback296 pages

Book Description

Security was, is, and will be one of the most important aspects of Enterprise Applications and one of the most challenging areas for architects, developers, and administrators. It is mandatory for Java EE application developers to secure their enterprise applications using Glassfish security features.

Learn to secure Java EE artifacts (like Servlets and EJB methods), configure and use GlassFish JAAS modules, and establish environment and network security using this practical guide filled with examples. One of the things you will love about this book is that it covers the advantages of protecting application servers and web service providers using OpenSSO.

The book starts by introducing Java EE security in Web, EJB, and Application Client modules. Then it introduces the Security Realms provided in GlassFish, which developers and administrators can use to complete the authentication and authorization setup. In the next step, we develop a completely secure Java EE application with Web, EJB, and Application Client modules.

The next part includes a detailed and practical guide to setting up, configuring, and extending GlassFish security. This part covers everything an administrator needs to know about GlassFish security, starting from installation and operating environment security, listeners and password security, through policy enforcement, to auditing and developing new auditing modules.

Before starting the third major part of the book, we have a chapter on OpenDS discussing how to install, and administrate OpenDS. The chapter covers importing and exporting data, setting up replications, backup and recovery and finally developing LDAP based solutions using OpenDS and Java.

Finally the third part starts by introducing OpenSSO and continues with guiding you through OpenSSO features, installation, configuration and how you can use it to secure Java EE applications in general and web services in particular. Identity Federation and SSO are discussed in the last chapter of the book along with a working sample.

Table of Contents

Chapter 1: Java EE Security Model
Overview of Java EE architecture
Understanding a typical Java EE application
Accessing protected resource inside a Web module
Understanding the EJB modules
Understanding the application client module
Declaring security roles in Application level
Summary
Chapter 2: GlassFish Security Realms
Security realms
GlassFish security realms
Adding a custom authentication method to GlassFish
Summary
Chapter 3: Designing and Developing Secure Java EE Applications
Understanding the sample application
Analyzing sample application business logic
Implementing the Business and Persistence layers
Developing the Presentation layer
Deploying the application client module in the Application Client Container
Summary
Chapter 4: Securing GlassFish Environment
Securing a host operating system
Estimating security risks: Auditing
Summary
Chapter 5: Securing GlassFish
Administrating GlassFish
Securing different network listeners
Hosting multiple domains using one IP
Sharing security context between different applications using SSO
Summary
Chapter 6: Introducing OpenDS: Open Source Directory Service
Storing hierarchical information: Directory services
Introducing OpenDS
Installing and administrating OpenDS
Administrating and managing OpenDS
Embedding OpenDS
Replicating Directory Information Tree (DIT)
Summary
Chapter 7: OpenSSO, the Single sign-on Solution
What is SSO
What is OpenSSO
Authentication chaining
Securing our applications using OpenSSO
Summary
Chapter 8: Securing Java EE Applications using OpenSSO
Understanding Policy Agents
Installing J2EE Agent 3.0 for GlassFish
Summary
Chapter 9: Securing Web Services by OpenSSO
Java EE and Web Services security
Understanding Web Services security
Developing secure Web Services
Downloading and installing Web Services security agents
Securing the Echo Web Service
Summary

What You Will Learn

  • Develop secure Java EE applications including Web, EJB, and Application client modules.
  • Reuse the security assets you have by learning GlassFish security realms in great details along with the sample for each realm.
  • Secure GlassFish installation including operating system security and JVM policy configuration.
  • Secure Java EE applications using OpenSSO and set up Single Sign-On (SSO) between multiple applications.
  • Secure web services using Java EE built-in features, OpenSSO and WS-Security.
  • Secure network listeners and passwords using GlassFish provided facilities.
  • Learn using OpenSSO services, SDKs, and agents to secure Java EE enterprise applications including Web Services.
  • Learn using OpenDS both as administrator and as an LDAP solution developer.
  • All command lines and more than 90% of the book content applies for both GlassFish 3.x and 2.x.

Authors

Table of Contents

Chapter 1: Java EE Security Model
Overview of Java EE architecture
Understanding a typical Java EE application
Accessing protected resource inside a Web module
Understanding the EJB modules
Understanding the application client module
Declaring security roles in Application level
Summary
Chapter 2: GlassFish Security Realms
Security realms
GlassFish security realms
Adding a custom authentication method to GlassFish
Summary
Chapter 3: Designing and Developing Secure Java EE Applications
Understanding the sample application
Analyzing sample application business logic
Implementing the Business and Persistence layers
Developing the Presentation layer
Deploying the application client module in the Application Client Container
Summary
Chapter 4: Securing GlassFish Environment
Securing a host operating system
Estimating security risks: Auditing
Summary
Chapter 5: Securing GlassFish
Administrating GlassFish
Securing different network listeners
Hosting multiple domains using one IP
Sharing security context between different applications using SSO
Summary
Chapter 6: Introducing OpenDS: Open Source Directory Service
Storing hierarchical information: Directory services
Introducing OpenDS
Installing and administrating OpenDS
Administrating and managing OpenDS
Embedding OpenDS
Replicating Directory Information Tree (DIT)
Summary
Chapter 7: OpenSSO, the Single sign-on Solution
What is SSO
What is OpenSSO
Authentication chaining
Securing our applications using OpenSSO
Summary
Chapter 8: Securing Java EE Applications using OpenSSO
Understanding Policy Agents
Installing J2EE Agent 3.0 for GlassFish
Summary
Chapter 9: Securing Web Services by OpenSSO
Java EE and Web Services security
Understanding Web Services security
Developing secure Web Services
Downloading and installing Web Services security agents
Securing the Echo Web Service
Summary

Book Details

ISBN 139781847199386
Paperback296 pages
Read More

Read More Reviews

Recommended for You

Responsive Web Design with HTML5 and CSS3 Book Cover
Responsive Web Design with HTML5 and CSS3
$ 23.99
$ 4.80
Hibernate Search by Example Book Cover
Hibernate Search by Example
$ 17.99
$ 10.00
Java EE 6 with GlassFish 3 Application Server Book Cover
Java EE 6 with GlassFish 3 Application Server
$ 29.99
$ 10.00
EJB 3.1 Cookbook Book Cover
EJB 3.1 Cookbook
$ 32.99
$ 10.00
Java EE 7 Developer Handbook Book Cover
Java EE 7 Developer Handbook
$ 35.99
$ 10.00
Microsoft SQL Server 2008 High Availability Book Cover
Microsoft SQL Server 2008 High Availability
$ 29.99
$ 10.00