GlassFish security : secure your GlassFish installation, web applications, EJB applications, applications, EJB applications, application client modules, and web services using Java EE and GlassFish security measures.
Secure your GlassFish installation, Web applications, EJB applications, Application Client modules, and Web services.
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham, U.K. :
Packt Pub.,
©2010.
|
Temas: | |
Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Copyright; Credits; About the Author; About the Reviewers; Table of Contents; Preface; Chapter 1: Java EE Security Model; Overview of Java EE architecture; Understanding a typical Java EE application; Accessing protected resource inside a Web module; Deployment descriptors; Understanding Java EE security terms; Defining constraints on resources; Authenticating and authorizing users; Adding authentication to a web application; Authorizing using deployment descriptor; Managing session information; Adding transport security; Using programmatic security in web applications
- Using security annotationsUnderstanding the EJB modules; Securing EJB modules using annotations; Mapping roles to principals and groups; Accessing the security context programmatically; Using EJB interceptors for auditing and security purposes; Enforcing authentication in EJB modules; Understanding the application client module; Declaring security roles in Application level; Summary; Chapter 2: GlassFish Security Realms; Security realms; Authenticating using security realms; Reusing security assets; GlassFish security realms; Administrating security realms; Creating a File realm
- Creating the JDBC realmUsing the LDAP realm to secure web applications; Downloading and installing OpenDS 2.2; Creating the LDAP realm; Creating the certificate realm; Public key cryptography; Digital signature; Key stores and trust stores; Managing certificates; Creating the Solaris realm; Developing custom realms; Developing the custom realm; Installing and configuring; Adding a custom authentication method to GlassFish; Summary; Chapter 3: Designing and Developing Secure Java EE Applications; Understanding the sample application; Analyzing sample application business logic
- Implementing the Business and Persistence layersImplementing the Persistence layer; Developing the Presentation layer; Implementing the Conversion GUI; Implementing the Converter servlet; Implementing the authentication frontend; Configuring deployment descriptors; Specifying the security realm; Deploying the application client module in the Application Client Container; Configuring Application Client Container security; Summary; Chapter 4: Securing GlassFish Environment; Securing a host operating system; Defining security at the OS level; Creating the installation directory
- Creating the GlassFish userLogging in as a GlassFish user; Restricting access to the filesystem; Restricting access to network interfaces; Restricting access to ports; Enforcing storage usage limitation; Implementing restrictions in the application server level; Securing the Java Runtime environment from unprivileged access; Implementing the policy manager; Securing the GlassFish using security manager; Alternative container policy providers; Estimating security risks: Auditing; Enabling the default auditing module; Developing custom auditing modules; Summary; Chapter 5: Securing GlassFish