Part I Development Tasks and Tools
1. Setting Up a Development Environment
Part II Developing Applications and Application Components
GlassFish Server Specific Security Features
Roles, Principals, and Principal to Role Mapping
How to Set a Realm for an Application or Module
Pluggable Audit Module Support
Changing Permissions for an Application
Enabling and Disabling the Security Manager
Configuring Message Security for Web Services
Message Security Responsibilities
Application Developer Responsibilities
Application Deployer Responsibilities
System Administrator Responsibilities
Application-Specific Message Protection
Using a Signature to Enable Message Protection for All Methods
Configuring Message Protection for a Specific Method Based on Digital Signatures
Understanding and Running the Sample Application
To Set Up the Sample Application
Programmatic Login Precautions
Granting Programmatic Login Permission
User Authentication for Single Sign-on
Adding Authentication Mechanisms to the Servlet Container
The GlassFish Server and JSR 196
Writing a Server Authentication Module
Sample Server Authentication Module
Compiling and Installing a Server Authentication Module
Configuring a Server Authentication Module
Binding a Server Authentication Module to Your Application
6. Using the Java Persistence API
7. Developing Web Applications
8. Using Enterprise JavaBeans Technology
9. Using Container-Managed Persistence
12. Developing Lifecycle Listeners
13. Developing OSGi-enabled Java EE Applications
Part III Using Services and APIs
14. Using the JDBC API for Database Access
15. Using the Transaction Service
16. Using the Java Naming and Directory Interface
In an enterprise computing environment, there are many security risks. The goal of the GlassFish Server is to provide highly secure, interoperable, and distributed component computing based on the Java EE security model. Security goals include:
Full compliance with the Java EE security model. This includes EJB and servlet role-based authorization.
Support for single sign-on across all GlassFish Server applications within a single security domain.
Support for web services message security.
Security support for application clients.
Support for several underlying authentication realms, such as simple file and Lightweight Directory Access Protocol (LDAP). Certificate authentication is also supported for Secure Socket Layer (SSL) client authentication. For Solaris, OS platform authentication is supported in addition to these.
Support for declarative security through GlassFish Server specific XML-based role mapping.
Support for Java Authorization Contract for Containers (JACC) pluggable authorization as included in the Java EE specification and defined by Java Specification Request (JSR) 115.
Support for Java Authentication Service Provider Interface for Containers as included in the Java EE specification and defined by JSR 196.
Support for Web Services Interoperability Technologies (WSIT) as described in Metro Users Guide.