JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle GlassFish Server 3.1 Security Guide
search filter icon
search icon

Document Information


1.  Administering System Security

About System Security in GlassFish Server


Authentication Types

JSR 196 Server Authentication Modules


Master Password and Keystores

Understanding Master Password Synchronization

Using the Default Master Password

Saving the Master Password to a File

Using the Master Password When Creating a Domain

Administration Password

Encoded Passwords

Web Browsers and Password Storage

Password Aliases

Single Sign-on



Java Authorization Contract for Containers

Working With the server.policy Policy File

Contents of server.policy

Changing the Default Permissions



Certificates and SSL


Certificate Chains

Certificate Files

Secure Sockets Layer


Name-based Virtual Hosts

Custom Authentication of Client Certificate in SSL Mutual Authentication

Understanding the AppservCertificateLoginModule Class

Example AppservCertificateLoginModule Code

Setting the JAAS Context

Tools for Managing System Security

Administering Passwords

To Change the Master Password

Additional Considerations for the start-instance and start-cluster Subcommands

Using start-instance and start-cluster With a Password File

To Change an Administration Password

To Set a Password From a File

Administering Password Aliases

To Create a Password Alias

To List Password Aliases

To Delete a Password Alias

To Update a Password Alias

Administering Audit Modules

To Create an Audit Module

To List Audit Modules

To Delete an Audit Module

Administering JSSE Certificates

To Generate a Certificate by Using keytool

To Sign a Certificate by Using keytool

To Delete a Certificate by Using keytool

Administering JACC Providers

Administering JACC Providers From the Administration Console

Administering JACC Providers from the Command Line

2.  Administering User Security

3.  Administering Message Security

4.  Administering Security in Cluster Mode

5.  Managing Administrative Security

6.  Running in a Secure Environment

7.  Integrating Oracle Access Manager


Chapter 1

Administering System Security

This chapter describes general information about administering system security.

The following topics are addressed here:

Instructions for accomplishing many of these tasks by using the Administration Console are contained in the Administration Console online help.

Information on application security is contained in Chapter 4, Securing Applications, in Oracle GlassFish Server 3.1 Application Development Guide.