1. Administering System Security
2. Administering User Security
About Message Security in GlassFish Server
Security Tokens and Security Mechanisms
Application-Specific Web Services Security
Message Security Administration
Application Developer/Assembler
Sample Application for Web Services
Enabling Default Message Security Providers for Web Services
To Enable a Default Server Provider
To Enable a Default Client Provider
Configuring Message Protection Policies
Message Protection Policy Mapping
To Configure the Message Protection Policies for a Provider
Setting the Request and Response Policy for the Application Client Configuration
Administering Non-default Message Security Providers
To Create a Message Security Provider
To List Message Security Providers
To Update a Message Security Provider
To Delete a Message Security Provider
To Configure a Servlet Layer Server Authentication Module (SAM)
Enabling Message Security for Application Clients
Additional Information About Message Security
4. Administering Security in Cluster Mode
5. Managing Administrative Security
6. Running in a Secure Environment
This chapter provides information and procedures on configuring the message layer security for web services in the GlassFish Server environment.
Note - Message security (JSR 196) is supported only in the Full Platform Profile of GlassFish Server, not in the Web Profile.
The following topics are addressed here:
Some of the material in this chapter assumes a basic understanding of security and web services concepts. For more information about security, see About System Security in GlassFish Server.
Instructions for accomplishing the tasks in this chapter by using the Administration Console are contained in the Administration Console online help.