JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle GlassFish Server 3.1 Security Guide
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

1.  Administering System Security

2.  Administering User Security

3.  Administering Message Security

About Message Security in GlassFish Server

Security Tokens and Security Mechanisms

Authentication Providers

Message Protection Policies

Application-Specific Web Services Security

Message Security Administration

Message Security Tasks

Message Security Roles

System Administrator

Application Deployer

Application Developer/Assembler

Sample Application for Web Services

Enabling Default Message Security Providers for Web Services

To Enable a Default Server Provider

To Enable a Default Client Provider

Configuring Message Protection Policies

Message Protection Policy Mapping

To Configure the Message Protection Policies for a Provider

Setting the Request and Response Policy for the Application Client Configuration

Administering Non-default Message Security Providers

To Create a Message Security Provider

To List Message Security Providers

To Update a Message Security Provider

To Delete a Message Security Provider

To Configure a Servlet Layer Server Authentication Module (SAM)

Enabling Message Security for Application Clients

Additional Information About Message Security

4.  Administering Security in Cluster Mode

5.  Managing Administrative Security

6.  Running in a Secure Environment

7.  Integrating Oracle Access Manager

Index

Enabling Default Message Security Providers for Web Services

By default, message security is disabled on GlassFish Server. Default message security providers have been created, but are not active until you enable them. After the providers have been enabled, message security is enabled.

The following topics are addressed here:

To Enable a Default Server Provider

To enable message security for web services endpoints deployed in GlassFish Server, you must specify a security provider to be used by default on the server side. If you enable a default provider for message security, you also need to enable providers to be used by clients of the web services deployed in GlassFish Server.

  1. Specify the default server provider by using the set(1) subcommand.

    Use the following syntax:

    asadmin  set --port admin-port 
server-config.security-service.message-security-config.SOAP.
default_provider=ServerProvider
  2. To apply your changes to applications that are already running, restart GlassFish Server.

    See To Restart a Domain in Oracle GlassFish Server 3.1 Administration Guide.

To Enable a Default Client Provider

To enable message security for web service invocations originating from deployed endpoints, you must specify a default client provider. If you enabled a default client provider for GlassFish Server, you must ensure that any services invoked from endpoints deployed in GlassFish Server are compatibly configured for message layer security.

  1. Specify the default client provider by using the set(1) subcommand.

    Use the following syntax:

    asadmin  set --port admin-port 
server-config.security-service.message-security-config.SOAP.
default_client_provider=ClientProvider
  2. To apply your changes to applications that are already running, restart GlassFish Server.

    See To Restart a Domain in Oracle GlassFish Server 3.1 Administration Guide.

Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next