|
|
Enable Secure Admin. |
The secure administration feature allows an
administrator to secure all administrative communication between the domain administration server (DAS), any remote
instances, and administration clients such as the asadmin utility, the administration console,
and REST clients. In addition, secure administration helps to prevent DAS-to-DAS and
instance-to-instance traffic, and carefully restricts administration-client-to-instance traffic. The secure administration feature provides a
secure environment, in which you can be confident that rogue users or processes
cannot intercept or corrupt administration traffic or impersonate legitimate GlassFish Server components. See Chapter 5, Managing Administrative Security |
Protect the
.asadminpass file |
If you create a domain with the --savelogin option, create-domain saves
the administration user name and password in
the .asadminpass file in the user's home
directory. Make sure that this file remains protected. Information stored
in this file will be used by asadmin commands to manage this domain. |
Deploy production-ready
security providers to the security realm. |
Java Authorization Contract for Containers (JACC) is
the part of the Java EE specification that defines an interface for pluggable
authorization providers. This enables you to set up third-party plug-in modules to perform authorization.
By default, the GlassFish Server provides a simple, file-based authorization engine that complies
with the JACC specification. You can also specify additional third-party JACC providers. If you
have purchased or written your own security providers, make sure that you have
deployed and configured them properly. |
Use SSL, but do not use the
self-signed certificates in a production environment. |
To prevent sensitive data from being compromised, secure
data transfers by using HTTPS. By default, GlassFish Server uses self-signed certificates.
The self-signed certificates that GlassFish Server uses might not be trusted by clients
by default because a certificate authority does not vouch for the authenticity of
the certificate. You can instead use your own certificates, as described in Using Your Own Certificates. |
Restrict
the size and the time limit of requests on external channels to prevent
Denial of Service attacks. |
To prevent some Denial of Service (DoS) attacks, restrict
the size of a message as well as the maximum time it takes
a message to arrive. The default setting for maximum post size is
2097152 bytes and 900 seconds for the request timeout. |
Enable authentication and authorization
auditing. |
Auditing is the process of recording key security events in your GlassFish
Server environment. You use audit modules to develop an audit trail of all
authentication and authorization decisions. To enable audit logging, two steps are required: 1.
On the Security page, select the Audit Logging Enabled checkbox to enable audit
logging. 2. Set the auditOn property for the active audit module to true. Review the
auditing records periodically to detect security breaches and attempted breaches. Noting repeated failed
logon attempts or a surprising pattern of security events can prevent serious problems. |
Set
logging for security and SSL messages. |
Consider setting module log levels for table.javax.enterprise.system.ssl.security and
javax.enterprise.system.core.security. You can set a level from Severe to Finest (the default is
Info), but be aware that the finer logging levels may produce a large
log file. By default, GlassFish Server logging messages are recorded in the
server log, and you can set the file rotation limit, as described in
rotate-log(1) |
Ensure that you have correctly assigned users to the correct groups. |
Make sure
you have assigned the desired set of users to the right groups. In
particular, make sure that users assigned to the asadmin group need to be
members of that group. |
Create no fewer than two user accounts in the
asadmin group. |
The user admin is created when you install GlassFish Server.
For production environments, create at least one other account in the asadmin group
in case one account password is compromised. When creating asadmin users give them unique
names that cannot be easily guessed. |
Assign a password to the admin account. |
By
default, GlassFish Server includes a single account for user "admin" and an empty
password. For production environments this default is inherently unsecure, and you should set
a password for admin. |