JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle GlassFish Server 3.1 Security Guide
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

1.  Administering System Security

2.  Administering User Security

3.  Administering Message Security

4.  Administering Security in Cluster Mode

5.  Managing Administrative Security

6.  Running in a Secure Environment

Determining Your Security Needs

Understand Your Environment

Hire Security Consultants or Use Diagnostic Software

Read Security Publications

Installing GlassFish Server in a Secure Environment

Enable the Secure Administration Feature

Remove Unused Components

Removing Installed Components

Procedure To Remove an Installed Component

Remove Services You Are Not Using

Run on the Web Profile if Possible

Securing the GlassFish Server Host

Securing GlassFish Server

Securing Applications

7.  Integrating Oracle Access Manager

Index

Securing GlassFish Server

GlassFish Server provides a powerful and flexible set of software tools for securing the subsystems and applications that run on a server instance. The following table provides a checklist of essential features that Oracle recommends you use to secure your production environment.

Table 6-2 Securing GlassFish Server

Security Action
Description
Enable Secure Admin.
The secure administration feature allows an administrator to secure all administrative communication between the domain administration server (DAS), any remote instances, and administration clients such as the asadmin utility, the administration console, and REST clients.

In addition, secure administration helps to prevent DAS-to-DAS and instance-to-instance traffic, and carefully restricts administration-client-to-instance traffic.

The secure administration feature provides a secure environment, in which you can be confident that rogue users or processes cannot intercept or corrupt administration traffic or impersonate legitimate GlassFish Server components.

See Chapter 5, Managing Administrative Security
Protect the .asadminpass file
If you create a domain with the --savelogin option, create-domain saves the administration user name and password in the .asadminpass file in the user's home directory.

Make sure that this file remains protected. Information stored in this file will be used by asadmin commands to manage this domain.
Deploy production-ready security providers to the security realm.
Java Authorization Contract for Containers (JACC) is the part of the Java EE specification that defines an interface for pluggable authorization providers. This enables you to set up third-party plug-in modules to perform authorization.

By default, the GlassFish Server provides a simple, file-based authorization engine that complies with the JACC specification. You can also specify additional third-party JACC providers.

If you have purchased or written your own security providers, make sure that you have deployed and configured them properly.

Use SSL, but do not use the self-signed certificates in a production environment.
To prevent sensitive data from being compromised, secure data transfers by using HTTPS.

By default, GlassFish Server uses self-signed certificates. The self-signed certificates that GlassFish Server uses might not be trusted by clients by default because a certificate authority does not vouch for the authenticity of the certificate.

You can instead use your own certificates, as described in Using Your Own Certificates.
Restrict the size and the time limit of requests on external channels to prevent Denial of Service attacks.
To prevent some Denial of Service (DoS) attacks, restrict the size of a message as well as the maximum time it takes a message to arrive.

The default setting for maximum post size is 2097152 bytes and 900 seconds for the request timeout.

Enable authentication and authorization auditing.
Auditing is the process of recording key security events in your GlassFish Server environment. You use audit modules to develop an audit trail of all authentication and authorization decisions. To enable audit logging, two steps are required:

1. On the Security page, select the Audit Logging Enabled checkbox to enable audit logging.

2. Set the auditOn property for the active audit module to true.

Review the auditing records periodically to detect security breaches and attempted breaches. Noting repeated failed logon attempts or a surprising pattern of security events can prevent serious problems.
Set logging for security and SSL messages.
Consider setting module log levels for table.javax.enterprise.system.ssl.security and javax.enterprise.system.core.security. You can set a level from Severe to Finest (the default is Info), but be aware that the finer logging levels may produce a large log file.

By default, GlassFish Server logging messages are recorded in the server log, and you can set the file rotation limit, as described in rotate-log(1)
Ensure that you have correctly assigned users to the correct groups.
Make sure you have assigned the desired set of users to the right groups. In particular, make sure that users assigned to the asadmin group need to be members of that group.
Create no fewer than two user accounts in the asadmin group.
The user admin is created when you install GlassFish Server. For production environments, create at least one other account in the asadmin group in case one account password is compromised. When creating asadmin users give them unique names that cannot be easily guessed.
Assign a password to the admin account.
By default, GlassFish Server includes a single account for user "admin" and an empty password. For production environments this default is inherently unsecure, and you should set a password for admin.
Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next