Go to main content
1/8
Contents
Title and Copyright Information
Preface
Audience
Related Documents
Document Revision History
Documentation Accessibility
1
Convergence Security Overview
Basic Security Considerations
Understanding the Convergence Environment
Overview of Convergence Server Security
Recommended Deployment Topologies
Operating System Security
Firewall Port Configuration
GlassFish Server Security
Accessing a Web Application Deployed on GlassFish Server
Secure Sockets Layer (SSL)
Configuring SSL in Convergence
Configuring Authentication-Only SSL
Enabling SSL for Back-End Servers
Closing Non-SSL Connections
LDAP Security
2
Performing a Secure Convergence Installation
Installing Infrastructure Components Securely
Installing Third-Party Service Applications Securely
Credentials Needed to Install Convergence Components
3
Implementing Convergence Security
Managing Security of Passwords
Disabling SSLv3 on Front-End GlassFish Server Hosts
Administering Encryption for Secure Authentication
About Certificate-Based Authentication
Enabling SSL and Client Authentication for a Listener in GlassFish Server
Managing Certificates in GlassFish Server
Certificate Revocation Support in GlassFish Server
Configuring the Convergence Certificate Mapper
Mapper File Syntax
Mapper File Properties and Values
Sample certmap.conf Mapping
Enabling Certificate Authentication Support
About Single Sign-On Security
About Mail Encryption and Digital Signatures
Detecting Security Attacks or Insecure System Use
Messaging Server Best Practices for Fighting Email Spam
Limiting Mail Delivery
Denying Denial of Service Attacks in Messaging Server
System Logging
Securing Oracle Outside In Transformation Server
4
Security Considerations for Developers
Writing a Custom Pluggable SSO Module
SSO Mechanism in Convergence
Implementing the Custom SSO Module
Configuration
About the
sso.notifyserviceimpl
Parameter
Custom SSO Implementation Example
Summary
Writing a Custom Authentication Module
Basic Concepts
Convergence Authentication Framework
Contracts Defined by the Authentication Module
About the Sample Application
Implementing the Classes Required for the File-Based Authentication Store
How the Implementation Works
Compiling the Sample Custom Module
Configuring the Sample Custom Authentication Module
Deploying the Authentication Module in GlassFish Server
Debugging and Troubleshooting the Custom Authentication Module
Disabling the Custom Authentication Module
Summary
A
Convergence Secure Deployment Checklist
Secure Deployment Checklist
Scripting on this page enhances content navigation, but does not change the content in any way.