LOTD #19: Securing GlassFish Installation


Found great (old) blogs (part 1, part 2) by Masoud Kalali that discusses the different ways to secure a GlassFish installation.

Changing master password and admin console passwords (both web-based and CLI) are two fairly trivial operations:

/tmp/glassfish >./bin/asadmin change-master-password
Please enter the new master password>changeit2
Please enter the new master password again>changeit2
Master password changed for domain domain1

and

/tmp/glassfish >./bin/asadmin change-admin-password
Please enter the old admin password>adminadmin
Please enter the new admin password>adminadmin2
Please enter the new admin password again>adminadmin2
Updated .asadminpass file with new password.
Command change-admin-password executed successfully.

And then the blog discusses how to secure administration listener using client-cert authentication or mutual authentication, reduce the visibility of listeners (as appropriate), and other similar techniques. Read Part 1 and Part 2.

The GlassFish Administration Guide provide more details on how to manage your GlassFish installation!

Technorati: glassfish administration security
Comments:

thank you

Posted by neon on April 26, 2009 at 07:11 AM PDT #

thank you

Posted by neon tabela on April 26, 2009 at 07:12 AM PDT #

thanks you man

Posted by Seslichat on May 02, 2009 at 01:58 AM PDT #

Post a Comment:
Comments are closed for this entry.
About

profile image
Arun Gupta is a technology enthusiast, a passionate runner, author, and a community guy who works for Oracle Corp.


Java EE 7 Samples

Stay Connected

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today