Monday Apr 06, 2009

LOTD #19: Securing GlassFish Installation


Found great (old) blogs (part 1, part 2) by Masoud Kalali that discusses the different ways to secure a GlassFish installation.

Changing master password and admin console passwords (both web-based and CLI) are two fairly trivial operations:

/tmp/glassfish >./bin/asadmin change-master-password
Please enter the new master password>changeit2
Please enter the new master password again>changeit2
Master password changed for domain domain1

and

/tmp/glassfish >./bin/asadmin change-admin-password
Please enter the old admin password>adminadmin
Please enter the new admin password>adminadmin2
Please enter the new admin password again>adminadmin2
Updated .asadminpass file with new password.
Command change-admin-password executed successfully.

And then the blog discusses how to secure administration listener using client-cert authentication or mutual authentication, reduce the visibility of listeners (as appropriate), and other similar techniques. Read Part 1 and Part 2.

The GlassFish Administration Guide provide more details on how to manage your GlassFish installation!

Technorati: glassfish administration security

Thursday Mar 29, 2007

Web Services Security Blogs

Manveen works on XML Web Services and Security and is now blogging. Welcome to the blogosphere! She has already posted three entries this week:

Here are some other entries published by Web Services Security team recently:

All these entries, along with rest of WSIT entries, can be viewed through the WSIT aggregated pipe.

Technorati: WSIT Web services Security

About

profile image
Arun Gupta is a technology enthusiast, a passionate runner, author, and a community guy who works for Oracle Corp.


Java EE 7 Samples

Stay Connected

Search

Archives
« July 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today