Security in GlassFish

Jagadesh is our technical expert on Security. He also has great deal of knowledge on SailFin and many other things.

He has this informative blog on security documentation in GlassFish, this could be your one stop on Security in GlassFish

Please post your questions/comments to his blog, he has depth of security knowledge, lets leverage it !

TAGS:
Comments:

Hi there,

I just installed NetBeans6.1(built-in glassfish) and I tried a simple web sample, but when I ran the sample project, get a small window ask for password of server user "admin". I type in the password and still get it. Can you please to guide me how to fix this problem? thank a lot.

Posted by dyang on July 08, 2008 at 01:58 PM PDT #

Hi,

The default password is adminadmin, please try this

Please let us know which web sample you are trying

As such, it will ask password if you open admin console

Here is document on Netbeans 6.1 install
http://www.netbeans.org/community/releases/61/install.html

The GlassFish Quick start guide is here
https://glassfish.dev.java.net/downloads/quickstart/index.html

Also, please read this blog for more details on GlassFish
http://blogs.sun.com/quality

Thanks,
Gopal

Posted by Gopal Jorapur on July 09, 2008 at 09:25 AM PDT #

Hello Jagadesh,

i am switching from Oracle Application Server to Glassfish and from JDeveloper to NetBeans 6.1.
I want to use LDAP (Microsoft AD) to secure my applications. After doing the settings for LDAP Realm in Glassfish i am getting the following errors:

SEC1106: Error during LDAP search with filter [uid=prego\\alles.h].
SEC1000: Caught exception.
javax.naming.directory.InvalidSearchFilterException: invalid escape sequence: [B@181ee41; remaining name 'dc=saarferngas,dc=prego,dc=org'
at com.sun.jndi.ldap.Filter.unescapeFilterValue(Filter.java:216)
at com.sun.jndi.ldap.Filter.encodeSimpleFilter(Filter.java:359)
at com.sun.jndi.ldap.Filter.encodeFilter(Filter.java:151)
at com.sun.jndi.ldap.Filter.encodeFilterString(Filter.java:55)
at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:520)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1944)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1806)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
at com.sun.enterprise.security.auth.realm.ldap.LDAPRealm.userSearch(LDAPRealm.java:486)
at com.sun.enterprise.security.auth.realm.ldap.LDAPRealm.findAndBind(LDAPRealm.java:405)
at com.sun.enterprise.security.auth.login.LDAPLoginModule.authenticate(LDAPLoginModule.java:111)
at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:90)
at com.sun.appserv.security.AppservPasswordLoginModule.login(AppservPasswordLoginModule.java:184)
at sun.reflect.GeneratedMethodAccessor221.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.sun.enterprise.security.auth.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:295)
at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:170)
at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:123)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:479)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:419)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:161)
at com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1146)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:627)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:609)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
SEC5046: Audit: Authentication refused for [prego\\alles.h].
Web login failed: Login failed: javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: User prego\\alles.h not found.

It looks to me, that i can connect to the LDAP-Server, but there are some problems with the domain\\username combination.

Thanks for your help.

Hans

Posted by guest on September 15, 2008 at 05:27 PM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Gopal Jorapur

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today