Friday Jul 12, 2013

LDAP/Form-Based Authentication in GlassFish

Security, specifically authentication and authorization, is one of the least well understood parts of Java EE. This is despite the fact that most Java EE application servers, including GlassFish have extremely robust infrastructures for securing Java EE applications. This is doubly true for application servers like WebLogic which have extensive sets of authentication providers that can often be configured through simple point-and-click GUI interfaces. In this well-written blog post, Mainak Goswami explains how you can secure a Java EE/GlassFish application using LDAP (LDAP being the most widely used authentication provider in the enterprise). I thought it is useful to highlight that entry here.

Mainak explains step-by-step the basics of Java EE security, setting up LDAP in GlassFish, creating the secure application in NetBeans, setting up the GlassFish security realm, writing the secure application and configuring application security.

Tuesday May 14, 2013

JDBC/Form-Based Authentication in GlassFish

Security, specifically authentication and authorization, is one of the least well understood parts of Java EE. This is despite the fact that most Java EE application servers, including GlassFish have extremely robust infrastructures for securing Java EE applications. This is why it is no surprise that one of the most popular entries on celebrated Java EE advocate and German author Markus Eisele's blog is about securing GlassFish Java EE applications. I thought it is useful to highlight that entry here.

In the entry, Markus explains step-by-step how to setup the database with security data, setting up the database in GlassFish, creating the secure application in NetBeans, setting up the GlassFish security realm, write the secure application and configure application security.

Tuesday Mar 14, 2006

JAAS and JSF

DESCR

Ed takes an excerpt from his new book on Securing JavaServer Faces applications and show some examples using JAAS authentication in JSF applications. He offers a reusable solution which encapsulates the security logic from the rest of the application.

Just starting out with JSF? See Pavel's blog about a new feature in NetBeans which makes generating simple JSF apps very easy.