Arun Gupta, Miles to go ...

Arun Gupta is a technology enthusiast, a passionate runner, and a community guy who works for Sun Microsystems.
« Previous day (Apr 6, 2009) | Main | Next day (Apr 8, 2009) »

http://blogs.sun.com/arungupta/date/20090407 Tuesday April 07, 2009

LOTD #19: Securing GlassFish Installation


Found great (old) blogs (part 1, part 2) by Masoud Kalali that discusses the different ways to secure a GlassFish installation.

Changing master password and admin console passwords (both web-based and CLI) are two fairly trivial operations:

/tmp/glassfish >./bin/asadmin change-master-password
Please enter the new master password>changeit2
Please enter the new master password again>changeit2
Master password changed for domain domain1

and

/tmp/glassfish >./bin/asadmin change-admin-password
Please enter the old admin password>adminadmin
Please enter the new admin password>adminadmin2
Please enter the new admin password again>adminadmin2
Updated .asadminpass file with new password.
Command change-admin-password executed successfully.

And then the blog discusses how to secure administration listener using client-cert authentication or mutual authentication, reduce the visibility of listeners (as appropriate), and other similar techniques. Read Part 1 and Part 2.

The GlassFish Administration Guide provide more details on how to manage your GlassFish installation!

Technorati: glassfish administration security

Posted by Arun Gupta in General  |  Comments[3]

del.icio.us | furl | simpy | slashdot | technorati | digg |
|
« Previous day (Apr 6, 2009) | Main | Next day (Apr 8, 2009) »

Valid HTML! Valid CSS!

This is a personal weblog, I do not speak for my employer.