Get GlassFish V2 Sun Support for GlassFish - Get GlassFish Portfolio
Main | Next page »
Aug 09
17
Recent user blog entries - security, realm, and encoding
  Posted by alexismp in GlassFish

While the GlassFish Forum is a great place to ask all sorts of questions, it's nice to see users taking the time to document their findings on their blogs. Some recent examples include :

ALT DESCR

"JAVA Security Provider Error" from Marc on getting the proper security provider when porting an application from JBoss to GlassFish.
"JEE Security - How to setup authentication on Glassfish and Netbeans", from Jair about Java EE security applied to GlassFish administration.
"Glassfish uriEncoding UTF-8" from Baiyun on encoding GET and POST parameters in GlassFish (either in domain.xml or in sun-web.xml).

Now I need to make sure this is all integrated into the GlassFish Wiki if not already covered. A centralized place for how-to's in addition to the GlassFish Documentation sounds like a reasonable thing to avoid relying on the accuracy of search engines.

Feb 09
28
Towards Metro 2.0 - JAX-WS 2.2 Update
  Posted by pelegri in Web.Next

This week Harold gave the Metro Webinar, which is a good oppty to catch up with Metro news. There are two release families: GlassFish v2 and GF v3prelude uses the Metro 1.x releases while GlassFish v3 (post-prelude) will use Metro 2.0.

ALT DESCR

The latest 1.x release is Metro 1.4, out last Fall (see Jitu's Summary and GFv3 Prelude note). Jiandong recently published several notes explaining how to use it in STS (Security Token Service) scenarios: [1], [2], [3]; note that Jiandong reports a new 1.5 is being tested.

The Metro 2.x family is still evolving; its first delivery will be in GFv3 and will implement JAX-WS 2.2 (see Rama's post), which includes support for WS-Addressing - Metadata using Policy project. Metro 2.0 can also used on Java SE, see Fabian's note. Full details on Metro 2.0 in its OnePagers; also see the Roadmap, with the usual warning about dates!

Dec 08
10
Taking a closer look at SailFin (Part 1) : Authenticated Identity Management
  Posted by Binod P G in SailFin

Sailfin logo

Venu has blogged about RFC 4474 support in SailFin. This feature introduces a mechanism for securely identifying originators of SIP messages. A lot more information about this feature is available here and here.

It is also worthwhile to look at the following blogs to know more about security in SailFin.
 1. Authentication of SIP Servlet Resources (I, II, III)
 2. RunAS and P-Asserted-Identity

Next week, I will post an entry on how SailFin handles some of the spec related issues in RFC 3261 and JSR 289.

Sep 08
21
... Rails vs Merb, Securing WebApps, Fast Deployments, Compass 2.1, Localizing WebSynergy, IM and Cisco and CDN and Amazon
  Posted by pelegri in NOTD

A compilation of today's news of interest:

Radio Receiver Icon

At MindBucket Paul provides a comparison of the (single-client) performance of Rails vs Merb. Rails is the incumbent in Ruby frameworks; Merb is a very interesting newcomer. Merb is thread-safe, and so will be Rails 2.0, but the comparison does not consider concurrency so that should be a key issue. The comparison includes numbers on GlassFish Server (and stay tuned for more fine-tuning for that case).

From the NetBeans team, a Tutorial on Securing WebApps using Role-Based authentication. The tutorial has detailed step-by-step instructions using NetBeans 6.5 and GlassFish Server.

Ludo addresses Rapid Deployment of Apps on GlassFish in a thread at the GlassFish Users Forum Also hints at future improvements (teaser!).

Shay reports that Compass 2.1 M3 is now available with improved GlassFish support.

From Mahipalsinh an explanation of how to Localize WebSynergy, so you can do it for your favorite language.

And, on the section of important Industry News, Cisco buys Jabber, which should provide integrated IM in their offerings, and Amazon launches CDN service, a la Akamai, LimeLight and others. One of the nice things of working in this industry, it is never boring!

Apr 08
30
Latest Enterprise Tech Tip focuses on Java EE security and JSR 196
  Posted by alexismp in GlassFish

SPNEGO logo

The latest Enterprise Tech Tip is written by Ron Monzillo and covers JSR 196, Java Authentication Service Provider Interface for Containers. The document goes thru detailed steps on how to write, install, and configure a simple SAM (server authentication module) but also how to have your application bind to it.

GlassFish v2 already supports the Servlet Container Profile for this JSR and community member Greg Luck has written (with the help of others) the Spnego implementation for SPNEGO and Kerberos to be used in GlassFish.

Mar 08
28
Tech Tip: Secure Conversations for Web Services With Metro
  Posted by alexismp in GlassFish

Not so secure image

A new Tech Tip written by Jiandong Guo of the Application Server Web Services Security team was just posted. Read the tip and learn the basics of WS-SecureConversation. Also see an example that demonstrates how to enable secure conversations for a web service through the WS-SecureConversation support in Metro. You can find the tip here.

Setting up the infrastructure can be tricky, so if you're getting started with WS-SecureConv, this is a good document to read.

You can get to all the Tech Tips from this site or this blog.

Feb 08
26
SOAP Security in GlassFish's Metro
  Posted by pelegri in GlassFish

Map of Beijing Metro

Does GlassFish support REST or SOAP Web Services? Both! REST through Jersey and SOAP through Metro (Jersey will be included in a future Metro release, see Roadmap).

Security is very important for SOAP Web Services and Jiandong has a set of notes describing how Metro supports WS-SX (OASIS Web Services Security Exchange). Check out the Overview, How to Issue SAML Tokens and a description of a Scenario based on WS-SX.

Jan 08
20
Defining ANYONE Access in GlassFish
  Posted by pelegri in GlassFish

Stick Figure

Java EE has a sophisticated security mechanism based on Roles, Principals and Realms but we need more examples for simple use-case scenarios. I think we will see more of these as a consequence of our general Open Source push and this will also help us improve implementations and specifications.

Ron has been the Java EE security lead for many years and he has started writing some good entries in this area. Check Principal to Role Mapping and his latest How to Define ANYONE access.

Please give us feedback on what we can do to make security easier for you to use.

Dec 07
8
Metro Security - Configuring Kerberos Token Profile and Accessing SAML Assertions
  Posted by pelegri in GlassFish

Mosaic of Cerberus - From Valencia, Spain

Two new posts explaining advanced uses of Web Services security in Metro. First Ashutosh explains how to Run a Kerberos Token Profile based WS Security scenario as it was used at the Latest Plugfest at Redmont. This builds on an earlier entry describing earlier entry on the same topic.

Then Kumar shows how to programmatically Access the SAML Assertion in a WSIT Secure Scenario.

Dec 07
1
Using SSL with GlassFish
  Posted by pelegri in GlassFish

Lorenz Machine

SSL (Overview, SSL@TA) is the workhorse of secure browser-client communication - at least until the more efficient EEC (ECC@TA) gains adoption over it. SSL has been supported in GlassFish since v1 but GFv2 includes additional keystore features that are profile-specific, which are covered in detail in Kumar's tip on Using SSL with GFv2.

Kumar's tip is based on an even more detailed entry where he covers SSL and CRL with GFv2. Check both out!

Oct 07
22
HowTo Resources on Web Services Security using Metro
  Posted by pelegri in GlassFish

Informational Sign

A tip from Jiandong:
Information on Web Services Security at Metro

Jun 07
12
Spnego 1.0 Released
  Posted by woodjr in GlassFish

Spnego Project Logo

The Spnego Project provides a Kerberos-over-SPNEGO plugin for JSR 196-compliant application servers. These are security technologies which can support complex integration scenarios such as single-sign-on all the way from your operating system login to a remote web application.

Greg Luck recently announced that the project team has completed a 1.0 release. They're doing development and testing on GlassFish V2, but their code shouldn't contain anything GlassFish-specific (since they align to JSR 196). Once other app servers support this standard, they too will be able to use the Spnego plugin. For more info, see the project's User Guide and FAQ.

May 07
29
Security Features in GlassFish (and comparison against SJS AS 8.x)
  Posted by pelegri in GlassFish

SJS AS 8.2 Box

One of the goals of GlassFish v2 is to incorporate all the features in SJS AS 8.2 EE (Enterprise Edition). For the most part this means adding features that everybody would want, but some features are mostly for backwards compatibility, or because of specialized needs. The tradeoffs are acheived via the notion of Profiles.

Shing Wai has posted a good Overview of how the different Security features map to GF v1, GF v2 and its profiles and SJS AS 8.2 EE. His summary table is very useful, check it out!

Sep 06
28
Protecting against cross site scripting attacks
  Posted by carlasblog in Web.Next

Greg's blog

Greg's lastest blog talks about how to protect your web app against JavaScript used to execute JavaScript from an unwanted domain. The blog gives specific examples of cross site scripting (XSS) hacks and the code to guard against them. Although most solutions are for clients it also touches on how to improve server side code.

Greg's previous blog on restricting access to AJAX services is quite popular and useful.

Sep 06
27
Nonblocking SSL support now in Grizzly
  Posted by carlasblog in GlassFish

Grizzly with SSL

Jean-Francois writes another informative article this time on adding SSL to Grizzly which uses NIO. This means that he is adding SSL over a framework that uses NIO SocketChannel (non-blocking) implementation. As he comments, SSL support has been in GlassFish since it's inception but that uses the blocking socket method. He goes over the obsticles that he faced and the solutions he came up with.

He did say it was a bit like riding your bike in the snow. Doable but hard...

Languages

Event Calendar

Search

The Aquarium TV

Adoption Stories

GlassFish Podcast

Popular Tags

adoption ajax clustering comet community frontpage glassfish grizzly hudson java javaee javaee6 javaone jax-rs jax-ws jaxb jboss jcp jersey jmaki jruby jsf liferay metro mysql netbeans notd opends openesb openmq opensolaris opensource opensso performance portal rails rest ruby sailfin scripting sip stories sun tools updatecenter v2 v3 webinar webservices weekly

Downloads

Companion Sites

Related Links

Useful Pointers

Offers and Promos

... AT TWITTER

OTHER SHORT NEWS

Recent Entries

News by Mail

Contact Us

Send feedback and leads to theaquarium@sun.com

QR Codes


Navigation