Exercise 17.1: Security

Security is configured and handled differently on GlassFish.

First enable the default principal to role mapping under Configuration-Security (this way no security-role-mappings need to be defined in the sun-application.xml file)

Then create a new Real under Configuration->Security->Realms

Create a realm named titan as a FileRealm and add the following properties:

file ${com.sun.aas.instanceRoot}/config/titan-keyfile

jaas-context fileReal

Goto the new realm and click Manage Users...

create the user wburke with a password and a group AUTHORIZED_MERCHANT

create the user richard with a password and a group UNAUTHORIZED_MERCHANT

SecurityDomain has to be removed from the bean.

In case other groups are used the group -> role mapping must be defined in the sun-application.xml file.

Please note this client must be run using the appclient script using the jar file generated by the application server. ( in the domains/domain1/generated/xml/j2ee-apps/titan/ directory. The sun-ejb-jar file was also needed to configure the trust releationships between application server and client.

At the end of the exercise the realm (and users) created above should be dropped from you application server.

Exercise 17.2: Securing Through XML

As the sun application server must be secured through XML and does not use the Jboss specific annotations (nor the jboss specific XML file) making this exercise is pointless.