1 2 Previous Next 16 Replies Latest reply on Jul 2, 2012 8:42 AM by matsli Go to original post
      • 15. Embedded Glassfish and security issues
        magnus.smith
        magnus.smith May 17, 2011 6:10 AM (in response to ekatus-atimoss)

        hope it helps

         

        Let me know how you get on.  It took me a while to get it all working but once your there ...

         

        One more thing that I found useful with glassfish was setting the Default Principal    to Role Mapping option under Security in the admin web interface.

        Setting this means that if you use the same role names in the glassfish file realm as your Java EE secured EJBs then you don't need to bother

        defining security role mappings.

         

        http://blogs.oracle.com/bobby/entry/simplified_security_role_mapping

          • Actions
        • 16. Re: Embedded Glassfish and security issues
          matsli
          matsli Jul 2, 2012 8:42 AM (in response to magnus.smith)

          Thanks, you saved my day!

           

          To avoid keeping a configured instance, you can just copy the domain.xml and keyfile after you have created the users.

          Just edit the realm definition to point to the copied keyfile:

           

          <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="file">
          <property value="src/test/glassfish-config/keyfile" name="file" />
          <property value="fileRealm" name="jaas-context" />
</auth-realm>

           

          Now, you only have two files to put in your source repository instead of a complete GlassFish instance.

           

          Mats

            • Actions
          1 2 Previous Next