Securing GlassFish Server

Start course
2h 6m

This course takes an in-depth look at security in Java Enterprise Edition. We'll cover a wide range of topics as listed below. Finally, we'll round off the course by taking a look at some example exam questions similar to those you can expect to find on the Oracle Certified Java EE exams.

Learning Objectives

  • Understand the fundamentals of security in Java EE
  • Learn the following concepts and features:
    • Securing GlassFish server
    • Working with users, groups, and roles
    • SSL
    • Securing your web applications
    • Securing enterprise beans
    • Digital certificates
    • Security architecture
    • Security threats
    • And much more...

Intended Audience

This course is intended for anyone who already has basic knowledge of Java and now wants to learn about Java Enterprise Edition.


Basic knowledge of Java programming


Securing GlassFish Server. GlassFish Server supports the Java EE 6 security model. With GlassFish Server, you can: add, delete, or modify authorized users. Configure secure HTTP and Inter-Orb protocol listeners. Configure secure Java management extensions connectors. Add, delete, or modify existing or custom realms. Define an interface for pluggable authorization providers using Java Authorization Contract for Containers. Java Authorization Contract for Containers define security contracts between the GlassFish Server and authorization policy modules. 

These contracts specify how the authorization providers are installed, configured, and used in access decisions. Use pluggable audit modules. Customize authentication mechanisms. All implementations of Java EE 6 compatible web containers are required to support the Servlet Profile of JSR 196 which offers an avenue for customizing the authentication mechanism applied by the web container on behalf of one or more applications. Set and change policy permissions for an application.


About the Author
Learning Paths

OAK Academy is made up of tech experts who have been in the sector for years and years and are deeply rooted in the tech world. They specialize in critical areas like cybersecurity, coding, IT, game development, app monetization, and mobile development.

Covered Topics