Reza Rahman is a former independent consultant, now Java EE/GlassFish evangelist at Oracle. He is the author of the popular book EJB 3 in Action. Reza is a frequent speaker at Java User Groups and conferences worldwide. Reza has been a member of the Java EE, EJB and JMS expert groups. He implemented the EJB container for the Resin open source Java EE application server. All views voiced are my own, not necessarily Oracle's. Reza is a DZone MVB and is not an employee of DZone and has posted 159 posts at DZone. You can read more from them at their website. View Full User Profile

LDAP/Form-Based Authentication in GlassFish

07.13.2013
| 4397 views |
  • submit to reddit

Security, specifically authentication and authorization, is one of the least well understood parts of Java EE. This is despite the fact that most Java EE application servers, including GlassFish have extremely robust infrastructures for securing Java EE applications. This is doubly true for application servers like WebLogic which have extensive sets of authentication providers that can often be configured through simple point-and-click GUI interfaces. In this well-written blog post, Mainak Goswami explains how you can secure a Java EE/GlassFish application using LDAP (LDAP being the most widely used authentication provider in the enterprise). I thought it is useful to highlight that entry here.

Mainak explains step-by-step the basics of Java EE security, setting up LDAP in GlassFish, creating the secure application in NetBeans, setting up the GlassFish security realm, writing the secure application and configuring application security.

Published at DZone with permission of Reza Rahman, author and DZone MVB. (source)

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)