Posts tagged Security (4)
Securing a REST Service
Published on 05 Sep 2018
by Arjan Tijms
Topics:
REST,
Security
|
1 Comment
If you're building a REST service, then that REST service will expose some kind of data or will allow some kind of interactions with a server. For instance, consider a Facebook REST service that allows you to retrieve your chat history. Naturally you don't want just anyone looking at that history, hence the need for security.
Did You Know? Payara Server Comes with Soteria
Published on 06 Aug 2018
by Mark Wareham
Topics:
Security,
Payara Server 5,
Payara Server
|
0 Comments
Did You Know? Payara Server and Payara Micro Provide Support for Yubikey
Published on 26 Jun 2018
by Mark Wareham
Topics:
Security,
Payara Server
|
0 Comments
Java EE Security API (JSR 375/Soteria) with JWT tokens
Published on 08 May 2018
by Gaurav Gupta
Topics:
Java EE,
Security
|
16 Comments
Security Auditing in Payara Server - Part 2
Published on 14 Jul 2017
by Fabio Turizo
Topics:
How-to,
Security,
JVM,
EJB
|
0 Comments
Following up from the first part of the Security Auditing article, where we covered the audit logging, in this part we will focus on creating a custom audit module.
Security Auditing in Payara Server - Part 1
Published on 06 Jul 2017
by Fabio Turizo
Topics:
How-to,
Security,
JVM,
EJB
|
0 Comments
Security is always a concern you must have when implementing applications that will run in production environments. Both the JVM and Payara Server have a strong tool set of security implementations for most use cases in the industry, so you won’t have to worry about implementing your own security measures from scratch.
GlassFish to Payara Server Migration - migrating away from the Oracle Access Manager integration
Published on 09 Feb 2017
by Fabio Turizo
Topics:
How-to,
Security,
JASPIC,
GlassFish Migration
|
0 Comments
In the fifth part of our continuing series on alternatives for commercial Oracle GlassFish features, we are looking at a replacement for the Oracle's Access Manager integration feature.
Payara Server LDAP Integration - Part 3: Extracting User Information
Published on 15 Nov 2016
by Fabio Turizo
Topics:
Docker,
How-to,
Security,
LDAP
|
0 Comments
In this three-parts article series I'm illustrating the implementation of the LDAP integration using a sample scenario: integrate Payara Server with a LDAP user directory and manage the authentication and authorization of a sample web application.
In Part 1, I showed you how to start the LDAP Server, while in Part 2 we configured the LDAP realm. Now you are probably wondering how to get the user’s information (first and last name, email address, etc.) that resides in the LDAP server. Unfortunately, the JAAS API doesn’t offer any standard mechanisms to access this user attributes in the directory tree. But there are other options available:
Payara Server LDAP Integration - Part 2: Configuring Security
Published on 09 Nov 2016
by Fabio Turizo
Topics:
Docker,
How-to,
Security,
LDAP
|
10 Comments
See 'Part 1 - Configuring the LDAP Server' here.
In this three-parts article series I will illustrate the implementation of the LDAP integration using a sample scenario: integrate Payara Server with a LDAP user directory and manage the authentication and authorization of a sample web application.
Securing Payara Server with Custom SSL Certificate
Published on 08 Apr 2016
by Ondro Mihályi
Topics:
How-to,
Security,
Admin
|
38 Comments
One of the most common administration tasks with Payara Server, as well as with any web server, is to set up certificates to secure either HTTP protocol or remote access to Payara Server administration interface. You might have a self-signed certificate or a certificate signed by a trusted authority. In both cases it is pretty easy to add them to a Payara Server domain and use them to secure communication channels.