Security Guide

JBoss Enterprise Application Platform 5

for use with JBoss Enterprise Application Platform 5

Edition 5.2.0

Anil Saldhana

Jaikiran Pai

Jared Morgan

Joshua Wulf

Marcus Moyses

Peter Skopek

Stephan Mueller

Edited by

Eva Kopalova

Edited by

Petr Penicka

Edited by

Russell Dickenson

Edited by

Scott Mumford

Abstract

The Security Guide is aimed at System Administrators and Developers, and explains how to implement security in JBoss Enterprise Application Platform 5 and its patch releases. The guide covers Java EE Declarative Security; an introduction to Java Authentication and Authorization Service; the Security Model, and Extension Architecture; managing and configuring Security Domains; replacing clear text passwords with masks in configuration files, and using SSL to secure Remote Method Invocation of EJBs.