Jump To Close Expand all Collapse all Table of contents Security Guide I. Security Overview Expand section "I. Security Overview" Collapse section "I. Security Overview" 1. Java EE Declarative Security Overview Expand section "1. Java EE Declarative Security Overview" Collapse section "1. Java EE Declarative Security Overview" 1.1. Security References 1.2. Security Identity 1.3. Security Roles 1.4. EJB method permissions 1.5. Enterprise Bean Security Annotations 1.6. Web Content Security Constraints 1.7. Enabling Form-based Authentication 1.8. Enabling Declarative Security 2. Introduction to JAAS Expand section "2. Introduction to JAAS" Collapse section "2. Introduction to JAAS" 2.1. JAAS Core Classes Expand section "2.1. JAAS Core Classes" Collapse section "2.1. JAAS Core Classes" 2.1.1. Subject and Principal Classes 2.1.2. Subject Authentication 3. JBoss Security Model Expand section "3. JBoss Security Model" Collapse section "3. JBoss Security Model" 3.1. Enabling Declarative Security Revisited 4. The JBoss Security Extension Architecture Expand section "4. The JBoss Security Extension Architecture" Collapse section "4. The JBoss Security Extension Architecture" 4.1. How the JaasSecurityManager Uses JAAS 4.2. The JaasSecurityManagerService MBean 4.3. The JaasSecurityDomain MBean II. Application Security Expand section "II. Application Security" Collapse section "II. Application Security" 5. Overview 6. Security Domain Schema Expand section "6. Security Domain Schema" Collapse section "6. Security Domain Schema" 6.1. Security Domain Elements Expand section "6.1. Security Domain Elements" Collapse section "6.1. Security Domain Elements" 6.1.1. <authentication> 6.1.2. <authorization> 6.1.3. <mapping> 7. Authentication Expand section "7. Authentication" Collapse section "7. Authentication" 7.1. Custom Callback Handlers 8. Authorization Expand section "8. Authorization" Collapse section "8. Authorization" 8.1. Module Delegation 9. Mapping 10. Auditing 11. Deploying Security Domains 12. Login Modules Expand section "12. Login Modules" Collapse section "12. Login Modules" 12.1. Using Modules Expand section "12.1. Using Modules" Collapse section "12.1. Using Modules" 12.1.1. LdapLoginModule 12.1.2. LdapExtLoginModule 12.1.3. Password Stacking 12.1.4. Password Hashing 12.1.5. Unauthenticated Identity 12.1.6. UsersRolesLoginModule 12.1.7. DatabaseServerLoginModule 12.1.8. BaseCertLoginModule 12.1.9. IdentityLoginModule 12.1.10. RunAsLoginModule 12.1.11. RunAsIdentity Creation 12.1.12. ClientLoginModule 12.1.13. SPNEGOLoginModule 12.1.14. RoleMappingLoginModule 12.2. Custom Modules Expand section "12.2. Custom Modules" Collapse section "12.2. Custom Modules" 12.2.1. Subject Usage Pattern Support 12.2.2. Custom LoginModule Example III. Encryption and Security Expand section "III. Encryption and Security" Collapse section "III. Encryption and Security" 13. Secure Remote Password Protocol Expand section "13. Secure Remote Password Protocol" Collapse section "13. Secure Remote Password Protocol" 13.1. Understanding the Algorithm 13.2. Configure Secure Remote Password Information 13.3. Secure Remote Password Example 14. Java Security Manager Expand section "14. Java Security Manager" Collapse section "14. Java Security Manager" 14.1. Using the Security Manager 14.2. Debugging Security Policy Issues Expand section "14.2. Debugging Security Policy Issues" Collapse section "14.2. Debugging Security Policy Issues" 14.2.1. Debugging Security Manager 14.3. Writing Security Policy for JBoss Enterprise Application Platform 15. Securing the EJB RMI transport layer Expand section "15. Securing the EJB RMI transport layer" Collapse section "15. Securing the EJB RMI transport layer" 15.1. SSL Encryption overview Expand section "15.1. SSL Encryption overview" Collapse section "15.1. SSL Encryption overview" 15.1.1. Key pairs and Certificates 15.2. Generate encryption keys and certificate Expand section "15.2. Generate encryption keys and certificate" Collapse section "15.2. Generate encryption keys and certificate" 15.2.1. Generate a self-signed certificate with keytool 15.2.2. Configure a client to accept a self-signed server certificate 15.3. EJB3 RMI + SSL Configuration 15.4. EJB3 RMI via HTTPS Configuration 15.5. EJB2 RMI + SSL Configuration 16. Masking Passwords in XML Configuration Expand section "16. Masking Passwords in XML Configuration" Collapse section "16. Masking Passwords in XML Configuration" 16.1. Password Masking Overview 16.2. Generate a key store and a masked password 16.3. Encrypt the key store password 16.4. Create password masks 16.5. Replace clear text passwords with their password masks 16.6. Changing the password masking defaults 17. Encrypting Data Source Passwords Expand section "17. Encrypting Data Source Passwords" Collapse section "17. Encrypting Data Source Passwords" 17.1. Secured Identity Expand section "17.1. Secured Identity" Collapse section "17.1. Secured Identity" 17.1.1. Encrypt the data source password 17.1.2. Create an application authentication policy with the encrypted password 17.1.3. Configure the data source to use the application authentication policy 17.2. Configured Identity with Password Based Encryption (PBE) 18. Encrypting the Keystore Password in a Tomcat Connector Expand section "18. Encrypting the Keystore Password in a Tomcat Connector" Collapse section "18. Encrypting the Keystore Password in a Tomcat Connector" 18.1. Medium Security Usecase 19. Using LdapExtLoginModule with JaasSecurityDomain 20. Firewalls 21. Securing the Administrative Access Points Expand section "21. Securing the Administrative Access Points" Collapse section "21. Securing the Administrative Access Points" 21.1. JMX Console 21.2. Admin Console 21.3. Web Console 21.4. HTTP Invoker 21.5. JMX Invoker 21.6. Remote Access to Services, Detached Invokers Expand section "21.6. Remote Access to Services, Detached Invokers" Collapse section "21.6. Remote Access to Services, Detached Invokers" 21.6.1. A Detached Invoker Example, the MBeanServer Invoker Adaptor Service 21.7. Disabling Authentication Expand section "21.7. Disabling Authentication" Collapse section "21.7. Disabling Authentication" 21.7.1. JMX Console 21.7.2. Web Console 21.7.3. JMX Invoker 21.7.4. JMX Invoker 21.7.5. ProfileService 21.7.6. JBossWS A. Setting the default JDK with the /usr/sbin/alternatives Utility B. Revision History Legal Notice Settings Close Language: Português 日本語 English Language: Português 日本語 English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Language and Page Formatting Options Language: Português 日本語 English Language: Português 日本語 English Format: Multi-page Single-page PDF Format: Multi-page Single-page PDF Part II. Application Security Previous Next