I decided to write down the answer for some questions which my book's readers email me or ask me via twitter in my weblog so everyone can benefit from the answers. Here is the answer to the first question which involves custom security realms.
GlassFish supports 5 types of security realms out of the box which are sd follow:
File Realm: Usefull for development and testing purposes. GlassFish...
on May 18, 2010
Java EE Security refcard is available for download. This refcard covers Java EE 6 security and discuss how each application server supports the specs. The refcard covers authentication, authorization, and transport security in Web Application, EJB application and web services by introducing the concept and the related annotations and deployment descriptors which help us realize the concept....
on May 17, 2010
Please use the following articles while I am updating this entry
How to have your Own CA and configure Glassfish and your clients for mutual authentication?
How to have your Own CA and configure Glassfish and your clients for mutual authentication?, Part II
Please post any comment or question here so we can have one main reference for this.
var gaJsHost = (("https:" == document.location....
on May 13, 2010
Learning GlassFish v3 Command Line Administration Interface (CLI)
Terminals and consoles was one of the earliest types of communication interfaces between a system administrator and the system administration layer. Due to this long time presence, command line administration consoles become one the most utilized administration channel for configuring different software ranging from database...
on Apr 27, 2010
Extending GlassFish CLI and Administration Console, Developing the sample Modules
Administrators are always looking for a more effective, easier to use, and less time consuming tool to use as the interface sitting between them and what they supposed to administrate and manage. GlassFish provide effective, easy to access and easy to simple to navigate in administration channels which cover all...
on Mar 29, 2010
As promised earlier, I am going to quickly go over the key points I gathered from the talks I attended at eclipsecon and I also want to brief you about my topic at the conference. Because of a migrane attack earlier today which I firmly believe was caused by severe jat lag, I could not attend as much on day #2 as I had earlier decided to, and that's the very reason why I will keep...
on Mar 24, 2010
Here is the second part of the CAFE fundamentals blog series. This time, I am explaining two important interfaces called Communication and UserProcedure with an example. If this is the first time you are hearing about SailFin CAFE, I recommend reading the CAFE fundamentals article and the blog on writing your first CAFE application. The core of this discussion is an example which shows...
on May 17, 2010
Content available at: http://blogs.sun.com/arungupta/entry/totd_131_dynamic_osgi_services
on Apr 29, 2010
The Book in Details:
Security was, is, and will be one of the most important aspects of Enterprise Applications and one of the most challenging areas for architects, developers, and administrators. It is mandatory for Java EE application developers to secure their enterprise applications using Glassfish security features.
Learn to secure Java EE artifacts (like Servlets and EJB methods),...
on May 13, 2010
This is the first edition of a new column I'll be writing each weekend titled "java.net: the Week in Review." In the column, I'll present all of the previous week's Java Today news items, a selection of java.net blog posts, polls, and spotlights.
I'll organize the presentation by categorizing the featured news items, so if, for example, your interest is JavaEE and GlassFish, you'll be...
on May 1, 2010
FESI Research Program Overview
FESI is the Free and open source software Enterprise Solutions Institute. We are a research program designed to study tomorrow's internet technologies as a means to teach folks in the local workforce how to use technologies our customers will likely want to implement. We also perform this research to prepare local engineers with the knowledge and...
on Apr 27, 2010
Once again the FUD around Solaris and OpenSolaris fate started to spread after Dana Blankenhorn misunderstood the licensing terms and used a eye catching and visitor increasing title, Oracle taking back OpenSolaris, for his blog entry. Well, from this article we can get that even the veteran writers can get things wrong and spread incorrect news :-)
Folks, Solairs is one of the biggest Sun assets...
on Apr 1, 2010
My last blog
entry about JSR-314-OPEN@JCP.ORG was over a year ago. This list is the official Expert Group (EG) mailing list on which the development of the JSR-314 specification (JSF 2.0) is discussed. The
information on how to subscribe/unsubscribe to this list changed in June
2010, but I haven't updated any existing information or blogged any new
information about it. This is the overdue...
on Mar 19, 2010
Last week's kickoff of FESI's research program went very well. There are a number of folks (>500) who are now following this blog on Java.net, and a number who have gotten involved. While we wait for more folks, we'll be researching new technologies, the first being NOSQL databases.
If the kind of topics we're research interests you, please feel free to join the project;...
on May 5, 2010
I'v just published an integration module for using GridGain with Spring Batch.
Using this module you can distribute Spring Batch processing inside a GridGain grid with the implementation of remote chunking.
on May 4, 2010
Meeting with OSGi Experts
Although I had interacted with a number of active members of OSGi  expert group, last week I had the opportunity to meet some of these experts at an OSGi Enterprise Expert Group face2face event held at LinkedIn's Mountain View office. This is also the first time I met Richard S. Hall, the Felix guy (don't confuse with a very active Felix ...
on Mar 22, 2010
What I realized shortly after we put out Magnolia 4.3 is that while we tried to explain new multisite support for example in this screencast there are still plenty of grey areas and lot of confusion when people actually get to use the multisite support. And I think I wrote and talked about this topic earlier as well.
Of course as with any new functionality, there are still...
on May 3, 2010
I wanted to describe an interesting problem I recently faced that involved the most excellent JAX-RS specification and its Jersey implementation. The quick overview is that we wanted the output of our JAX-RS resource classes to be client-agnostic, but we also wanted the ability to insert a decorator of sorts in between the objects we were returning and the normal JAX-RS serialization/...
on Apr 28, 2010
Manage, Administrate and Monitor GlassFish v3 using Application Server Management Extensions (AMX) & The Java Management Extensions (JMX)
Management is one of the most crucial parts of an application server set of functionalities. Development of the application which we deploy into the server happens once with minor development iteration during the software lifecycle, but the management is...
on Apr 6, 2010
Spring framework is one of the biggest and the most comprehensive frameworks Java Community can utilize to cover most of the end to end requirement of a software system when it come to implementation.
Spring Security and Spring Remoting are two important parts of the framework which covers security in a descriptive way and let us have remote invocation of a spring bean methods using a local...
on Mar 18, 2010