How do I secure applications and their environments?
Follow these shortcuts to get started quickly with popular tasks.
Develop applications that use programmatic security
Configure declarative security for EJB applications that use J2EE authorization
Develop programmatic security for EJB applications that use J2EE authorization
Apply Web Services Security (WS-Security) to applications
Enable Java™ 2 security with the console
Enable Java 2 security with scripting
Developing custom login modules
Enable resource security for J2C and JDBC data sources
Enable resource security for JavaMail
Implement a custom authentication provider using JASPI
Secure the application hosting environment. The counterpart of securing your applications before and after deployment is to secure the server hosting environment into which the applications are deployed.
Secure the administrative environment before installation
Secure the administrative environment after installation
Configure security with wsadmin scripting
By default, security is enabled out of box. You have an opportunity to modify the default whenever you create a profile, at installation time or any other time. If you do not deselect it, administrative security will be enabled for a profile. Out of box security authenticates users against the file-based federated repository powered by virtual member manager.
Enable and configure administrative security with the console
Enable and configure administrative security with scripting
Authenticate users with the local operating system user registry
Authenticate users with an LDAP user registry
Authenticate with a custom user registry
Authenticate with the file-based federated repository
Access secure resources using SSL and applet clients
Set up Secure Sockets Layer (SSL) between remote servers or clients and servers