Home/ Questions/Q 7807249
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T02:47:42+00:00

I was able to setup Glassfish container managed security following this http://jugojava.blogspot.com/2011/02/jdbc-security-realm-with-glassfish-and.html Now, all

  • 0

I was able to setup Glassfish container managed security following this
http://jugojava.blogspot.com/2011/02/jdbc-security-realm-with-glassfish-and.html

Now, all my secured resources requires a login page.

But I still dont know how to securely transmit the login information from the client to the
server. I read somewhere taht I should use SSL (Secure Sockets Layer).

I googled about this but I cant find a good resource on how to do this in Glassfish 3.

Some of the tutorials requires certificate signed from the net which I think is too complicated for
my intranet app.

Does anybody know a good resource on how to do this simple use case?

Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can force SSL transmission by adding a user-data-constraint to your security-constraint in web.xml. It is explained in the Java EE tutorial.

    Here is the sample configuration from the tutorial:

    <security-constraint>
    <web-resource-collection>
        ...
    </web-resource-collection>
    <auth-constraint>
        ...
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

    Glassfish comes with a default certificate which gives browser warnings but you can use it for tests.

    • 0