Securing WebLogic Server 12c. Learn to develop, administer and troubleshoot for WebLogic Server with this book and

Securing WebLogic Server 12c. Learn to develop, administer and troubleshoot for WebLogic Server with this book and - Opis

Security is a must in modern Enterprise architecture, and WebLogic implements a very complete and complex architecture for configuration and implementation, and we need to deeply know in technologies, terminology and how the security process works between all actors.Transparent security of your applications and Weblogic infrastructure need a good knowledge of the issues you can incur in this long and error prone configuration process.Securing WebLogic Server 12c will simplify a complex world like WebLogic Security, helping the reader to implement and configure. It's the only fast guide that will let you develop and deploy in a production system with best practices both from the development world and the operation world.This book will try to make a clear picture of Java EE Security with clean and simple step-by-step examples that will guide the reader to security implementation and configurationFrom the concepts of Java EE Security to the development of secure application, from the configuration of a realm to the setup of Kerberos Single Sign on, every concept is expressed in simple terms and surrounded by examples and pictures. Finally, also a way to develop WebLogic Security Providers with Maven, so that you can add the security part of your infrastructure to your enterprise best practices. Spis treści:
Securing WebLogic Server 12c
Table of Contents
Securing WebLogic Server 12c
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe?
Free Access for Packt account (...) więcej holders
Instant Updates on New Packt Books
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. WebLogic Security Concepts
General concept of security in Java EE
WebLogic security architecture
Identifying Subjects, Principals, and Credentials
WebLogic resources
Writing custom providers MBeans
Authentication Providers
Authentication under WebLogic
MBean and JAAS
Multipart Authentication Provider
Perimeter Authentication
Identity Assertion
Credential Mapper
JASPIC and Java EE
JACC
Summary
2. WebLogic Security Realm
Configuration of local LDAP server: user/roles/lockout
Users and groups
Users section
Groups section
Security role condition
Basic
Date and time-based
Context element
User lockout
Unlocking user
Configuring an external LDAP for Authentication/Authorization
Configuring a new provider
Control Flag
Active Directory provider-specific configuration
Connection
Users
Groups
Static groups
General
Performance options
Principal Validator Cache
Troubleshooting problems
User lockout in an Active Directory context
Using Identity Assertion
Summary
3. Java EE Security with WebLogic
Setting up an Enterprise Maven project
Creating the modules with maven-archetype-plugin
Installing the WebLogic Server and the WebLogic Maven plugin
Configuring wls-maven-plugin into the EAR POM
Split deploy and beabuild-maven-plugin
Launching our Hello Maven and WebLogic world application
Securing the web module
Standard DD mapping
Custom Roles Mapping
Programmatic security
Programmatic security with WebLogic XACML provider
A RESTful and secure EJB component
Bean packaged into the WAR module
Changing Security Identity with RunAs
Securing the EJB module
Summary
4. Creating Custom Authentication Providers with Maven
The Maven project
Creating the Maven project
Dependencies
Reconfiguring standard plugins
Adding WebLogic MBeanMaker to the POM
Defining the MBean with an MDF File
Writing the MBean implementation
Initializing the provider
Implementation of the provider
Custom JAAS LoginModule
The login() method
Lifecycle methods commit(), abort(), and logout()
A simple SSO JSP
Running the provider
Summary
5. Integrating with Kerberos SPNEGO Identity Assertion
Using Identity Assertion SSO Kerberos in a Microsoft domain
Windows client needs to be in the Active Directory domain
Windows client session needs to be logged in the Active Directory domain
Integrated Windows Authentication
DNS URL entry configuration and SPN definition
Technical Active Directory user
Keytab generation and the krb5 config file
JAAS file creation
WLS init startup arguments configuration
SPNEGO Identity asserter configuration
Debugging issues
Summary
Index mniej