In addition to what Senthil has said, I have following
questions/comments.
- When you "install" GlassFish using "java -jar -Xmx256m
glassfish-download.jar",
it will be expanded under your location of choice. So, if you choose
/software as
the "install location", all the GlassFish executables and library jars
will be
created at "/software/glassfish". Note that you are doing all of this
using an
operating system user account/user-id. Let's call it "joe". The
account "joe"
may or may not have super-user privileges. Having super-user
privileges gives
you an ability to bind to privileged ports like port 80. For the sake
of brevity,
let's say that the Ubuntu Linux System you are using also has another
account
called "blo".
- Only libraries and binaries on disk are of no use. You need a running
"server".
In GlassFish lingo, we call it a "domain". Thus, you need to create a
domain.
- GlassFish when set up with the "ant -f setup.xml" command, will always
have "admin" and "adminadmin" as the domain's admin credentials. These
are completely
independent of the OS user "joe". Apart from the "starting" and
"stopping" of the
the server, any System account user can manage the GlassFish
domain/server you've set up.
Thus, if you have the setup using "joe" account, a user with "blo"
account can deploy
an application to that domain, just because "blo" happens to know the
domain's admin
user and admin password.
- Thus, first thing you'd do, when you want to host your family web-site
on GlassFish
domain is choose strong admin user and admin password. The way to do
this is simple.
Go to setup.xml and modify "adminadmin" to something of your choice.
That way, only
the user/users who know that password will be able to "manage" the
domain/server.
But note that only "joe", the owner of the domain will be able to
start/stop the domain.
- This is the story as far as the "administration" of the domain is
concerned. I'll
recommend that you reserve one user/password as the admin
user/password to manage
the server. If you want multiple users to actually do that *without*
sharing your admin
password, then you can create additional "admin" users who can manage
the server. Note
however that you, "joe" will be the ONLY user who can start/stop the
domain/server.
The way to create multiple admin users is:
- Start the domain.
- Log on to the admin console --
http://localhost:4848
- Create Additional Admin Users using the security-service
configuration. Choose
the "group" as "asadmin".
Let's say you created another admin user with id: "nimda", then you
can distribute
that admin user and associated password to anyone else who wants to
manage the server/domain.
- Now coming to serving your pages from a web-application. Since this is
a family-web-site
I am assuming that you've got some static web-pages, images to be
served and then some
dynamic pages to be created. Here you can create a web-application to
begin with (use
NetBeans to do that) and then "deploy" this application to your web
site using admin user
and password that you have. The application will be up and running in
a jiffy and you and
others who know about the URL can access the pages from this application.
- Now, if you want to "restrict" access to some of the pages from this
application, it falls
under the "web-application security" realm and as such, you should
read some books on web application
security (e.g. Head First Servlets and JSP). That way, you can, for
example, present a form
for login and only authorized users will have access to those
resources (thus, those
resources are protected). All the users are thus granted the access
are the "users"
of your application. These users are distinctly different from the
administrators
referred to above.
Have I addressed your concerned correctly or am I off-base here?
Regards,
Kedar
Senthil Chidambaram wrote:
> Dru,
> You can install glassfish as a separate GF user, and provide glassfish
> adminstrative userid/passwd you've given during installation to who
> ever you feel need to have administrator privilege on the server.
>
> thx
> Senthil
>
> Dru Devore wrote:
>> I am installing glassfish to Ubuntu linux and need to ask what kinds of
>> permissions and user ownership it should have. This server will be
>> running for a family web site. I don't want to use my own account
>> because I will have more than one person using the site.
>>
>> So should I create another user and if so do I create a group for that
>> user and add all the other users to it? This is my first attempt at
>> putting a server on linux available to the public.
>>
>> Please help.
>>
>>
>> ---
>> Dru Devore
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>