users@glassfish.java.net

Glassfish 3.1 Deployment and Security

From: <forums_at_java.net>
Date: Mon, 19 Sep 2011 01:24:24 -0500 (CDT)

 Hi,

I have a J2EE RESTful web service that I deploy to glassfish 3.1 which works
great, but only one application in one domain and currently without security.

When I start develop the application I thouhg I could have multiple clients
hosted on single machine by creating glassfish domain for each client. In
reality each glassfish domain is at least one OS process which mean it will
not scale.

*1. What is a good way to have RESTful web service hosted on single physical
machine each connected to a different database?*

I'm thinking deploying multiple application into single glassfish domain but
this requires the following:

  1) Create JDBC pool and resource for each application
  2) Change the name of the JDBC resource used by the application
  3) Deploy the modified application

Is that the way to go because I didn't saw any tools to change the deployment
descriptor once packages into war.

 

The second thing is I want to add security (authentication and authorization)
to my RESTful web service. After reading about it I understand Glassfish has
two security abilityies: one is realm (JAAS) and the other is JSR196.

JSR196 sound like the way I should go. I store the usernames and digested
password in the database of each application.

*2. How can I build providers and config them so that each deployed
application will have the same security provider but different properties
which direct the provider to which database to connect?*

 

Thank you,

Ido.


--
[Message sent by forum member 'ido_ran']
View Post: http://forums.java.net/node/844475