The simplest approach would be to use container based security, configure
your application to use the file realm for users, and give the remote admin
access to the GlassFish Admin Console so they can manage users in the file
realm.
A more robust approach would be to use a database to store the users and
use the JDBC realm and configure your application to use it. You would
need to implement as part of your application the user management though
that would add users to the database. You can search for examples, but
here is the first one I came across:
http://blog.eisele.net/2013/01/jdbc-realm-glassfish312-primefaces342.html
On Fri, Mar 21, 2014 at 8:20 PM, Lane <
software.research.development_at_gmail.com> wrote:
> I have a glassfish application and am trying to figure out what type of
> security and how to implement it. I am eventually hoping to place this in a
> cloud environment to host for customers.
>
> The application calls for a remote admin to login and create users and
> their passwords so that these users can login and use the application.
>
> I was going through the Glassfish server docs and thought that since users
> will not be hosting the app (I will), then it wouldn't make much sense for
> them to use deployment descriptors or container managed security which
> declaritive security appears to be. So it seems I would have to implement
> programmatic security.
>
> Am I on the right track here?
>
>