Masoud Kalali's Blog

Identity, something that we hear more often these days with the whole web 2.0 and social services and more and more web based public services growing around us. The identity notion is an integral part of a security system in distributed services. Developing effective software system require an effective security and access control system which [...]

On the 7th of december I presented the “Security in Java EE platform: what is included, what is missing” session in the JavaForum meeting. Although I arrived somehow late and left  right after the last presentation which was done by Chet Hendrickson but I can say that the athmospher was really friendly and enjoyable. I [...]

I decided to write down the answer for some questions which my book’s readers email me or ask me via twitter in my weblog so everyone can benefit from the answers. Here is the answer to the first question which involves custom security realms. GlassFish supports 5 types of security realms out of the box [...]

Please use the following articles while I am updating this entry How to have your Own CA and configure Glassfish and your clients for mutual authentication? How to have your Own CA and configure Glassfish and your clients for mutual authentication?, Part II Please post any comment or question here so we can have one [...]

In order to secure the application server you need to secure its communication ways with outside world, It means you will need to secure all ports and listeners. There are 3 kind of listeners in Glassfish application server that you will need to take care of them First of all make sure that you secured [...]

It is some days that I saw some posts about securing Glassfish in production environment, so I thought I write some of my experience here to let other secure the glassfish easier. There are some basic items that you will need to relay on in order to have a secure Glassfish installation.   secure access [...]

In the second part of the series, you can see how we can utilize EJBCA to create certification for a client side application which will communicate with Glassfish server when Client cert authentication (Mutual Authentication) is enabled whether by changing the listener attributes or by describing it in the web-config.xml. In order to create client [...]

One of the most repeated question in GlassFish mailing list is SSL, Certification, Mutual Authentication,…. In this Entry I will try to address some of this questions by giving an step by step guide for using EJBCA to issue certificate, use them in both glassfish and clients which connect to glassfish in some manner. clients [...]

OpenSSO  which is open source branch of Sun Java Access Manager has several module which you should install and configure in case that you want to have similar bundle from its open source branch. One of main components is OpenSSO itself which you can obtain from  Its nightly builds page; just make sure to select [...]