Configuring Security Roles for the GlassFish Application Server

See Also

If you want to create secure areas of a web application, you need to configure the security roles by modifying the project's deployment descriptors. When configuring the security roles for your web application, you define your security roles in web.xml.

If the target server for your application is the GlassFish server, you need to edit glassfish-web.xml to map the security roles to the users and groups defined on the server. You map security roles by adding a principal or group to a security role. A security role can have more than one principal or group. You can use the IDE to help you edit glassfish-web.xml to map security roles.

To map security roles:

  1. In the Projects window of the IDE, double-click glassfish-web.xml located in the Configuration Files directory of your web application project.
  2. Click the Security tab in the visual editor.
  3. Click Add Security Role Mapping to create a new security role.
  4. Expand the security role node to view the properties of the security role.
  5. Click Add Principal or Add Group to open the Add Principal or Add Group dialog box.
  6. In the dialog box, enter the name of the principal or group to add to the selected security role. The name of the principal or group must match a name specified on the GlassFish server.

For more on configuring security, see the chapter on securing applications in the Oracle GlassFish Server Application Development Guide:

See Also
Working with the GlassFish Application Server
Managing Users for the GlassFish Application Server
Accessing the GlassFish Application Server Admin Console
web.xml Visual Editor: Security Roles

Legal Notices