In this section, we discuss several additional security features implemented in GlassFish, and some common practices we take to make GlassFish more secure.
First, let's consider the management of passwords in GlassFish.
GlassFish uses two categories of passwords—those necessary for running the administration and configuration tasks, and those necessary for configuring the resources. Examples of administration related passwords include the GlassFish master password, and the administrator's password. Examples of application resource related passwords include the passwords for a data source.