marciopalheta/GlassFishRemoteSecureAdmin.txt

## GlassFishRemoteSecureAdmin.txt
The problem

Since Glassfish version 3.1, the server could be only administrated remotely, when the secure admin feature is enabled (see here).
New since 3.1.2+ is, that every administration account must have a password if you want to enabled remote secure admin.

The next steps are all done in the asadmin console. You can start this under

Linux
[code]./<GlassfishDirectory>/bin/asadmin[/code]
Windows
[code]<GlassfishDirectory>binasadmin.bat[/code]
The solution

If you are not sure about having a password set to every administrator account just try:

[code]
enable-secure-admin
[/code]

If this states out that

[code]
remote failure: At least one admin user has an empty password, which secure admin does not permit. Use the change-admin-password command or the admin console to create non-empty passwords for admin accounts.

Command enable-secure-admin failed.
[/code]

follow the steps in “Setting password on administrator account” otherwise you can go directly to “Enabling secure admin”

SETTING PASSWORD ON ADMINISTRATOR ACCOUNT

For the default admin user “admin”, this could be done by the following commands:

[code]
change-admin-password
> Enter admin user name [default: admin]> hit enter
> Enter admin password> hit enter
> Enter admin password> type password
> Enter admin password again> type password again
[/code]

Eventually you have to accept displayed certificate information

[code]> Do you trust the above certificate [y|N] --> y[/code]

After that this should be prompted:

[code]> Command change-admin-password executed successfully.[/code]

And now:

ENABLING SECURE ADMIN

Just type:

[code]
enable-secure-admin
> Enter admin user name> admin
> Enter admin password for user "admin"> type the password
> You must restart all running servers for the change in secure admin to take effect.
> Command enable-secure-admin executed successfully.
[/code]

Now restart every server/domain (by default “domain1″)

[code]
restart-domain <domainName>
[/code]

After that you can check with

[code]get secure-admin.enabled[/code]

if the secure admin is now enabled.

From now on you are redirected to a https variant of the webconsole, where you have to login via username and password.
	The problem

	Since Glassfish version 3.1, the server could be only administrated remotely, when the secure admin feature is enabled (see here).
	New since 3.1.2+ is, that every administration account must have a password if you want to enabled remote secure admin.

	The next steps are all done in the asadmin console. You can start this under

	Linux
	[code]./<GlassfishDirectory>/bin/asadmin[/code]
	Windows
	[code]<GlassfishDirectory>binasadmin.bat[/code]
	The solution

	If you are not sure about having a password set to every administrator account just try:

	[code]
	enable-secure-admin
	[/code]

	If this states out that

	[code]
	remote failure: At least one admin user has an empty password, which secure admin does not permit. Use the change-admin-password command or the admin console to create non-empty passwords for admin accounts.

	Command enable-secure-admin failed.
	[/code]

	follow the steps in “Setting password on administrator account” otherwise you can go directly to “Enabling secure admin”

	SETTING PASSWORD ON ADMINISTRATOR ACCOUNT

	For the default admin user “admin”, this could be done by the following commands:

	[code]
	change-admin-password
	> Enter admin user name [default: admin]> hit enter
	> Enter admin password> hit enter
	> Enter admin password> type password
	> Enter admin password again> type password again
	[/code]

	Eventually you have to accept displayed certificate information

	[code]> Do you trust the above certificate [y\|N] --> y[/code]

	After that this should be prompted:

	[code]> Command change-admin-password executed successfully.[/code]

	And now:

	ENABLING SECURE ADMIN

	Just type:

	[code]
	enable-secure-admin
	> Enter admin user name> admin
	> Enter admin password for user "admin"> type the password
	> You must restart all running servers for the change in secure admin to take effect.
	> Command enable-secure-admin executed successfully.
	[/code]

	Now restart every server/domain (by default “domain1″)

	[code]
	restart-domain <domainName>
	[/code]

	After that you can check with

	[code]get secure-admin.enabled[/code]

	if the secure admin is now enabled.

	From now on you are redirected to a https variant of the webconsole, where you have to login via username and password.