Client Portal

Glassfish: Secure Admin must be enabled to access the DAS remotely

Q: When I try to login to Glassfish administration application, it says "Secure Admin must be enabled to access the DAS remotely"

A: You can enable remote access with the following command:

asadmin --host www.yourdomain.com --port 4848 enable-secure-admin

Then stop/start glassfish immediately after enabling secure admin.

In case your private Glassfish runs on shared server you will need to use your custom port (assume 15123 for the example) in asadmin command. Check Java Control Panel for your Glassfish console port. Use the port with your asadmin commands. The below was tested with Glassfish 3.1.2 and 4.0.

[~]# asadmin --port 15123 enable-secure-admin
remote failure: At least one admin user has an empty password, which secure admin does not permit. Use the change-admin-password command or the admin console to create non-empty passwords for admin accounts.
Command enable-secure-admin failed.

Set the password as prompted

[~]# asadmin --port 15123 change-admin-password
Enter admin user name [default: admin]> 
Enter admin password> 
Enter new admin password> secret
Enter new admin password again> secret
Command change-admin-password executed successfully.

Now retry enable-secure-admin

# asadmin --port 15123 enable-secure-admin
Enter admin user name> admin
Enter admin password for user "admin"> secret
You must restart all running servers for the change in secure admin to take effect.
Command enable-secure-admin executed successfully.

And restart default domain

[~]# asadmin --port 15123 restart-domain
Successfully restarted the domain

Access your Glassfish console URL this time over SSL (so accept certificate mismatch warning in your browser e.g. 'this connection is untrusted' in Firefox) and login with the credentials you set. Glassfish Admin console URL is also shown in Java Control Panel.

For more details refer Oracle GlassFish Server 3.1 Security Guide