Glassfish Securing Admin Console

The default Glassfish install lets users go straight into the admin console. This is obviously not suited for production deployment.

1. Set a password for the admin account.
2. Run this command in the shell to limit requests to admin console to use HTTPS: asadmin enable-secure-admin
3. Restart the server

In the next login, Glassfish will ask you for password, and will also automatically forward you to use HTTPS.