Defining Web Application Security
Roles
Use
You define security roles in your Web application to group its users logically. You then specify the mapping of these application security roles to existing server security roles that are set up in the Security Provider Service of the J2EE Engine.
You define the application security roles using both of the Web application’s deployment descriptors:
· Define the name of the application-scoped security roles in the web.xml;
· Map the above roles to server security roles in the web-j2ee-engine.xml.
Procedure
On the web.xml screen, proceed as follows to define a security role:
...
1. Open the Security Roles screen.
2. Select SecurityRoles and choose Add to add a new security role.
3. Enter the name of the security role in the Role Name field.
4. Optionally, enter a description of the security role in the Description field.
After this step, you have already defined your application security role. Make sure you save the changes that you made to the web.xml descriptor. You perform the next steps on the web-j2ee-engine.xml screen.
5. Open the Security screen.
6. Expand the security roles tree node and select your security role.
7. Choose one of the two options to map this role to server security roles:
¡
Choose Role based mapping. This implies that you map your security
role to a server security role that is already defined by the Security
Provider Service. Enter the name of the server security role in the Server role name field. For more information about
security roles in Security Provider Service, see
Security Roles
Management in the Administration Manual.
¡
Choose No mapping. This implies that your application will be
deployed without mapping the security role it defines to a real server
security role. You have to do this exclusively after the application
deployment process is finished. To do this, use the means provided by the
Security Provider Service as described in
Security Roles
Management in the Administration Manual.