Network Deployment (Distributed operating systems), v8.0 > Develop and deploying applications > Develop security > Develop extensions to the WebSphere security infrastructure


Develop applications that use programmatic security

For some applications, declarative security is not sufficient to express the security model of the application. Use this topic to develop applications that use programmatic security.

IBM WAS provides security components that provide or collaborate with other services to provide authentication, authorization, delegation, and data protection. WAS also supports the security features described in the Java EE specification. An application goes through three stages before it is ready to run:

Most of the security for an application is configured during the assembly stage. The security that is configured during the assembly stage is called declarative security because the security is declared or defined in the deployment descriptors. The declarative security is enforced by the security runtime. For some applications, declarative security is not sufficient to express the security model of the application. For these applications, you can use programmatic security.


Procedure

  1. Develop secure web applications. See Develop with programmatic security APIs for web applications.
  2. Develop servlet filters for form login processing. See Develop servlet filters for form login processing.
  3. Develop form login pages. See Customize web application login.
  4. Develop enterprise bean component applications. See Develop with programmatic APIs for EJB applications.
  5. Develop with JAAS to log in programmatically.

    See Develop programmatic logins with the JAAS.

  6. Develop your own Java EE security mapping module.

    See Configure programmatic logins for JAAS.

  7. Develop custom user registries. See Develop stand-alone custom registries.
  8. Develop a custom interceptor for trust associations.


Related


Protect system resources and APIs (Java 2 security) for developing applications
Develop with programmatic security APIs for web applications
Develop with programmatic APIs for EJB applications
Web component security
Trust associations
JAAS
Java EE connector security
Multiple security domains
Develop programmatic logins with the JAAS
Secure enterprise bean applications
Develop extensions to the WebSphere security infrastructure


Related


Customize a server-side JAAS authentication and login configuration
J2C principal mapping modules

+

Search Tips   |   Advanced Search