Search Tips   |   Advanced Search

Administer secure JAX-RS applications

Use the administrative console to administer Java API for RESTful Web Services (JAX-RS) applications that have enabled security mechanisms.

See the Sample REST application used in Secure JAX-RS applications within the web container topic.

After we have implemented security mechanisms, such as basic HTTP authentication or role-based authorization constraints on your REST resources, we can administer your JAX-RS applications by mapping defined roles to users, groups, or special subjects.


  1. In the administrative console, click...

            Applications > Application Types > WebSphere enterprise applications > application_name.

  2. Under Detail properties, click Security role to user/group mapping. A list of all the roles that belong to this application is displayed.

  3. Select one of the roles we defined for the application.

    In the AddressBookApp Sample, the defined roles are Role1 and Role2.

  4. Determine the users, groups, or special subjects such as the All Authenticated in Application's Realm option to assign the appropriate roles. This option specifies that any authenticated user is able to access the resource. The security constraint in this Sample is for authentication only.

  5. Repeat the previous steps for every role that we have defined in your JAX-RS application.

  6. Click OK to save our changes.

Use the administrative console, we have applied role constraints to various resource URI patterns to enable role-based access to those resources.

  • Implement secure JAX-RS applications
  • Secure JAX-RS applications within the web container
  • WAS roles and goals