Security Editor
The Security Editor is a new enhancement with Application Developer v7.5. It provides a wizard to specify security groups within a Web application and the URLs that group has access to. The Java EE specification allows for security groups and levels of access to defined sets of URLs to be defined in the deployment descriptor, and the Security Editor provides a nice interface for this information (Figure | 3-7).
Figure 13-7 Security Editor example
Selecting an entry in the Security Roles pane shows the resources members of that role in the Resources pane, and the Constraint rules that are applicable for the role and resource (if one is selected). Each entry in the Constraints window has a list of resource collections, which specify the resources available to it and which HTTP methods can be used to access these resources. Using context menus, it is possible to create new roles, security constraints, and add resource collections to these restraints.
Note that the Java EE security specification defines the mechanism for declaring groups and the URL sets that each group can access, but it is up to the Web Container to map this information to an external security system. WebSphere's administrative console provides the mechanism to configure an external LDAP directory. Refer to the IBM Redbooks publication, Experience J2EE! Using WebSphere Application Server V6.1, SG24-7297.
|
ibm.com/redbooks |