Secure the components that you develop. Components implement
interfaces that have methods. Use the Service Component Architecture
(SCA) qualifier SecurityPermission to secure an
interface or method.
Before you begin
Develop your secured application in
WebSphere® Integration Developer. Export
the application as an enterprise archive (EAR) file for deployment
in
WebSphere ESB.
When developing components for WebSphere ESB
for z/OS®,
remember that security might be administered using platform-specific
facilities, such as the System Authorization Facility.
About this task
Import a secured application into
WebSphere ESB with
the following steps.
Procedure
- Install the application EAR file.
On the
administrative console, expand Applications and click Enterprise applications. Click Install and fill in the details of the new application.
- Assign security roles to the new application.
Click Map security roles to users/groups. You have four choices of roles for the application.
Option |
Description |
Everyone |
This is equivalent to no security. |
All authenticated |
Anyone who authenticates with a valid user name and password
is a member of the role. |
Mapped users |
Individual users are listed as members of the role. |
Mapped groups |
Groups are the most convenient way to add the users. Every
member of the identified groups becomes a member of the role. |
Use Look up users and Look
up groups to list users and groups that can be mapped
to the role.
Example
In the sample SCDL below, access to the method
onewayinvoke is restricted to users who are members of
the
manager role.
<?xml version="1.0" encoding="UTF-8"?>
<scdl:component xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:java="http://www.ibm.com/xmlns/prod/websphere/scdl/java/6.0.0"
xmlns:ns1="http://sample.recovery.security/Itarget"
xmlns:scdl="http://www.ibm.com/xmlns/prod/websphere/scdl/6.0.0"
xmlns:wsdl="http://www.ibm.com/xmlns/prod/websphere/scdl/wsdl/6.0.0"
displayName="secure" name="Component1">
<interfaces>
<interface xsi:type="wsdl:WSDLPortType" portType="ns1:Itarget">
<method name="onewayinvoke">
<scdl:interfaceQualifier xsi:type="scdl:SecurityPermission"
role="manager"/>
</method>
</interface>
</interfaces>
<references/>
<implementation xsi:type="java:JavaImplementation"
class="sca.component.java.impl.Component1Impl1">
</implementation>
</scdl:component>