InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.18: Securing applications >
6.6.18.1c: About assigning method groups with the Java console

6.6.18.1c: About assigning method groups with the Java console

The Work with Method Groups task wizard provides an easy way to create custom method groups.

Assuming you have configured one or more applications already, defining custom methods groups can be considered the optioal first step of a three-part task:

  1. Create custom method groups, if desired. WebSphere provides a set of default method groups, which you can use instead of creating your own.
  2. Assign the methods of each resource to method groups. WebSphere provides a default assignment of methods to the predefined method groups, if you choose to use it. If you do, you should check the assignment and modify it appropriately.
  3. Assign permissions (access to method groups of applications) to users.

Example

Suppose you have defined an application named MonthlySalesChart. The application contains a servlet. You can configure application-specific security as follows:

Create custom methods You can protect all methods that allow writing to a database with a method group called AllowedToWrite and put read-only methods in a method group called AllowedToRead.
Assign methods to method groups You can put the HTTP_PUT method of the servlet into the AllowedToWrite method group, and the HTTP_POST method into the AllowedToRead method group.
Assign permissions Give users the following permissions as appropriate:
  • MonthlySalesChart-AllowedToRead
  • MonthlySalesChart-AllowedToWrite
Go to previous article: About assigning methods to method groups with the Java console Go to next article: About configuring application security with the Java console

 

 
Go to previous article: About assigning methods to method groups with the Java console Go to next article: About configuring application security with the Java console