InfoCenter Home > 5.3.2: Unprotecting resources in WebSphereResources protected under WebSphere can be unprotected, if necessary. Depending on the resources and how they are configured into applications, the techniques for removing security differ. This file describes how to remove security in the following situations:
Unprotecting all resources associated with an enterprise applicationIf you want to remove protection from all the resources associated with an enterprise application, the most efficient approach is to unprotect the application itself. For example, if you have granted the permissions associated with the application ("application-methodgroup" pairs) to a specific user, group or to all authenticated users, the resources are considered protected. To unprotect these resource, you can grant those permissions to "Everyone". By granting the permissions to everyone, a user need not be authenticated to access the resources under that application. Unprotecting an enterprise bean associated with an enterprise applicationIf you want to remove protection from a specific bean (or set of beans) associated with an application while maintaining the security on the other resources in the application, remove the bean (or beans) from the application and create a new application that is explicitly unprotected. When you remove beans from the application, the security configuration associated with the application no longer applies to them. However, enterprise beans are protected unless security policies to the contrary are specified. To completely unsecure them, you need to create a new application consisting of the beans to be unsecured. After performing security configuration steps, grant the permissions associated with the new application to "Everyone." This is equivalent to unprotecting all the resources associated with the new application. To remove resources from a secured enterprise application, use the "Edit Enterprise Application" task. On the last panel, you can remove resources associated with the application. Use it to remove the desired beans. Unprotecting all URIs associated with a web applicationIf you want to remove protection from a web application (including all associated URIs) while maintaining the security on the other resources in the enterprise application, remove the web application (or applications) from the enterprise application. To remove resources from a secured enterprise application, use the "Edit Enterprise Application" task. On the last panel, you can remove resources associated with the application. Use it to remove the desired web applications. Unprotecting specific URIsIf you want to remove protection from specific URIs in a web application, remove the method-group configuration for the URIs. Use the "Configure Security Method Groups" task and select the URI you want to unprotect. After the URI is selected, proceed to the next screen, where you view the classification of methods into method groups. For example, the HTTP_GET method may belong to the ReadMethods method group. Select the method groups associated with the methods you want to unprotect and remove them. This eliminates the associate between a method group and a URI, leaving the URI unprotected. Because web resources are unprotected by default, no authentication is required to access them. |
|
![]() |
![]() |