InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.18: Securing applications >
6.6.18.1c: About assigning method groups with the Java console
The Work with Method Groups task wizard provides an easy way to create custom
method groups.
Assuming you have configured one or more applications already, defining custom
methods groups can be considered the optioal first step of a three-part task:
-
Create custom method groups, if desired. WebSphere provides
a set of default method groups, which you can use instead
of creating your own.
-
Assign the methods of each resource to method groups.
WebSphere provides a default assignment of methods to
the predefined method groups, if you choose to use it.
If you do, you should check the assignment and modify
it appropriately.
-
Assign permissions (access to method groups of applications)
to users.
Example
Suppose you have defined an application named
MonthlySalesChart. The application contains a servlet. You
can configure application-specific security as follows:
Create custom methods |
You can protect all methods
that allow writing to a database with a method group
called AllowedToWrite and put read-only methods
in a method group called AllowedToRead.
|
Assign methods to method groups |
You can put the
HTTP_PUT method of the servlet into the AllowedToWrite
method group, and the HTTP_POST method into the
AllowedToRead method group.
|
Assign permissions |
Give users the following permissions as appropriate:
- MonthlySalesChart-AllowedToRead
- MonthlySalesChart-AllowedToWrite
|
|
|