InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.18: Securing applications >
6.6.18.1: Securing applications with the Java administrative console >
6.6.18.1.1d: Configuring resource security

6.6.18.1.1d: Configuring resource security

  1. Start the Configure Resource Security task by one of two methods:
    • By clicking Console -> Tasks -> Configure Resource Security from the console menu bar.
    • By clicking Configure Resource Security from the drop-down list on the Wizards toolbar button.
  2. Specify the resource to which to apply security.

    Note that servlets, JSP files, and Web pages are not represented directly, but can be selected according to their "Web resource" configurations. Web resources specify Web paths to these resources. If configuring resource security for a servlet, JSP file, or Web page, select the appropriate Web resource.

  3. Click Next. A prompt asks whether to use the default method groups.

    If you specify Yes, the security system will take a first pass at grouping the methods of the resource into the default method groups. It will use the method names to decide which groups to put them in.

    For example, it will protect HTTP PUT methods with the WriteMethods group.

    If you decline to use the default method groups, you will need to specify a method group for each method in the resource.

      The distribution of the methods into the default method groups is not finalized until you finish this task wizard. You can always try the default method groups, then reverse the operation if you do not like the results. Just do not click the Finish button until you are sure about the method groups!

  4. If the Finish button is available, click it. If configuring resource security for an enterprise bean, click Next to proceed to a final panel for specifying delegation settings.
  5. Delegation allows an enterprise bean method to execute under another identity.

    The top half of the task panel is for specifying the default identity under which bean methods will execute. If you click SPECIFIED, specify the user.

    Use the bottom half of the task panel to select a particular enterprise bean for which you want to override the default run-as identity. Click the bean, then specify SYSTEM, CLIENT, or SPECIFIED in the area to the right of the enterprise bean list box. If you click SPECIFIED, specify a run-as identity.

    The delegation settings you specify here override any run-as information in the deployment descriptor of the enterprise bean.

  6. Click Finish.

Note   If your Web server is already running when you configure resource security for an HTML file, JSP file, or other Web resource, you need to stop the WebSphere administrative server and start it again for the change to take effect.

Go to previous article: Default method groups Go to next article: Viewing custom method groups

 

 
Go to previous article: Default method groups Go to next article: Viewing custom method groups