|
Problem(Abstract) |
What kind of support does IBM® WebSphere® Application
Server - Express provide to add security features to a Web
application? |
|
|
|
Resolving the
problem |
Security in WebSphere Application Server - Express can be
global, applying to all applications running on the application server, or
it can be application specific. WebSphere Application Server - Express
supports Basic authentication, Form-based authentication, Client
Certificate authentication, and Digest authentication. Discussion of these
authentication methods is beyond the scope of this technote. For more
information concerning WebSphere Application Express - Server security,
refer to the Information Center Web site at: http://publib.boulder.ibm.com/infocenter/wasinfo/v5r0/index.jsp
Also see Redbook "WebSphere Application Server - Express V5.0.1
Administrator Handbook".
In WebSphere Studio you can provide security for Web applications by
defining roles and constraints for a particular web resource and then
associating these constraints with the defined roles. You define these
security roles and constraints in the web deployment descriptor file
(web.xml).
Enabling global security in the application server where the applications
are deployed implements the authentication method defined in the
application. During deployment, the security roles are associated with the
users or groups authenticated by the operating system where the
application server is running. You can enable WebSphere global security by
selecting the Enable security option in the server configuration
file in Site Developer, or you can enable global security from the
Administrative Console, which is available beginning with V5.0.1 of
WebSphere Application Server - Express.
Using the Administrative Console, in addition to local operating system
registry authentication, you can also make settings for lightweight
directory access protocol (LDAP) and custom authentication security.
WebSphere Application Server - Express does not support the Java™ 2
Security model. |
|
|
|
|
Cross Reference information |
Segment |
Product |
Component |
Platform |
Version |
Edition |
Software Development |
WebSphere Studio Site Developer |
|
Linux, Windows |
5.0, 5.0.1, 5.1 |
|
|
|
|