Why and when to perform this task
IBM WebSphere Application Server provides security components
that provide or collaborate with other services to provide authentication,
authorization, delegation, and data protection. WebSphere Application Server
also supports the security features described in the Java 2 Enterprise Edition
(J2EE) specification. An application goes through three stages before it is
ready to run:
- Development
- Assembly
- Deployment
Most of the security for an application is configured during the assembly
stage. The security configured during the assembly stage is called
declarative
security because the security is
declared or
defined in
the deployment descriptors. The declarative security is enforced by the security
run time. For some applications, declarative security is not sufficient to
express the security model of the application. For these applications, you
can use
programmatic security.