[Version 5.0.2]Adding users and groups to roles using the Application Assembly Tool

Before you begin

Before you perform this task, you should have already completed the steps in the Securing Web applications and Securing EJB applications articles where you created new roles and assigned those roles to EJB and Web resources. Complete these steps during application installation. This is because the environment (user registry) under which the application is running is not known until deployment. If you already know the environment in which the application is running and the user registry that is used, then you can use the Application Assembly Tool (AAT) to assign users and groups to roles. Using the administrative console to assign users and groups to roles is recommended.

Steps for this task

  1. Open the application file. Open the application file by clicking File > Open. Browse and select the application file.
  2. Open the application folder.
  3. Click Security Roles.
  4. Click the Bindings tab on the right hand side panel.
  5. Select a role from the right navigation top panel.
  6. Add a group to role by clicking Add under Groups and type in a group name. Click OK. Repeat this operation to add more groups.
  7. Add a user to a role by clicking Add under Users. Type a user name and click OK. Repeat this operation to add more users.
  8. Add a special subject (All authenticated users or Everyone) to a role. Click Add under Special Subjects and select All authenticated users or Everyone as required. Click OK. When All authenticated users or Everyone special subjects is assigned to a role, you can skip steps 6 and 7 for that role.
  9. Repeat steps 5 through 8 for all the roles.
  10. Click Apply when done.

Results

The ibm-application-bnd.xmi file in the application contains the users and groups to roles mapping table (authorization table).

Example

What to do next

After securing an application, use the Application Assembly Tool (AAT). You can install an application using the administrative console.

Related concepts
Web component security
Role-based authorization
Related reference
Security: Resources for learning



Searchable topic ID:   tsecaddusers
Last updated: Jun 21, 2007 4:55:42 PM CDT    WebSphere Application Server Network Deployment, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_addusers.html

Library | Support | Terms of Use | Feedback