[Version 5.0.2]Assembling secured applications

Why and when to perform this task

[5.0 only][Version 5.0.1]The Application Assembly Tool is a graphical user interface for assembling enterprise (J2EE) applications. For more information, see Assembling applications with the AAT.

[Version 5.0.2]The Assembly Toolkit and the Application Assembly Tool are graphical user interfaces for assembling enterprise (J2EE) applications. For more information, see Assembling applications with the Assembly Toolkit and Assembling applications with the AAT

You can use the tool to assemble an application and secure EJB and Web modules in that application. An EJB module consists of one or more beans. You can enforce security at the EJB method level. A Web module consists of one or more Web resources (an HTML page, a JSP file or a servlet). You can also enforce security for each Web resource. You can use the tool to secure an EJB module (Java archive (JAR) file) or a Web module (Web archive (WAR) file) or an application (enterprise archive (EAR) file).

[5.0 only][Version 5.0.1]You can create an application, an EJB module, or a Web Module and secure them using development tools like the IBM WebSphere Studio Application Developer.

[Version 5.0.2 and later]You can create an application, an EJB module, or a Web Module and secure them using the Assembly Toolkit or development tools like the IBM WebSphere Studio Application Developer.

Steps for this task

  1. [5.0 only][Version 5.0.1]Secure EJB applications using the Application Assembly Tool.
    For more information, see Securing enterprise bean applications using the Application Assembly Tool.
  2. [Version 5.0.2 and later]Secure EJB applications using the Assembly Toolkit.
    For more information, seeSecuring enterprise bean applications using the Assembly Toolkit.
  3. [5.0 only][Version 5.0.1]Secure Web applications using the Application Assembly Tool.
    For more information, see Securing Web applications using the Application Assembly Toolkit.
  4. [Version 5.0.2 and later]Secure Web applications using the Assembly Toolkit.
    For more information, see Securing Web applications using the Assembly Toolkit.
  5. [5.0 only][Version 5.0.1]Add users and groups to roles while assembling secured application using the Application Assembly Tool.
    For more information, see Adding users and groups to roles using the Application Assembly Tool.
  6. [Version 5.0.2 and later]Add users and groups to roles while assembling secured application using the Assembly Toolkit.
    For more information, see Adding users and groups to roles using the Assembly Toolkit.
  7. [5.0 only][Version 5.0.1]Map users to RunAs roles using the Application Assembly Toolkit.
    For more information, see Mapping users to RunAs roles using the Application Assembly Tool.
  8. [Version 5.0.2 and later]Map users to RunAs roles using the Assembly Toolkit.
    For more information, see Mapping users to RunAs roles using the Assembly Toolkit
  9. Add the was.policy file to applications for Java 2 security.
    For more information, see Adding the was.policy file to applications
  10. [5.0 only][Version 5.0.1]Assemble the application components that you just secured using the Application Assembly Tool.
    For more information, see Assembling new or modifying existing modules.
  11. [Version 5.0.2 and later]Assemble the application components that you just secured using the Assembly Toolkit.
    For more information, see Assembling applications with the Assembly Toolkit.
  12. [5.0 only][Version 5.0.1][Version 5.0.2]Specify method permissions and security roles for the application. This step applies if you are using the Application Assembly Tool and did not specify method permissions and security roles when completing steps 1 and 2.
  13. [5.0 only][Version 5.0.1][Version 5.0.2]Save the application (EAR file) that you just assembled. This step applies if you are using the Application Assembly Tool.

Results

After securing an application, the resulting .ear file contains security information in its deployment descriptor. The EJB module security information is stored in the ejb-jar.xml file and the Web module security information is stored in the web.xml file. The application.xml file of the application EAR file contains all the roles used in the application. The user and group to roles mapping is stored in the ibm-application-bnd.xmi file of the application EAR file.

The was.policy file of the application EAR contains the permissions granted for the application to access system resources protected by Java 2 security.

This task is required to secure EJB modules and Web modules in an application. This task is also required for applications to run properly when Java 2 security is enabled. If the was.policy file is not created and it does not contain required permissions, the application might not be able to access system resources.

What to do next

After securing an application, you can install an application using the administrative console. When you install a secured application, see Deploying secured applications to complete this task.

Related concepts
Enterprise bean component security
Web component security
Role-based authorization
Java 2 security policy files
Related tasks
Assembling applications with the Assembly Toolkit[Version 5.0.2 and later]
Adding the was.policy file to applications
Related reference
Assembling applications with the AAT[5.0 only][Version 5.0.1][Version 5.0.2]
Security permissions assembly settings[5.0 only][Version 5.0.1][Version 5.0.2]



Searchable topic ID:   tsecassemble
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/tsec_assemble.html

Library | Support | Terms of Use | Feedback