Before you begin
There are three types of Web login authentication mechanisms that you can configure on a Web application: basic authentication, form-based authentication and client certificate-based authentication. Protect Web resources in a Web application by assigning security roles to those resources. So, you need to know in advance what Web Resources need protecting and how. To secure Web applications, determine the Web resources that need protecting and determine how to protect them.Additional configuration might be needed for these authentication mechanisms (such as SSL or ICSF). The following steps detail securing the Web application using Application Assembly Toolkit (AAT):
Steps for this task
Results
After securing a Web application, the resulting WAR file contains security information in its deployment descriptor. The Web module security information is stored in the web.xml file.What to do next
After using the Application Assembly Tool (AAT) to secure a Web application, you can install the Web application using the administrative console. During the Web application installation, complete the steps in the Deploying secured applications article to finish securing the Web application.