Configure an authentication alias for the new Web module resource
or EJB module resource only if the application code, rather than WebSphere
Application Server, authenticates connections with the backend. This
security configuration is called component-managed authorization, and
is indicated in the application deployment descriptor as res-auth
= Application. Container-managed authorization, which is
designated as res-auth = Container, indicates that Application
Server performs signon for backend connections. The container-managed authentication
alias must be specified on the application resource reference. This task can
be done during application assembly or deployment, along with mapping the
resource reference to a data source or connection factory resource. After
application deployment, however, you can alter the container-managed authentication
alias using the administrative console. Click Applications > Enterprise
Applications > application_name, and select the link to the appropriate
mapping page. For example, if you want to alter the alias of an EJB module
resource, you might click 1.x CMP bean data sources or 2.x CMP bean
data sources. For a Web module resource, click Resource References.
Consult
the J2EE connector security topic
for detailed reference on resource authentication.