Several assembly tools exist that are graphical user interfaces
for assembling enterprise or Java 2 Platform, Enterprise Edition (J2EE) applications.
You can use these tools to assemble an application and secure Enterprise JavaBeans
(EJB) and Web modules in that application.
About this task
An EJB module consists of one or more beans. You can enforce security
at the EJB method level. A Web module consists of one or more Web resources:
an HTML page, a JavaServer Pages (JSP) file, or a servlet. You can also enforce
security for each Web resource.
Note: For information about the tools that
WebSphere Application Server supports, see
Assembly tools.
To secure an EJB module, a
Java archive (JAR) file, a Web module, a Web archive (WAR) file, or an application
enterprise archive (EAR) file, you can use an assembly tool. You can create
an application, an EJB module, or a Web module and secure them using an assembly
tool or development tools such as the IBM Rational Application Developer.
Procedure
- Secure EJB applications using an assembly tool. For
more information, see Securing enterprise bean applications
.
- Secure Web applications using an assembly tool. For
more information, see Securing Web applications using an assembly tool
.
- Add users and groups-to-roles while assembling a secured application
using an assembly tool. For more information, see Adding users and groups to roles using an assembly tool
.
- Map users to RunAs roles using an assembly tool. For
more information, see Mapping users to RunAs roles using an assembly tool
.
- Adding the was.policy file to applications
.
- Assemble the application components that you secured using an assembly
tool. For more information, see Assembling applications.
Results
After securing an application, the resulting
.ear file contains
security information in its deployment descriptor. The EJB module security
information is stored in the
ejb-jar.xml file and the Web module
security information is stored in the
web.xml file. The
application.xml file
of the application EAR file contains all the roles that are used in the application.
The user and group-to-roles mapping is stored in the
ibm-application-bnd.xmi file
of the application EAR file.
The was.policy file
of the application EAR contains the permissions granted for the application
to access system resources protected by Java 2 security.
This task is
required to secure EJB modules and Web modules in an application. This task
is also required for applications to run properly when Java 2 security is
enabled. If the was.policy file is not created and it does not contain
required permissions, the application might not be able to access system resources.
What to do next
After securing an application, you can install an application using
the administrative console. When you install a secured application, refer
to
Deploying secured applications
to complete this task.