InfoCenter Home >
6: Administer applications >
6.6: Tools and resources quick reference >
6.6.18: Securing applications (overview)
For purposes of security, Application Server categorizes assets
into two classes: resources and applications.
- Resources are individual components, such as servlets and
enterprise beans.
- Applications are collections of related resources.
Security can be applied to applications and to individual resources. Setting up
security involves the following general steps:
- Setting global values for use by all applications.
- Refining settings for individual applications.
Note: Security involving multi-nodes requires that the system clocks on these
nodes are set to the same Greenwich Mean Time (GMT).
If the system clocks are different, after you enable security, you cannot access
enterprise beans spread across other nodes. This error throws authorization failed
and CORBA TRANSACTION ROLLBACK exceptions.
To resolve the problem, ensure that the system clocks on the nodes involved are set to the same
GMT.
Securing applications with IBM WebSphere Application
Server product security involves a series of tasks. Completing the
tasks results in a set of policies defining which
users have access to which methods or operations in which
applications.
For example, the security administrator establishes policies specifying
whether the user Bob is permitted to use the company's Inventory
application to perform a write operation, such as changing the number
units of merchandise recorded in the company's inventory database.
The product security server works with
the selected user registry or directory product to enforce the
policies whenever a user tries to
access a protected application. For example, Bob might be
prompted for a digital certificate verifying his identity when he
tries to use the Inventory application.
|