Several assembly tools exist that are graphical user interfaces for assembling enterprise or Java Platform, Enterprise Edition (Java EE) applications. You can use these tools to assemble an application and secure Enterprise JavaBeans (EJB) and web modules in that application.
To secure an EJB module, a Java archive (JAR) file, a web module, a web application archive (WAR) file, or an application enterprise archive (EAR) file, you can use an assembly tool. You can create an application, an EJB module, or a web module and secure them using an assembly tool or development tools such as the IBM® Rational® Application Developer.
After securing an application, the resulting .ear file contains security information in its deployment descriptor. The EJB module security information is stored in the ejb-jar.xml file and the web module security information is stored in the web.xml file. The application.xml file of the application EAR file contains all the roles that are used in the application. The user and group-to-roles mapping is stored in the ibm-application-bnd.xmi file of the application EAR file.
However, a Java EE 5 or later module can exist within an application that includes pre-Java EE 5 files and uses the .xmi file name extension.
The ibm-webservices-ext.xmi, ibm-webservices-bnd.xmi, ibm-webservicesclient-bnd.xmi, ibm-webservicesclient-ext.xmi, and ibm-portlet-ext.xmi files continue to use the .xmi file extensions.
sptcfgThis task is required to secure EJB modules and web modules in an application. This task is also required for applications to run properly when Java 2 security is enabled. If the was.policy file is not created and it does not contain required permissions, the application might not be able to access system resources.
In this information ...Subtopics
Related tasks
Related reference
| IBM Redbooks, demos, education, and more(Index) |