Developing secured applications

IBM WebSphere Process Server provides security components that provide or collaborate with other services to provide authentication, authorization, delegation, and data protection. WebSphere Process Server also supports the security features described in the Java 2 Platform, Enterprise Edition (J2EE) specification.

Why and when to perform this task

An application goes through three stages before it is ready to run:
  • Development
  • Assembly
  • Deployment

Most of the security for an application is configured during the assembly stage.

Development and Assembly of an application are covered in detail in the .

The security that is configured during the assembly stage is called declarative security because the security is declared or defined in the deployment descriptors. The declarative security is enforced by the security run time. For some applications, declarative security is not sufficient to express the security model of the application. For these applications, you can use programmatic security.

Developing secured applications comprises the following steps.

Steps for this task

  1. Develop secure Web applications. For more information, see Developing with programmatic security APIs for Web applications in the WebSphere Application Server Information Center.
  2. Develop servlet filters for form login processing. For more information, see Developing servlet filters for form login processing in the WebSphere Application Server Information Center.
  3. Develop form login pages. For more information, see Developing form login pages in the WebSphere Application Server Information Center.
  4. Develop enterprise bean component applications. For more information, see Developing with programmatic APIs for EJB applications in the WebSphere Application Server Information Center.
  5. Develop with Java Authentication and Authorization Service to log in programmatically. For more information, see Developing programmatic logins with the Java Authentication and Authorization Service in the WebSphere Application Server Information Center.
  6. Develop your own Java 2 security mapping module. For more information, see Configuring application logins for Java Authentication and Authorization Service in the WebSphere Application Server Information Center.
  7. Develop custom user registries. For more information, see Developing custom user registries in the WebSphere Application Server Information Center.
  8. Develop a custom interceptor for trust associations. For more information, see Trust association interceptor support for Subject creation in the WebSphere Application Server Information Center.

Terms of use |

Last updated:

Copyright IBM Corporation 2005.
This information center is powered by Eclipse technology (http://www.eclipse.org)