WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Authorizing access to resources

WebSphere Application Server provides many different methods for authorizing accessing resources. For example, you can assign roles to users and configure a built-in or external authorization provider.

Why and when to perform this task

To authorize user or group access to resources, read the following articles:

Steps for this task

  1. Secure you application during assembly and deployment. You can create an application, an EJB module, or a Web module and secure them using an assembly tool such as the IBM Rational Application Developer. For more information on the steps you need to take to create a secure application, see Securing applications during assembly and deployment.
  2. Authorize access to Java 2 Platform, Enterprise Edition (J2EE) resources. WebSphere Application Server supports authorization that is based on the Java Authorization Contract for Containers (JACC) specification in addition to the default authorization. When security is enabled in WebSphere Application Server, the default authorization is used unless a JACC provider is specified. For more information, see Authorizing access to J2EE resources using Tivoli Access Manager.
  3. Authorize access to administrative resources. You can assign users and groups to predefined administrative roles such as the monitor, configurator, operator, and administrator roles. These roles determine which tasks a user can perform in the administrative console. For more information, see Authorizing access to administrator roles.

What to do next

After authorizing access to resources, configure the Application Server for secure communication. For more information, see Securing communications.



Sub-topics
Authorization technology
Securing applications during assembly and deployment
Authorizing access to J2EE resources using Tivoli Access Manager
Authorizing access to administrator roles

Related concepts
Role-based authorization

Related tasks
Securing communications

Task topic    

Terms of Use | Feedback

Last updated: Dec 11, 2005 4:07:15 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_authaccessres.html

© Copyright IBM Corporation 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)