WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Adding users and groups to roles using an assembly tool

Before you begin

Before you perform this task, you should have already completed the steps in Securing Web applications using an assembly tool and Securing enterprise bean applications where you created new roles and assigned those roles to EJB and Web resources. Complete these steps during application installation. This is because the environment (user registry) under which the application is running is not known until deployment.

Why and when to perform this task

If you already know the environment in which the application is running and the user registry that is used, then you can use an assembly tool to assign users and groups to roles. It is recommended that you use the administrative console to assign users and groups to roles.

Steps for this task

  1. In the Project Explorer view of an assembly tool, right-click an enterprise application project (EAR file) and click Open With > Deployment Descriptor Editor. An application deployment descriptor editor opens on the EAR file. To access information about the editor, press F1 and click Application deployment descriptor editor.
  2. Click the Security tab and, under the main pane, click Add.
  3. In the Add Security Role wizard, name and describe the security role. Then click Finish.
  4. Under WebSphere Bindings, select the user or group extension properties for the security role. Available values include: Everyone, All authenticated users, and Users/Groups.
  5. If you selected Users/Groups, click Add beside the Users or Groups panes. In the wizard that opens, specify a user or group name and click Finish. Repeat this step until you have added all users and groups to which the security role applies.
  6. Close the application deployment descriptor editor and, when prompted, click Yes to save the changes.

Result

The ibm-application-bnd.xmi file in the application contains the users and groups to roles mapping table (authorization table).

What to do next

After securing an application, install the application using the administrative console.



Related concepts
Web component security
Role-based authorization

Related tasks
Assembling applications

Related reference
Security: Resources for learning

Task topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_addusers_atk.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)