WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Mapping users to RunAs roles using an assembly tool

RunAs roles are used for delegation. A servlet or enterprise bean component uses the RunAs role to invoke another enterprise bean by impersonating that role.

Before you begin

Before you perform this task:

Why and when to perform this task

You must define RunAs roles when a servlet or an enterprise bean in an application is configured with RunAs settings.

Steps for this task

  1. In the Project Explorer view of an assembly tool, right-click an enterprise application project (EAR file) and click Open With > Deployment Descriptor Editor. An application deployment descriptor editor opens on the EAR file. To access information about the editor, press F1 and click Application deployment descriptor editor.
  2. On the Security tab, under Security Role Run As Bindings, click Add.
  3. Click Add under RunAs Bindings.
  4. In the Security Role wizard, select one or more roles and click Finish.
  5. Repeat steps 3 through 5 for all the RunAs roles in the application.
  6. Close the application deployment descriptor editor and, when prompted, click Yes to save the changes.

Result

The ibm-application-bnd.xmi file in the application contains the user to RunAs role mapping table.

What to do next

After securing an application, you can install the application using the administrative console. You can change the RunAs role mappings of an installed application. For more information, see Mapping RunAs roles to users collection.



Related concepts
Enterprise bean component security
Role-based authorization
Delegations

Related reference
Mapping RunAs roles to users collection
Security: Resources for learning

Task topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/tsec_runas_atk.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)