Defining security roles for enterprise applications (J2EE 1.4)
You can use the Application Deployment Descriptor editor to define security roles for your enterprise applications.
A security role is a logical grouping of principals. Access to operations (such as EJB methods) is controlled by granting access to a role. You can grant access to users individually or in groups.
For each security role that you define in the deployment descriptor editor, a <security-role> element is added to the application.xml file.
To add security roles using the Application Deployment Descriptor editor, complete the following steps:
- In the Enterprise Explorer view of the Java EE perspective, right-click the Deployment Descriptor for your enterprise application project and select
Open With | Deployment Descriptor Editor to open the Application Deployment Descriptor editor.
- On the Security page of the editor, click
Add.
- Type a name and description for the new role and click Finish.
To remove a security role, select the role and click
Remove.
- Gathering security roles (J2EE 1.4)
For an enterprise application, you can roll up all the security roles that are defined in the application's modules. You can then combine and remove redundant or unnecessary security roles.- Replacing security roles (J2EE 1.4)
You can use the Application Deployment Descriptor editor to replace redundant or unnecessary security roles with preferred roles.- Adding users to security role bindings
- Adding groups to security role bindings
- Adding security role "run as" bindings
Related concepts
Application Deployment Descriptor editor
Related tasks
Gathering security roles (J2EE 1.4)
Replacing security roles (J2EE 1.4)