Authorizing access to resources

WebSphere Application Server provides many different methods for authorizing accessing resources. For example, you can assign roles to users and configure a built-in or external authorization provider.

 

About this task

You can create an application, an EJB module, or a Web module and secure them using assembly tools.

To authorize user or group access to resources, read the following articles:

 

Procedure

  1. Secure you application during assembly and deployment. For more information on how to create a secure application using an assembly tool, such as the IBM Rational Application Developer, see Securing applications during assembly and deployment .

    For general information about the tools that WAS supports, see Assembly tools and Assembling applications.

  2. Authorize access to J2EE resources. WAS supports authorization that is based on the Java Authorization Contract for Containers (JACC) specification in addition to the default authorization. When security is enabled in WebSphere Application Server, the default authorization is used unless a JACC provider is specified. For more information, see Authorization providers .

  3. Authorize access to administrative resources. You can assign users and groups to predefined administrative roles such as the monitor, configurator, operator, and administrator roles. These roles determine which tasks a user can perform in the administrative console. For more information, see Authorizing access to administrative roles .

 

What to do next

After authorizing access to resources, configure the Application Server for secure communication. For more information, see Securing communications .

 

See also


Authorization technology
Authorizing access to J2EE resources using Tivoli Access Manager
Authorizing access to administrative roles


Related concepts
Role-based authorization Assembly tools Related tasks
Securing applications during assembly and deployment Securing communications

 



 

 

WebSphere is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.
Tivoli is a trademark of the IBM Corporation in the United States, other countries, or both.
Rational is a trademark of the IBM Corporation in the United States, other countries, or both.