+

Search Tips   |   Advanced Search

Application assembly security settings



Overview

Use the admin console to modify the security settings for all applications.

On the Global security panel, select...

Enable application security

Global settings apply to existing and future applications and cannot be customized.

Default settings apply only to future applications and can be customized.

The default settings are used as a template or starting point for configuring individual applications. The administrator should still explicitly configure security settings for each application.


Application assembly security settings

The following security settings are specified during application assembly:

Security role settings

When using the Assembly Toolkit at an application level (EAR file), security roles are synchronized with the security roles defined for the embedded modules of the application.

If a security role is manually added to the EAR file, it can be automatically removed when the file is saved if an embedded module does not reference the role, or the role is in conflict with an existing role. In this case, remove the manually added role, but then all roles with the same name are removed.

The role is automatically added again when the file is saved if it is still referenced in an embedded module file. If a duplicate role is added in an embedded module file, delete all roles with the same name and manually read the correct role.

Security constraints

Security constraints declare how to protect Web content. These properties associate security constraints with one or more Web resource collections. A constraint consists of a Web resource collection, an authorization constraint, and a user data constraint.

Security constraints are set when configuring a Web app in the Assembly Toolkit.





Subtopics


Security role references in Web apps

 

Related concepts


Security constraints in Web apps