+

Search Tips   |   Advanced Search

Security settings

Use the administrative console to modify the security settings for all applications.

We can enable security for applications by selecting the Enable application security option on the Global security panel.

Note that:

The default settings are used as a template or starting point for configuring individual applications. The administrator should still explicitly configure security settings for each application.

The following security settings are specified during application assembly:

Security role settings

When using an assembly tool at an application level (Enterprise Archive (EAR) file), security roles are synchronized with the security roles defined for the embedded modules of the application.

If a security role is manually added to the EAR file, it can be automatically removed when the file is saved if an embedded module does not reference the role, or the role is in conflict with an existing role. In this case, remove the manually added role, but then all roles with the same name are removed.

The role is automatically added again when the file is saved if it is still referenced in an embedded module file. If a duplicate role is added in an embedded module file, delete all roles with the same name and manually read the correct role.

Security constraints

Security constraints declare how to protect web content. These properties associate security constraints with one or more web resource collections. A constraint consists of a web resource collection, an authorization constraint, and a user data constraint.

Security constraints are set when configuring a web application in an assembly tool.


Related:

  • Security constraints in web applications
  • Development and assembly tools