Authorizing access to resources
WebSphere Application Server provides many different methods for authorizing accessing resources. For example, we can assign roles to users and configure a built-in or external authorization provider.
Create an application, an EJB module, or a web module and secure them using assembly tools.
Tasks
- Secure the application during assembly and deployment.
- Authorize access to Java EE resources.
WAS supports authorization based on the Java Authorization Contract for Containers (JACC) specification in addition to the default authorization. When security is enabled in WAS, the default authorization is used unless a JACC provider is specified.
- Authorize access to administrative resources.
We can assign users and groups to predefined administrative roles such as the monitor, configurator, operator, administrator, auditor, and iscadmins roles. These roles determine which tasks a user can perform in the administrative console.
What to do next
After authorizing access to resources, configure the Application Server for secure communication. See Secure communications.
Subtopics
- Authorization technology
- Authorizing access to Java EE resources using ISAM
- Authorizing access to administrative roles
- Enable pluggable login modules to map Java EE identities to System Authorization Facility (SAF)
- Fine-grained administrative security
- System Authorization Facility for fine-grained administrative authorization
- Create a fine-grained administrative authorization group
- Editing a fine-grained administrative authorization group
- Fine-grained administrative security in heterogeneous and single-server environments
- OAuth
Related:
Role-based authorization Development and assembly tools Secure applications during assembly and deployment Secure communications Assemble applications