Securing applications during assembly and deployment
Several assembly tools exist that are graphical user interfaces for assembling enterprise or Java 2 Platform, Enterprise Edition (J2EE) applications.
You can use these tools to assemble an application and secure EJB and Web modules in that application.
About this taskAn EJB module consists of one or more beans. You can enforce security
at the EJB method level. A Web module consists of one or more Web resources:
an HTML page, a JavaServer Pages (JSP) file, or a servlet. You can also enforce
security for each Web resource.
Note: For information about the tools that WebSphere Application Server supports, see Assembly tools.
To secure an EJB module, a Java archive (JAR) file, a Web module, a Web archive (WAR) file, or an application
enterprise archive (EAR) file, you can use an assembly tool You can create an application, an EJB module, or a Web module and secure them using an assembly tool or development tools such as the IBM Rational Application Developer.
Assemble the application components that you secured using an assembly tool. For more information, see Assembling applications.
Results
After securing an application, the resulting .ear file contains
security information in its deployment descriptor. The EJB module security
information is stored in the ejb-jar.xml file and the Web module
security information is stored in the web.xml file. The application.xml file of the application EAR file contains all the roles that are used in the application.
The user and group-to-roles mapping is stored in the ibm-application-bnd.xmi file of the application EAR file.
This task is required to secure EJB modules and Web modules in an application. This task is also required for applications to run properly when Java 2 security is enabled. If the was.policy file is not created and it does not contain required permissions, the application might not be able to access system resources.