Security settings
Use the Security Center to modify global and default security settings for all applications:
- Global settings apply to existing and future applications and cannot be customized.
- Default settings apply only to future applications and can be customized.
The default settings are used as a template or starting point for configuring individual applications. The administrator should still explicitly configure security settings for each application.
The following security settings are specified during application assembly:
- Security role assembly settings
- When using the Application Assembly Tool (AAT) at an application level (Enterprise Archive (EAR) file), security roles are synchronized with the security roles defined for the embedded modules of the application.
If a security role is manually added to the EAR file, it can be automatically removed when the file is saved if an embedded module does not reference the role, or the role is in conflict with an existing role. In this case, remove the manually added role, but then all roles with the same name are removed.
The role is automatically added again when the file is saved if it is still referenced in an embedded module file. If a duplicate role is added in an embedded module file, delete all roles with the same name and manually read the correct role.
- Security constraint assembly settings
- Security constraints declare how to protect Web content. These properties associate security constraints with one or more Web resource collections. A constraint consists of a Web resource collection, an authorization constraint, and a user data constraint.