Assemble secured applications

The Application Assembly Tool (AAT) is a graphical user interface for assembling enterprise (J2EE) applications. Use this tool to assemble an application, including secure EJB modules (JAR files) and Web modules (WAR files) in that application. You can enforce security at the enterprise bean method level and for each Web resource.

To assemble your secured application, perform these steps in the Application Assembly Tool:

1. Secure enterprise bean applications.

2. Secure Web applications.

3. (Optional) Add users and groups to roles.

4. (Optional) Map users to RunAs roles.

5. (Optional) Add the was.policy file to applications for Java 2 Security.

6. Specify method permissions and security roles for the application. See Method permission assembly settings and Security role assembly settings in the AAT help documentation for more information.

7. Save the application (EAR file) that you assembled.

After you secure an application, the resulting EAR file contains security information in its deployment descriptors:

• ejb-jar.xml
  Deployment descriptor for the EJB module, including security information.

• web.xml
  Deployment descriptor for the Web module, including security information.

• application.xml
  Contains all of the roles that are used in the application.

• ibm-application-bnd.xmi
  Contains roles mapping for users and groups.

• was.policy
  Contains the permissions that are granted for the application to access secured system resources.

After you secure an application with the AAT, you can install an application using administrative console. See Deploying secured applications for more information.