IBM Worklight v5.0.5 > WL server administration > Installation

WAS security option 1 procedure - Secure the Worklight WAR


To secure IBM Worklight WAR files hosted on WebSphere Application Server...

  1. Install IBM Worklight WAR to a WAS instance.

  2. Open the WAS integrated solutions console.

  3. Configure the enterprise user and enable application security

    The Worklight project uses the existing login page and login error page and preconfigured realms as part of the WL server installation on WAS. WL server application is secured by default using a generic role and using a login form and error page.

    The following code snippet shows the web.xml file of the WL server WAR generated for WAS.

    <security-constraint id="SecurityConstraint_1">
    
        <web-resource-collection id="WebResourceCollection_1">
    
        <web-resource-name>Protected URI</web-resource-name>
            <description>Stuff we want to protect.</description>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
    
        <auth-constraint id="AuthConstraint_1">
            <description>All Authenticated users for our protected stuff.</description>
            <role-name>Role 3</role-name>
        </auth-constraint>
    
        <user-data-constraint id="UserDataConstraint_1">
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    
    </security-constraint>
    
    <security-role id="SecurityRole_1">
          <description>All Authenticated Users Role.</description>
          <role-name>Role 3</role-name>
    </security-role>


Parent Installation