After creating new roles and assigning them to enterprise bean
and Web resources, use this task to add users and groups to roles with an
assembly tool.
About this task
If you already know the environment in which the application is running
and the user registry that is used, you can use an assembly tool to assign
users and groups to roles. Using the administrative console to assign users
and groups to roles is recommended.
Note: This
procedure might not match the steps that are required when using your
assembly tool, or match
the version of the assembly tool that you are using. You should follow the
instructions for the tool and version that you are using.
To add
users and groups to roles using an assembly tool, follow these steps:
Procedure
- In the Project Explorer view of an assembly tool, right-click an
enterprise application project, or Enterprise Archive (EAR) file, and click Open
With > Deployment Descriptor Editor. An application
deployment descriptor editor opens on the EAR file. To access information
about the editor, press F1 and click Application deployment descriptor
editor.
- Click the Security tab and, under the main panel, click Add.
- In the Add Security Role wizard, name and describe the security
role. Click Finish.
- Under WebSphere Bindings, select the user or group extension properties
for the security role. Available values include: Everyone, All authenticated
users, and Users/Groups.
- If you selected Users/Groups, click Add beside the Users
or Groups panes. In the wizard that opens, specify a user or group name and
click Finish. Repeat this step until you added all the users and groups
to which the security role applies.
- Close the application deployment descriptor editor and, when prompted,
click Yes to save the changes.
Results
The ibm-application-bnd.xmi file in the application contains
the users and groups-to-roles mapping table, which is the authorization
table.