Professional Documents
Culture Documents
Security
• Declarative security:
– Describes an application’s access control in a
form that is external to the application
– Specifies security roles, access control, and
authentication requirements on application
resources
– Uses XML-based deployment descriptors
Protecting Web Applications
• A scoped role:
– Is an abstraction of users and groups
– Can be determined dynamically for different
resources
• A security policy:
– Is a set of rules and conditions that users and
groups must meet, to be granted or denied
authorization
– Implements parameterized authjorization
– Allows expressions using defined roles
Configuring Scoped Roles and Policies for URL
Resources
Configure SSL
– For details on the exercise, refer to the Lab Guide.
– If questions arise, ask the instructor
– The instructor will determine the stop time
Roadmap