Entering content frame

Procedure documentation Editing the Security Properties Locate the document in its SAP Library structure

Procedure

       1.      In your DLP project, choose the J2EE Components tab.

       2.      Choose a WAR.

       3.      Manage the security or constraint properties.

Managing the Security Configuration

...

       1.      Choose the Security subtab.

       2.      In the Authorization Method field, specify the authorization mechanism for the Web application. To access Web resources protected by an authorization constraint, you must be authenticated using the configured mechanism.

       3.      In the Realm Name field, enter the realm name that will be used for HTTP BASIC authorization.

       4.      In the Login Page field, enter the location in the web application of the page used for login.

       5.      In the Error Page field, enter the location in the web application of the error page used in cases of unsuccessful login.

       6.      The Security Roles field provides a list of the security roles that are used in the security constraints set for the Web application.

       7.      In the Role Name field enter a name for the new security role.

       8.      In the Security Role Description enter a short descriptive text about a security role.

       9.      Use the Add, Modify, Remove and Clear buttons to add, remove and modify the entries in the Security Roles field, and to clear the values from the Role Name and Security Role Description fields.

   10.      Save your project changes.

Managing Constraints

...

       1.      Choose the Constraints subtab.

       2.      Click the Add button. A new security constraint is added to the Constraints field. The rest of the functionality becomes enabled.

       3.      You have to specify properties for the Web resource collection and the authorization constraints for that security constraint. Otherwise it will not be saved.

Managing Web Resource Collection

...

       1.      Choose the Web Resource Collection tab. The existing Web resources are listed in the Web Resources list.

       2.      To add a new Web resource:

                                                  i.       Click the New button.

                                                ii.       In the Web Collection Name box, enter the name of the new Web resource.

                                               iii.       Click the OK button. The new Web resource will be added to the Web Resources list. It constraint a subset of resources and HTTP methods to which the selected security constraint applies. If no HTTP methods are specified, then the security constraint applies to all HTTP methods.

       3.      To set an URL pattern or HTTP method for a Web resource:

                                                  i.       Click the corresponding tab.

                                                ii.       Click the Add button.

                                               iii.       In the dialog box, enter a name for the new pattern or new HTTP method and click the OK button.

       4.      To edit or remove a URL pattern/ HTTP method:

                                                  i.       Click the corresponding tab.

                                                ii.       Select an entry from the URL Pattern list (alternatively from the HTTP Methodslist).

                                               iii.       Use the Edit or Remove buttons.

Managing Authorization Constraints

...

       1.      Choose the Authorization Constraints tab.

       2.      Specify the type of the communication between the client and the server in the Transport Guarantee field.

       3.      Enter a descriptive text about the transport guarantee in the User Data Descriptionfield.

       4.      To add a new security role:

                                                  i.       Choose it from the Available Roles list.

                                                ii.       Click the button with the left-pointing arrows. The role is added to the Security Roles list.

       5.      To remove a security role:

                                                  i.       Choose it from the Security Roles list.

                                                ii.       Click the button with the right-pointing arrows. The role is removed from the list and added back to the Available Roles list.

       6.      Enter a descriptive text in the Authorization Constraints Descriptionfield.

 

 

Leaving content frame