Application Integration (On-Premises) : Incorporating web applications : Incorporating Web Applications into Integration Server : About Securing the Web Application : Recommendations for Setting Up Security in a Deployment Descriptor File
Recommendations for Setting Up Security in a Deployment Descriptor File
 
Setting Up Web Application Authorization
Setting Up Web Application Authentication
This section describes how you might want to set up your deployment descriptor file to secure web applications. Add two security sections to the deployment descriptor file:
*A <security-constraint> section to specify who is authorized to access the web application. For more information, see Setting Up Web Application Authorization.
*The <login-config> section validates a user’s name and password when the user invokes the web application. By default, Integration Server displays a standard browser authentication screen. For more information, see Setting Up Web Application Authentication.
The following example shows a global deployment descriptor file that restricts access to all web applications that reside on the server to users belonging to the “Administrators” ACL. It also indicates that authentication should be performed using standard (basic) browser authentication.
Security sections in a deployment descriptor
Copyright © 2015- 2017 Software AG, Darmstadt, Germany. (Innovation Release)
Product LogoContact Support   |   Community   |   Feedback