Designing and Implementing Composite Applications : Getting Started with the webMethods Application Platform API : Using the Application Platform API : Adding Single Sign-On Authentication to Application Platform Projects : Web Application Layer Security
Web Application Layer Security
The following table describes the properties and values of the security filter that you add in the web.xml file.
Filter and Description
com.softwareag.applatform.security.filter.AppPlatformSecurityFilter
A servlet filter that is added to the web.xml file of the required Application Platform web project. Supports SSO functionality for web applications.
The following table lists the properties of AppPlatformSecurityFilter:
Property
Value
Description
realm
AppPlatformRealm
This is the only valid value.
String Required. The Application Platform realm.
nextauthMethod
Valid values:
*BASIC
Basic authentication.
*CLIENT_CERT
Authentication with client certificate.
*FORM
Form authentication. Requires attributes for user name and the password, as follows:
j_username
j_password
String Required. The next authentication method to try if the current authentication request fails. For detailed information about the possible values, see the Java EE documentation, provided by Oracle.
roleNamesAllowed
Depends on the runtime server, as follows:
*For Integration Server the roles must be equivalent to the roles in the Integration Server access control list (ACL). For information about the ACL, see webMethods Integration Server Administrator’s Guide.
*For My webMethods Server the roles must be equivalent to the applicable Security Realm container. For information about Security Realm containers, see Administering My webMethods Server.
String List Optional. A comma-separated list of allowed user roles. Users are authenticated when they have one of the listed roles.
formLoginPage
String Optional. The address of the login page when using the form authentication type.
formErrorPage
String Optional. The address of the error page that displays when the form authentication fails.
Securing the Web Application Layer
Copyright © 2016- 2016 Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback