1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
  6. Manual

Configuring Security Constraints; Configuring For Roles - Novell ACCESS MANAGER 3.1 SP1 - AGENT GUIDE Manual

J2ee* agent guide
Hide thumbs
Table of Contents

Advertisement

4.2.2 Configuring Security Constraints

If you specify a security constraint similar to the following in the
users are redirected for authentication as soon as they access any URL of the application:
<security-constraint>
<web-resource-collection>
<web-resource-name>All web resources</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Manager</role-name>
</auth-constraint>
</security-constraint>
After authenticating to the Identity Server, all users receive an error:
If the user has the Manager role, the user sees a 404 error stating that j_security_check is not
available.
If the user does not have the Manager role, the user sees a 403 Access Denied error to the login
servlet.
When using the J2EE Agent with a JBoss server, you cannot give the
value of /* or / for a login page that requires authentication. The JAAC provider in the JBoss server
is not informed about the login servlet. For example, suppose that the login page for the application
has a configuration similar to the following:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
You need to configure the
<security-constraint>
<web-resource-collection>
<web-resource-name>Allow Form Login page</web-resource-name>
<url-pattern>/login</url-pattern>
</web-resource-collection>
</security-constraint>

4.2.3 Configuring for Roles

For the J2EE Agent to enforce authentication for a
file that contains a URL with a role restriction. You can use the generic authenticated role for this
URL. This policy triggers authentication, and the J2EE Agent policies can then be used to determine
authorization. The following is a sample security constraint for a
authentication for any path below the
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Content</web-resource-name>
<url-pattern>/protected/*</url-pattern>
</web-resource-collection>
70
Novell Access Manager 3.1 SP1 Agent Guide
directory to allow access. For example:
/login
.war
directory:
protected
file of an application, the
web.xml
<url-pattern>
file, the JBoss server must have a
file that triggers
web.xml
element a
web.xml

Advertisement

Table of Contents
loading

Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - AGENT GUIDE

Related Content for Novell ACCESS MANAGER 3.1 SP1 - AGENT GUIDE

This manual is also suitable for:

Access manager 3.1 sp 1

Table of Contents