This week, the team had to deploy a web application on OC4J. However we wanted to re-use the security settings of the BPEL console:
1. Created a web application with the following web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee">
<display-name>webAccess</display-name>
<security-constraint>
<display-name>ILayer Scheduler</display-name>
<web-resource-collection>
<web-resource-name>web-resource-name</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>toto-administrators</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Ilayer FTP Application</realm-name>
</login-config>
<security-role>
<description>Dummy Toto Administrators</description>
<role-name>toto-administrators</role-name>
</security-role>
</web-app>
2. Modified the file <$oracle_home>/j2ee/home/config/system-jazn-data.xml to add a role:
<role>
<name>toto-administrators</name>
<display-name>Scheduler Admin Role</display-name>
<description>Admin role for scheduled application</description>
<members>
<member>
<type>user</type>
<name>oc4jadmin</name>
</member>
</members>
</role>
3. Then had to restart OC4J for the settings to be taken into account
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment