Adding Configuring a WebApp Components Security
Resources of a web application are secured using security policies that provide authentication, access control for resources, and confidentiality or data privacy.
Authentication: The means by which communicating entities prove to one another that they are acting on behalf of specific identities authorized for access.
Access control for resources: The means by which interactions with resources are limited to collections of users or programs to enforce integrity, confidentiality, or availability constraints.
Confidentiality or data privacy: The means used to ensure that information is made available only to users who are authorized to access it.
The WebApp component provides the Form-based Authentication and the Security Constraint policies to implement security policies for authentication and authorization of resources.
If a WebApp component is created from a WAR file or WTP project, which already contains the security configuration in
web.xml
, the security configuration from
web.xml
is mapped to the WebApp’s policy configuration.
web.xml
. You must use the provided interface (Implementation > Security tab or Policies tab) to do this.