The Novell J2EE Agent now comes with the ability to configure different authentication contracts to protect different applications that reside on the same application server instance. You can also configure additional authentication contracts to applications that require them.
In the Administration Console, click
> > . The J2EE Agents Configuration page is displayed.Click
to configure J2EE Agents Policies. The Protected Web and EJB Resource page is displayed.Click
to create a new protected Web resource.Fill in the following fields:
Module File Name: Specify the name of the file you are protecting, including the file extension (.jar or.war).
Type: Select
to protect the Web application. You can configure different authentication contracts only for different Web applications.Click
.Click the newly added protected Web resource.
Fill in the following fields:
Protected Resource: Displays the name of the resource you are configuring
Description: (Optional). Provides a field where you can enter a description for this protected resource. You can use it to briefly describe the purpose for protecting this resource.
SSL Required: If this option is selected, the J2EE Agent sets up an SSL connection between the client and the application.
IMPORTANT:If the Web pages that you are now protecting with SSL have been publicly available over HTTP, they remain publicly available over HTTP until you either restart the Web server or reinstall the application. If this is a new application, reinstalling the application might be less disruptive to your network environment than restarting the Web server.
For the JBoss Agent, selecting the web.xml file.
option is only part of the process. On JBoss, you must also either disable the HTTP port and enable the SSL port or configure SSL in theClick
in the section and add a new URL path, then click .For example, to allow access to all the pages in the public directory on the Web server, specify the following path:
/public/*
To allow access to everything on the Web server, specify the following path:
/*
To use this protected resource to protect a single page, specify the path and the filename. For example, to protect the login.html page in the /login directory, specify the following
/login/login.html
Repeat Step 1 to Step 6 for all the applications for which you want to configure different authentication contract.
Click
, then click > .To update the Identity Server, click
, then click .Whenever you set up a new trusted identity configuration, you need to update the Identity Server configuration.
You might want to configure additional authentication for certain resources. For example, in an organization, certain confidential policies can be viewed only by Managers. In such a scenario, you need to perform additional authentication.
Complete the procedure in Section 2.3, Configuring the Agent for Direct Access.
Click the protected resource for which you want to add an additional authentication contract.
Click
in the section and add a new URL path, then click .Click
, then click > .To update the Identity Server, click
, then click .Whenever you set up a new trusted identity configuration, you need to update the Identity Server configuration.