Because you can define multiple protected resources for each Web application, you can protect some URLs with one policy and other URLs with a different policy.For example, you might have some pages in the application that you want all employees to access, and some pages that you want only managers to access. For this application, you would create two protected resources, one for all employees and one for managers. You would then assign a policy to each protected resource. The following sections explain this process:
In the Administration Console, click
> > .Click
and supply the following information:Module File Name: The filename of the application. Specify the name of the file you are protecting, including the file extension (.war for a Web application).
Type: The type of the application. Select
for a Web application.Click
.To add a protected resource to the list, click
, specify a display name for the resource, then click .If possible, this name should indicate the URLs that you are going to configure for this resource.
Fill in the following fields:
Description: (Optional). A text box where you can specify a description of the protected resource. You can also use the field to briefly describe the purpose of protecting this resource.
SSL Required: If this option is selected, the J2EE Agent sets up an SSL connection between the client and the application.
IMPORTANT:If the Web pages that you are now protecting with SSL have been publicly available over HTTP, they remain publicly available over HTTP until you either restart the Web server or reinstall the application. If this is a new application, reinstalling the application might be less disruptive to your network environment than restarting the Web server.
For the JBoss Agent, selecting the web.xml file.
option is only part of the process. On JBoss, you must also either disable the HTTP port and enable the SSL port or configure SSL in theIn the
, configure the paths that this resource protects. To add a path, click , specify the path, then click .For example, to allow access to all the pages in the public directory on the Web server, specify the following path:
/public/*
To allow access to everything on the Web server, specify the following path:
/*
To use this protected resource to protect a single page, specify the path and the filename. For example, to protect the login.html page in the /login directory, specify the following:
/login/login.html
Click
> .On the Configuration page, click
, then click > .Continue with Section 6.2.2, Assigning a Web Authorization Policy to the Resource.
Until you have assigned an Authorization policy to the resource, which restricts access to this resource, all authenticated users have access to the resource.
The following instructions assume that you have already created your Authorization policy for the Web resource. For general information about Authorization policies, and for information about creating a Web Authorization policy, .
To assign an Authorization policy:
In the Administration Console, click
> > > > > > .To enable a policy, select a policy in the list, then click
.If no policies appear in the list, you haven’t created any. Click
. For configuration information, .Click
>On the Configuration page, click
, then click > .