security-role security-role-ref user-data-constraint web.xml Deployment Descriptors
3.5.1.3 security-role
The security-role element contains the definition of a security role. The definition consists of an optional description of the security role, and the security role name. The following table describes the elements you can define within a security-role element.3.5.1.3.1 Example See
Example 3–14 for an example of how to use the security-role element in a web.xml file.3.5.1.4 security-role-ref
The security-role-ref element links a security role name defined by security-role to an alternative role name that is hard-coded in the servlet logic. This extra layer of abstraction allows the servlet to be configured at deployment without changing servlet code. The following table describes the elements you can define within a security-role-ref element. Table 3–4 security-role Element Element Required Optional Description description Optional A text description of this security role. role-name Required The role name. The name you use here must have a corresponding entry in the WebLogic-specific deployment descriptor , weblogic.xml, which maps roles to principals in the security realm. For more information, see Section 3.5.2.6, security-role-assignment . Table 3–5 security-role-ref Element Element Required Optional Description description Optional Text description of the role. role-name Required Defines the name of the security role or principal that is used in the servlet code. role-link Required Defines the name of the security role that is defined in a security-role element later in the deployment descriptor. Securing Web Applications 3-233.5.1.4.1 Example See
Example 3–17 for an example of how to use the security-role-ref element in a web.xml file.3.5.1.5 user-data-constraint
The user-data-constraint element defines how data communicated between the client and the server should be protected. The following table describes the elements you can define within a user-data-constraint element.3.5.1.5.1 Used Within The user-data-constraint element is used within the
security-constraint element.3.5.1.5.2 Example See
Example 3–11 for an example of how to use the user-data-constraint element in a web.xml file.3.5.1.6 web-resource-collection
Parts
» Oracle Fusion Middleware Online Documentation Library
» Document Scope Audience for This Guide
» Guide to this Document Related Information
» New and Changed Security Features in This Release What Is Security?
» Authentication Authorization Java EE Security
» User Name and Password Authentication
» Digital Certificate Authentication Authentication With Web Browsers
» Using Secure Cookies to Prevent Session Stealing
» Developing BASIC Authentication Web Applications
» Using WLST to Check the Value of enforce-valid-basic-auth-credentials
» Developing FORM Authentication Web Applications
» Developing Swing-Based Authentication Web Applications Deploying Web Applications
» auth-constraint security-constraint web.xml Deployment Descriptors
» security-role security-role-ref user-data-constraint web.xml Deployment Descriptors
» externally-defined weblogic.xml Deployment Descriptors
» security-permission-spec security-role-assignment weblogic.xml Deployment Descriptors
» getUserPrincipal isUserInRole Using Programmatic Security With Web Applications
» JAAS Authentication APIs JAAS Authentication Development Environment
» JAAS Client Application Components
» WebLogic LoginModule Implementation JVM-Wide Default User and the runAs Method
» Writing a Client Application Using JAAS Authentication
» Using JNDI Authentication Oracle Fusion Middleware Online Documentation Library
» Java Client JAAS Authentication Code Examples JSSE and WebLogic Server
» SSL Authentication APIs SSL Certificate Authentication Development Environment
» SSL Client Application Components
» SSLClient Sample SSLSocketClient Sample
» Two-Way SSL Authentication with JNDI
» Using Two-Way SSL Authentication Between WebLogic Server Instances
» Using Two-Way SSL Authentication with Servlets
» Using the CertPath Trust Manager Using a Handshake Completed Listener
» Using an SSLContext Using URLs to Make Outbound SSL Connections
» Declarative Authorization Programmatic Authorization
» SSL Client Code Examples Using Declarative Security With EJBs
» method method-permission ejb-jar.xml Deployment Descriptors
» role-name run-as security-identity ejb-jar.xml Deployment Descriptors
» security-role security-role-ref ejb-jar.xml Deployment Descriptors
» externally-defined weblogic-ejb-jar.xml Deployment Descriptors
» identity-assertion iiop-security-descriptor integrity principal-name
» role-name run-as-identity-principal weblogic-ejb-jar.xml Deployment Descriptors
» run-as-principal-name run-as-role-assignment weblogic-ejb-jar.xml Deployment Descriptors
» security-permission security-permission-spec security-role-assignment transport-requirements
» ConnectionFilterImpl Class ConnectionEvent Class
» Connection Filter Rules Syntax Types of Connection Filter Rules
» Modifying the weblogic.policy file for General Use
» Setting Application-Type Security Policies Setting Application-Specific Security Policies
» Using Java EE Security to Protect WebLogic Resources SAML API Description
» Custom POST Form Parameter Names
» Overview of Creating a Custom SAML Name Mapper
» SAMLAttributeStatementInfo Class Classes, Interfaces, and Methods
» SAMLCredentialAttributeMapper Interface Classes, Interfaces, and Methods
» Make the Custom SAMLCredentialAttributeMapper Class Available in the Console
» What Are SAML SSO Attributes?
» How to Implement SAML Attributes
» Example Custom SAML 2.0 Credential Attribute Mapper
» Custom SAML 2.0 Identity Asserter Attribute Mapper
» Example Custom SAML 1.1 Credential Attribute Mapper
» Custom SAML 1.1 Identity Asserter Attribute Mapper
» Instantiate a CertPathSelector CertPath Building
» Instantiate a CertPathBuilderParameters CertPath Building
» Use the JDK CertPathBuilder Interface Example Code Flow for Looking Up a Certificate Chain
Show more