run-as-principal-name run-as-role-assignment security-permission weblogic.xml Deployment Descriptors
3.5.2.2 run-as-principal-name
The run-as-principal-name element specifies the name of a principal to use for a security role defined by a run-as element in the companion web.xml file.3.5.2.2.1 Used Within The run-as-principal-name element is used within a
run-as-role-assignment element.3.5.2.2.2 Example For an example of how to use the run-as-principal-name
element, see Example 3–14 .3.5.2.3 run-as-role-assignment
The run-as-role-assignment element maps a given role name, defined by a role-name element in the companion web.xml file, to a valid user name in the system. The value can be overridden for a given servlet by the run-as-principal-name element in the servlet-descriptor. If the run-as-role-assignment element is absent for a given role name, the Web application container chooses the first principal-name defined in the security-role-assignment element. The following table describes the elements you can define within a run-as-role-assignment element.3.5.2.3.1 Example:
Example 3–14 shows how to use the run-as-role-assignment element to have the SnoopServlet always execute as a user joe. Table 3–8 run-as-role-assignment Element Element Required Optional Description role-name Required Specifies the name of a security role name specified in a run-as element in the companion web.xml file. run-as-principal-na me Required Specifies a principal for the security role name defined in a run-as element in the companion web.xml file. Securing Web Applications 3-27 Example 3–14 run-as-role-assignment Element Example web.xml: servlet servlet-nameSnoopServletservlet-name servlet-classextra.SnoopServletservlet-class run-as role-namerunasrolerole-name run-as servlet security-role role-namerunasrolerole-name security-role weblogic.xml: weblogic-web-app run-as-role-assignment role-namerunasrolerole-name run-as-principal-namejoerun-as-principal-name run-as-role-assignment weblogic-web-app3.5.2.4 security-permission
The security-permission element specifies a security permission that is associated with a Java EE Sandbox.3.5.2.4.1 Example For an example of how to used the security-permission
element, see Example 3–15 .3.5.2.5 security-permission-spec
Parts
» Oracle Fusion Middleware Online Documentation Library
» Document Scope Audience for This Guide
» Guide to this Document Related Information
» New and Changed Security Features in This Release What Is Security?
» Authentication Authorization Java EE Security
» User Name and Password Authentication
» Digital Certificate Authentication Authentication With Web Browsers
» Using Secure Cookies to Prevent Session Stealing
» Developing BASIC Authentication Web Applications
» Using WLST to Check the Value of enforce-valid-basic-auth-credentials
» Developing FORM Authentication Web Applications
» Developing Swing-Based Authentication Web Applications Deploying Web Applications
» auth-constraint security-constraint web.xml Deployment Descriptors
» security-role security-role-ref user-data-constraint web.xml Deployment Descriptors
» externally-defined weblogic.xml Deployment Descriptors
» security-permission-spec security-role-assignment weblogic.xml Deployment Descriptors
» getUserPrincipal isUserInRole Using Programmatic Security With Web Applications
» JAAS Authentication APIs JAAS Authentication Development Environment
» JAAS Client Application Components
» WebLogic LoginModule Implementation JVM-Wide Default User and the runAs Method
» Writing a Client Application Using JAAS Authentication
» Using JNDI Authentication Oracle Fusion Middleware Online Documentation Library
» Java Client JAAS Authentication Code Examples JSSE and WebLogic Server
» SSL Authentication APIs SSL Certificate Authentication Development Environment
» SSL Client Application Components
» SSLClient Sample SSLSocketClient Sample
» Two-Way SSL Authentication with JNDI
» Using Two-Way SSL Authentication Between WebLogic Server Instances
» Using Two-Way SSL Authentication with Servlets
» Using the CertPath Trust Manager Using a Handshake Completed Listener
» Using an SSLContext Using URLs to Make Outbound SSL Connections
» Declarative Authorization Programmatic Authorization
» SSL Client Code Examples Using Declarative Security With EJBs
» method method-permission ejb-jar.xml Deployment Descriptors
» role-name run-as security-identity ejb-jar.xml Deployment Descriptors
» security-role security-role-ref ejb-jar.xml Deployment Descriptors
» externally-defined weblogic-ejb-jar.xml Deployment Descriptors
» identity-assertion iiop-security-descriptor integrity principal-name
» role-name run-as-identity-principal weblogic-ejb-jar.xml Deployment Descriptors
» run-as-principal-name run-as-role-assignment weblogic-ejb-jar.xml Deployment Descriptors
» security-permission security-permission-spec security-role-assignment transport-requirements
» ConnectionFilterImpl Class ConnectionEvent Class
» Connection Filter Rules Syntax Types of Connection Filter Rules
» Modifying the weblogic.policy file for General Use
» Setting Application-Type Security Policies Setting Application-Specific Security Policies
» Using Java EE Security to Protect WebLogic Resources SAML API Description
» Custom POST Form Parameter Names
» Overview of Creating a Custom SAML Name Mapper
» SAMLAttributeStatementInfo Class Classes, Interfaces, and Methods
» SAMLCredentialAttributeMapper Interface Classes, Interfaces, and Methods
» Make the Custom SAMLCredentialAttributeMapper Class Available in the Console
» What Are SAML SSO Attributes?
» How to Implement SAML Attributes
» Example Custom SAML 2.0 Credential Attribute Mapper
» Custom SAML 2.0 Identity Asserter Attribute Mapper
» Example Custom SAML 1.1 Credential Attribute Mapper
» Custom SAML 1.1 Identity Asserter Attribute Mapper
» Instantiate a CertPathSelector CertPath Building
» Instantiate a CertPathBuilderParameters CertPath Building
» Use the JDK CertPathBuilder Interface Example Code Flow for Looking Up a Certificate Chain
Show more