ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/sec/secdev.htm

55 lines
2.2 KiB
HTML
Raw Permalink Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Developing secured applications</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h2><a name="secdev"></a>Developing secured applications</h2>
<p>IBM WebSphere Application Server - Express provides security components that provide or collaborate with other services to provide authentication, authorization, delegation, and data protection. WebSphere Application Server - Express also supports the security features described in the Java 2 Enterprise Edition (J2EE) specification.</p>
<p>An application goes through three stages before it is ready to run:</p>
<ol>
<li>Development</li>
<li>Assembly</li>
<li>Deployment</li>
</ol>
<p>Most of the security is configured for an application during the assembly stage. The security configured during assembly stage is called declarative security because the security is declared or defined in the deployment descriptors. The declarative security is enforced by the security run time of which an application developer need not be aware. For some applications, declarative security alone is not sufficient to express the security model of the application. For those applications, you can use programmatic security.</p>
<p>See these topics for more information about programmatic security:</p>
<blockquote>
<p><strong><a href="secdweb.htm">Develop secure Web applications</a></strong>
<br></p>
<p><strong><a href="secdform.htm">Develop servlet filters for form login processing</a></strong>
<br></p>
<p><strong><a href="secdlog.htm">Develop form login pages</a></strong>
<br></p>
<p><strong><a href="secdjaas.htm">Develop with JAAS to log in programmatically</a></strong>
<br></p>
<p><strong><a href="secdj2c.htm">Develop your own J2C security mapping module</a></strong>
<br></p>
<p><strong><a href="secdcur.htm">Develop custom user registries</a></strong>
<br></p>
<p><strong><a href="secdint.htm">Develop a custom interceptor for trust associations</a></strong>
<br></p>
</blockquote>
</body>
</html>