27 lines
1.2 KiB
HTML
27 lines
1.2 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
|
|
|
|
<title>Tune authorization</title>
|
|
</head>
|
|
|
|
<BODY>
|
|
<!-- Java sync-link -->
|
|
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
|
|
|
|
<h3><a name="sectuaut"></a>Tune authorization</h3>
|
|
|
|
<p>To tune the authorization process, consider the following steps:</p>
|
|
|
|
<ol>
|
|
<li><p>Consider mapping your users to groups in the user registry. Then, associate the groups with your J2EE roles. This association greatly improves performance as the number of users increase.</p></li>
|
|
|
|
<li><p>Judiciously assign security-constraints for servlets. For example, you can use the URL pattern <tt>*.jsp</tt> to apply the same authentication data constraints to indicate all JSP files. For a given URL, the exact match in the deployment descriptor takes precedence over longest path match. Use the extension match (*.jsp , *.do , *.html) if there is no exact match and longest path match for a given URL in the security constraints.</p></li>
|
|
</ol>
|
|
|
|
</body>
|
|
</html>
|
|
|