Chapter 3 Configuring Web Application Security

Introduction

A Web container holds your Web application elements, including components, servlets, JSPs, HTML pages, and so on. The Web application's deployment descriptor describes how a Web application is deployed, including the level of security for the various elements of your Web application. For example, your Web application may include an HTML page that is available to all visitors to your site, while other HTML pages, servlets, and JSPs are restricted to existing or preferred customers.

Web client security requires that Web content be deployed in Web applications:

• There is no way to secure files deployed in EAServer's HTML root directory.
• Do not put sensitive information such as passwords in files that can be downloaded by Web clients.
• Do not put files containing sensitive information in locations that allow download by Web clients.

Accessing the security properties of your Web application from Jaguar Manager

1. Highlight the Web Applications or the Installed Web Applications folder.
2. Highlight the Web application for which you are establishing security.
3. Select File | Web Application Properties.
4. Select the Security tab from the Web Applications Property window.
   
   You can now define the authentication method of your Web application and security constraints on the various elements within your Web application.

Copyright © 2002 Sybase, Inc. All rights reserved.