Configuration GuidesSiteMinder Agent for JBoss GuideConfigure the SiteMinder Agent Security Interceptor to Protect Web ApplicationsConfigure Web Applications to Invoke the SiteMinder Agent Security Interceptor › Edit the Application Deployment Descriptor to Enable Security

Previous Topic: Configure Web Applications to Invoke the SiteMinder Agent Security Interceptor

Next Topic: Map Web Applications to the SiteMinderDomain Security Domain
Edit the Application Deployment Descriptor to Enable Security

Edit the web.xml deployment descriptor to enable security for each web application that you want to protect with the SiteMinder Agent Web Interceptor. The web.xml file is located in the application WEB-INF directory.

For more information about the web.xml file and constituent element syntax, see the JBoss Enterprise Application Platform documentation.

To Edit the web.xml deployment descriptor to enable security

  1. Navigate to the web application WEB-INF directory
  2. Open the web.xml deployment descriptor file in a text editor.
  3. Add one or more security-constraint elements defining what resources in the web application are to be protected. For example: 
    <security-constraint>
    <display-name>Constraint1</display-name>
    <web-resource-collection>
        <web-resource-name>admin resource</web-resource-name>
        <description/>
        <url-pattern>/admin/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description/>
        <role-name>adminRole</role-name>
    </auth-constraint>
</security-constraint>
  4. Add a security-role element defining roles used by the application. For example: 
    <security-role>
     <description/>
     <role-name>adminRole</role-name>
</security-role>
  5. Add a login-config element. The auth-method subelement of the login-config element defines the authentication method (BASIC, FORMS, and so on) and therefore determines which globally configured SiteMinder Agent Authenticator will be invoked. For example, the following login-config element would result in the SMJBossFormAuthenticator handling application requests: 
    <login-config>
    <auth-method>FORM</auth-method>
    <realm-name/>
    <form-login-config>
        <form-login-page>/login.jsp</form-login-page>
        <form-error-page>/fail_login.jsp</form-error-page>
    </form-login-config>
</login-config>
  6. Save the file and exit the text editor
  7. Install or update the web application.