A Web container holds your Web application elements, including components, servlets, JSPs, HTML pages, and so on. The Web application’s deployment descriptor describes how a Web application is deployed, including the level of security for the various elements of your Web application. For example, your Web application may include an HTML page that is available to all visitors to your site, while other HTML pages, servlets, and JSPs are restricted to existing or preferred customers.
Web client security requires that Web content be deployed in Web applications:
There is no way to secure files deployed in EAServer’s HTML root directory.
Do not put sensitive information such as passwords in files that can be downloaded by Web clients.
Do not put files containing sensitive information in locations that allow download by Web clients.
Accessing the security properties of your Web
application from EAServer Manager
Highlight the Web Applications or the Installed Web Applications folder.
Highlight the Web application for which you are establishing security.
Select File | Properties.
Select the Security tab from the Web Applications Property window.
You can now define the authentication method of your Web application and security constraints on the various elements within your Web application.
Defining Web application security from the Web
application Security wizard
As an alternative to setting Web application security from the Web Application Properties dialog, you can use the Web Application Security wizard, which guides you through the security configuration process.
Highlight the Web Applications or the Installed Web Applications folder.
Highlight the Web application for which you are establishing security.
Select File | Security Configuration Wizard.
Follow the instructions in the wizard to define the authentication method of your Web application and security constraints on the various elements within your Web application.
