Listing 1: a security constraint for a servlet

<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Tools</web-resource-name>
<description>Basic Authentication</description>
<url-pattern>/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Employee</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>WASWebContainer</realm-name>
</login-config>



Listing 2: Protecting a method with aN ejbrole

<method-permission>
<role-name>CEO</role-name>
<method>
<ejb-name>EJBSample</ejb-name>
<method-intf>Remote</method-intf>
<method-name>runAsRoleCEO</method-name>
<method-params>
<method-param>java.util.Vector</method-param>
<method-param>itso.utility.Tools</method-param>
</method-params>
</method>



Listing 3: A sample trace

[10/04/03 21:00:25:717 EST] 4b3963bb PDWASAuthzMan D
performImplies: PDSecurityRole
[/WebAppServer/deployedResources/Employee/ITSO/IBM-GN893WUKICU:389/IBM-GN893WUKICU/IBMEBiz]
[10/04/03 21:00:25:717 EST] 4b3963bb PDWASAuthzMan D performImplies: PDSecurityTag
[[WebAppServer]i]
[10/04/03 21:00:25:717 EST] 4b3963bb PDWASAuthzMan D performImplies: Perform the implies
[10/04/03 21:00:25:777 EST] 4b3963bb PDWASAuthzMan D performImplies: Return Value [false]
[10/04/03 21:00:25:777 EST] 4b3963bb PDWASAuthzMan < performImplies: (EXIT)
[10/04/03 21:00:25:777 EST] 4b3963bb PDWASAuthzMan D isGrantedAnyRole: Return value
[false]
[10/04/03 21:00:25:777 EST] 4b3963bb PDWASAuthzMan < isGrantedAnyRole: (EXIT)
[10/04/03 21:00:25:777 EST] 4b3963bb WebCollaborat < checkAuthorization: throw
AccessException
[10/04/03 21:00:25:777 EST] 4b3963bb WebCollaborat D checkAuthorization() failed, here is
the message in the exception: Authorization failed, Not granted any of the required roles: Employee 
[10/04/03 21:00:25:777 EST] 4b3963bb WebCollaborat A SECJ0129A: Authorization failed for
wasadmin while invoking GET on default_host:/IBMEBizWeb/secure/ejbCaller, Authorization
failed, Not granted any of the required roles: Employee