您的应用程序意识到通过IBM应用-bnd.xml的WAS定义的安全角色。
下面是结合匹配内定义自定义JDBC注册表(客户端角色)和LDAP/AD(其他角色)的角色的一个例子是:
<?xml version="1.0" encoding="UTF-8"?>
<application-bnd xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://websphere.ibm.com/xml/ns/javaee"
xsi:schemaLocation="http://websphere.ibm.com/xml/ns/javaee
http://websphere.ibm.com/xml/ns/javaee/ibm-application-bnd_1_0.xsd"
version="1.0">
<security-role name="CLIENT">
<group name="Clients" />
</security-role>
<security-role name="STAFF">
<group name="Contractors" access-id="CN=Contractors,OU=Some Unit,OU=Some Unit,o=StaffLDAP"/>
<group name="ContractorsNoVPN" access-id="CN=ContractorsNoVPN,OU=Some Unit,OU=Some Unit,o=StaffLDAP"/>
<group name="ContractorsVPN" access-id="CN=ContractorsVPN,OU=Some Unit,OU=Some Unit,o=StaffLDAP"/>
</security-role>
<security-role name="MANAGER">
<group name="AssistantManagers" access-id="CN=AssistantManagers,OU=Some Unit,OU=Some Unit,OU=Some Unit,o=ManagersLDAP"/>
<group name="Managers" access-id="CN=Managers,OU=Some Unit,OU=Some Unit,OU=Some Unit,o=ManagersLDAP"/>
<group name="TestManagers"/>
</security-role>
<security-role name="ADMIN">
<group name="Admin" access-id="group:someRealm/CN=Team,OU=Groups,OU=Divison,OU=Region,o=AdminsLDAP"/>
</security-role>
</application-bnd>