we have application that needs to be deployed in websphere 6.1. In websphere, LDAP authentication is configured. Application that we are hosting should also have authentication enabled to enable the single signon. We need verify the particular user has entered correct user id / password. Not required to check for any role & group. No application specific role. Then how do i configure my appplication.xml, ibm.
ibm-application-bnd.xmi
<authorizationTable xmi:id="AuthorizationTable_1298129835914">
<authorizations xmi:id="RoleAssignment_1298129835811">
<users xmi:id="User_1310175154371" name="Jothi_Nadesan"/>
<role href="META-INF/application.xml#SecurityRole_1310175154371"/>
<groups xmi:id="Group_1305717519721" name="USSA.App_IP"/>
</authorizations>
</authorizationTable>
<application href="META-INF/application.xml#Application_ID"/>
application.xml
<module id="WebModule_1340958487989">
<web>
<web-uri>CotyIPMasterDataWeb.war</web-uri>
<context-root>IPMasterData</context-root>
</web>
</module>
<security-role id="SecurityRole_1310175154371">
<description>IP_AUTHENTICATION</description>
<role-name>IP_AUTHENTICATION</role-name>
</security-role>
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>IPMasterData</web-resource-name>
<description></description>
<url-pattern>/</url-pattern>
<url-pattern>*.action</url-pattern>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.html</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>POST</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
