System Administration Guide: Basic Administration

Specifying Authorizations With the authTypes Tag

While most system management web applications do not require any administrator intervention to use the authTypes tag, in some cases, you might need to change the values of this tag. The authTypes tag contains a set of information that describes the level of authorization that is required for a user to view an application in the Oracle Java Web Console. The web console determines if a user is authorized to see a particular application, based on the authorization requirements in the application's app.xml file. Each application can determine whether a user must have proper authorization to run the application. This determination might be made as part of the application installation process. Or, you might need to supply the information, depending on your own security requirements. The product documentation for the application should contain the information that is necessary to determine whether you need to specify a particular permission.

You can nest several authType tags within the authTypes tag.

The authTypes tag must contain at least one authType tag that provides the following necessary information:

In the following example, the authType tag has one attribute, name. The required name attribute is the name of the authorization service type. Different authorization types might require different values for the classType and permissionParam tags.


<authTypes>
	<authType name="SolarisRbac">
	    <classType>
	      com.sun.management.solaris.RbacPermission
	    </classType>
	    <permissionParam name="permission">
	      solaris.admin.serialmgr.read
	    </permissionParam>
	</authType>
</authTypes>

The following table shows the tags that can be nested within an authType tag.

Table 3–1 Nested authType Tags

Tag 

Attribute 

Description 

classType

 

The Permission subclass name. This tag is required.

permissionParam

name

The parameters that are required to create an instance of the class specified by classType.

The authTypes tag and nested authType tags are required elements in the app.xml file. If you want to register an application that is available to anyone, specify the authType tag with no content, as shown in the following example.


<authTypes>
        <authType name="">
            <classType></classType>
            <permissionParam name=""></permissionParam>
        </authType>
</authTypes>