Enabling multiple user roles to access Web services, WSDL, or WSA administration

Table 39. Enabling multiple user roles for Web services, WSDL, and administration
For accessing . . .	The security-constraint might look like this . . .
Web services	<security-constraint> <web-resource-collection> <url-pattern>/wsa1/</url-pattern> </web-resource-collection> </security-constraint>
WSDL	<security-constraint> <web-resource-collection> <url-pattern>/wsa1/wsdl/*</url-pattern> </web-resource-collection> </security-constraint>
WSA administration	<security-constraint> <web-resource-collection> <url-pattern>/wsa1/admin/</url-pattern/> </web-resource-collection> </security-constraint>

Table 40. Syntax
<auth-constraint> <role-name>name</role-name> </auth-constraint>

For example, you can set up the role names WSUser1 and WSUser2 for accessing Web services, WSDUser1 and WSDUser2 for accessing WSDL, and WSAdminUser1 and WSAdminUser2 for accessing WSA administration, as shown in the following table.

Table 41. Setting security constraints for multiple user roles on Web services, WSDL, and administration
For accessing . . .	The resulting security-constraintmight look like this . . .
Web services	<security-constraint> <web-resource-collection> <url-pattern>/wsa1/</url-pattern> <auth-constraint> <role-name>WSUser1</role-name> <role-name>WSUser2</role-name> </auth-constraint> </web-resource-collection> </security-constraint>
WSDL	<security-constraint> <web-resource-collection> <url-pattern>/wsa1/wsdl/*</url-pattern> <auth-constraint> <role-name>WSDLUser1</role-name> <role-name>WSDLUser2</role-name> </auth-constraint> </web-resource-collection> </security-constraint>
WSA administration	<security-constraint> <web-resource-collection> <url-pattern>/wsa1/admin/</url-pattern/> <auth-constraint> <role-name>WSAdminUser1</role-name> <role-name>WSAdminUser2</role-name> </auth-constraint> </web-resource-collection> </security-constraint>