OpenEdge Application Server:<br />Administration Enabling multiple user roles to access Web services, WSDL, or WSA administration

You can enable multiple roles to access Web service applications, WSDL files, WSA administration, or any combination of the three.

To enable multiple roles, use a text editor to edit the WSA instance’s web.xml file.

Find the <security-constraint> element for accessing Web services, WSDL, or WSA administration, as shown in Table 7–9.

Table 7–9: Enabling multiple user roles for Web services, WSDL, and administration
For accessing ...	The security-constraint might look like this ...
Web services	<security-constraint> <web-resource-collection> <url-pattern>`/wsa1/`</url-pattern> </web-resource-collection> </security-constraint>
WSDL	<security-constraint> <web-resource-collection> <url-pattern>`/wsa1/wsdl/*`</url-pattern> </web-resource-collection> </security-constraint>
WSA administration	<security-constraint> <web-resource-collection> <url-pattern>`/wsa1/admin/`</url-pattern/> </web-resource-collection> </security-constraint>

For accessing ...

The security-constraint might look like this ...

Web services

<security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/</url-pattern> 
  </web-resource-collection> 
</security-constraint>

WSDL

<security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/wsdl/*</url-pattern> 
  </web-resource-collection> 
</security-constraint>

WSA administration

<security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/admin/*</url-pattern/*> 
  </web-resource-collection> 
</security-constraint>

To the <security-constraint> element, add the desired number of <role-name> elements, where each element contains exactly one role name.

A <role-name> element has the following syntax:

Syntax
<auth-constraint> <role-name>`name`</role-name> </auth-constraint>

For example, you can set up the role names WSUser1 and WSUser2 for accessing Web services, WSDUser1 and WSDUser2 for accessing WSDL, and WSAdminUser1 and WSAdminUser2 for accessing WSA administration, as shown in Table 7–10.

Table 7–10: Setting security constraints for multiple user roles on Web
services, WSDL, and administration
For accessing ...	The resulting security-constraint might look like this ...
Web services	<security-constraint> <web-resource-collection> <url-pattern>`/wsa1/`</url-pattern> <auth-constraint> <role-name>`WSUser1`</role-name> <role-name>`WSUser2`</role-name> </auth-constraint> </web-resource-collection> </security-constraint>
WSDL	<security-constraint> <web-resource-collection> <url-pattern>`/wsa1/wsdl/*`</url-pattern> <auth-constraint> <role-name>`WSDLUser1`</role-name> <role-name>`WSDLUser2`</role-name> </auth-constraint> </web-resource-collection> </security-constraint>
WSA administration	<security-constraint> <web-resource-collection> <url-pattern>`/wsa1/admin/`</url-pattern/> <auth-constraint> <role-name>`WSAdminUser1`</role-name> <role-name>`WSAdminUser2`</role-name> </auth-constraint> </web-resource-collection> </security-constraint>

For accessing ...

The resulting security-constraint

might look like this ...

Web services

<security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/</url-pattern> 
      <auth-constraint> 
        <role-name>WSUser1</role-name> 
        <role-name>WSUser2</role-name> 
      </auth-constraint> 
  </web-resource-collection> 
</security-constraint>

WSDL

<security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/wsdl/*</url-pattern> 
      <auth-constraint> 
         <role-name>WSDLUser1</role-name> 
         <role-name>WSDLUser2</role-name> 
      </auth-constraint> 
  </web-resource-collection> 
  </security-constraint>

WSA administration

<security-constraint> 
  <web-resource-collection> 
    <url-pattern>/wsa1/admin/*</url-pattern/*> 
      <auth-constraint> 
        <role-name>WSAdminUser1</role-name> 
        <role-name>WSAdminUser2</role-name> 
      </auth-constraint> 
  </web-resource-collection> 
</security-constraint>