Protecting Access to a J2EE-Based Application Using UME Permissions

The Task

In this tutorial, you will include access protection to the quick car rental application that is provided with the SAP NetWeaver Developer Studio. In this application, a JSP and servlet serve as the frontend client. The business logic is implemented using EJBs.

You will use a programmatic approach using UMEpermissions and actions so that only certain users are allowed to perform certain tasks. The following access protection rules apply:

?     All car rental employees can access the application. They can view current reservations.

?     Only those employees who work as booking agents can create or cancel reservations. Standard booking agents can create and cancel reservations for the standard vehicle types (economy, compact, intermediate, full size, and mini van).

?     Only premium booking agents can create or cancel reservations for premium or luxury cars.

To perform the authorization check, you also have to require authentication. For this purpose, you will also UME authentication mechanisms.

Objectives

By the end of this tutorial, you will be able to:

!

Use authentication in the JSP to protect access to your application.

!

Use UME permissions to protect access to the application and to distinguish between users with different authorizations for the EJB methods.

!

Specify consolidated permissions in UME actions.

!

Perform the administrative steps for creating roles and assigning roles to users using the UME user administration management console.

Prerequisites

Systems, Installations, and Authorizations

The SAP NetWeaver Developer Studio is installed on your computer.

You can access the J2EE Engine from the SAP NetWeaver Developer Studio for deployment.

You can log on to the J2EE Engine with an administrator user.

Knowledge

Java knowledge and basic knowledge of the J2EE programming model is advantageous.

You have acquired some basic experience with the J2EE toolset in the Developer Studio.

Next Step:

Before beginning with the tutorial, you should familiarize yourself with the concepts necessary for using UME permissions with this tutorial.