There are two aspects of application security administration which apply to all secured J2EE application components: defining security roles (performed at application assembly time), and security role mapping (performed at deployment time). Additional application security administration tasks which apply to specific J2EE components will be discussed in later chapters.
Defining security roles can be performed using either of two WebSphere tools:
Application Assembly Tool
WebSphere Studio Application Developer
Security role mapping can be performed using either of the above tools, or can be performed using the WebSphere Administrative Console as part of the application installation.
The following sections ...