Creating a classes subdirectory in your profile for custom classes
You can create a classes subdirectory in the profile in which you can place your custom security components.
About this task
- app_server_root
- Contains product Java™ archive (JAR) files, scripts, and the master copies of the administrative application, samples, and properties files. This directory is referred to by the ${WAS_INSTALL_ROOT} WebSphere Application Server variable. Do not modify files in these directories.
- profile_root
- Contains user profile data, that is a combination of unique files and symmetric links to files in the app_server_root directories. This directory is referred to by the ${USER_INSTALL_ROOT} WebSphere Application Server variable.
- To separate the files that run the product from files that you can modify, either by editing or through the administrative interfaces. When you apply product fixes, the separate directory structure keeps these fixes from overwriting user-defined data, such as modifying properties files.
- To isolate configuration differences between profiles. For example, each profile subdirectory can have its own copy of the Java 2 Security files, by which the profile can have a unique Java 2 Security configuration, rather than all profiles conforming to one product-wide configuration only.
WebSphere Application Server provides application programming interfaces (APIs) that you can use to develop your own security components for WebSphere Application Server. For example, you can create custom user registries, custom trust association interceptors, and custom login modules. For other WebSphere Application Server platforms, place the files for your custom security component in the app_server_root/classes directory.
For the IBM® i platform, this action is not recommended because the files are accessible from all server profiles, which might not be a desirable or secure behavior. Additionally, the classes directory is granted Java 2 Security AllPermissions authority, which might not be appropriate for your secured environment.
Therefore, create a /classes subdirectory in the profile in which you can place your custom security components. Additionally, the QEJBSVR user profile must have authority to the directory. To create the classes subdirectory and grant the necessary authorities, complete the following steps: