JACC in WebSphere V6

 

+

Search Tips   |   Advanced Search

 

WebSphere Application Server 6.0 supports Java Authorization Contract for Containers (JACC) and provides several key components...

The JACC Specification only specifies a contract to propagate the policy information to the provider. There is no contract specified to propagate the authorization table information to the provider. It is the responsibility of the provider to present some kind of management interface to handle principals (users/groups) to roles. To propagate the authorization table information, WebSphere Application Server provides interfaces RoleConfigurationFactory and RoleConfiguration. The implementation of these interfaces is optional.

 

Deployment tools contract

The following is the sequence of steps to take for deployment tools contract components:

  1. Create a PolicyContext identifier (contextID) for the module.

  2. Get the PolicyConfiguration for the contextID.

  3. Translate the declarative policy in DD into appropriate permission classes.

  4. Create Policy Statements in the PolicyConnfiguration objects using the permission classes.

  5. Commit the changes and refresh the Policy.

 

Container contract

The following is the sequence of steps to take for deployment tools contract components:

  1. Create the PolicyContext identifier for the module.

  2. Register the various PolicyContextHandlers.

  3. Create the Protection Domain (PD) and the appropriate Permission object (perm).

 

Provider contract

The provider makes the access decision based on the permission object.