11.4 Provider contract
The provider contract in the JACC Specification specifies that each JRE of an application server should be provided with classes that implement the PolicyConfigurationFactory class and the PolicyConfiguration interface. The classes are used by the container to propagate the security information to the provider. The provider is also expected to provide the implementation for the java.security.Policy object. This Policy object must assume responsibility for performing all access decisions within the JRE in which it is installed. The Policy object can delegate the non-javax.security.jacc access decisions to the corresponding default system Policy implementation class. The Provider contract defines the following components:
| 
|
| Policy Implementation Class
|
|
|
|
| Policy Configuration Interface
|
|
|
|
| PolicyContext Class and Context Handlers
|
|
|
|
| Optional Provider Support for JAAS Policy Object
|
|
|
|
| What the Application Server Must Do
|
|