External authorization provider settings
Use this page to enable a Java Authorization Contract for Containers (JACC) provider for authorization decisions. To view this console page, complete the following steps:
- Click Security > Secure administration, applications, and infrastructure.
- Click External authorization providers.
The appserver provides a default authorization engine that performs all of the authorization decisions. In addition, the appserver also supports an external authorization provider using the JACC specification to replace the default authorization engine for Java 2 Platform, Enterprise Edition (J2EE) applications.
JACC is part of the J2EE specification, which enables third-party security providers such as Tivoli Access Manager to plug into the appserver and make authorization decisions.
Unless you have an external JACC provider or want to use a JACC provider for Tivoli Access Manager that can handle J2EE authorizations based on JACC, and it is configured and set up to use with the appserver, do not enable External authorization using a JACC provider.
- External JACC provider
Use this link to configure the appserver to use an external JACC provider. For example, to configure an external JACC provider, the policy class name and the policy configuration factory class name are required by the JACC specification.
The default settings that are contained in this link are used by Tivoli Access Manager for authorization decisions. If you intend to use another provider, modify the settings as appropriate.
Configuration tab
- Default authorization
Use this option all the time unless you want an external security provider such as the Tivoli Access Manager to perform the authorization decision for J2EE applications that are based on the JACC specification.
Default: Enabled
Related tasks
Use the default authorization provider
Related Reference
External Java Authorization Contract for Containers provider settings
Reference topic