JACC policy context handlers
WAS supports all of the policy context handlers that are required by the Java Authorization Contract for Containers (JACC) specification. However, due to performance impacts, the Enterprise JavaBeans (EJB) arguments policy context handler is not activated unless it is specifically required by the provider. Performance impacts result if objects must be created for each argument of each EJB method.
If the provider supports and requires this context handler, select the Requires the EJB arguments policy context handler for access decisions check box in the External JACC provider link under the Authorization providers panel or by using scripting. Any changes to this option are effective after the servers are restarted. By default this option is disabled. Disable this option when using Tivoli Access Manager as the JACC provider, because the argument values are not required for access decisions.
Related concepts
Authorization providers
Tivoli Access Manager integration as the JACC provider
JACC support in WAS
Authorization providers
Related tasks
Enabling an external JACC provider
Authorizing access to J2EE resources using Tivoli Access Manager
Propagating security policy of installed applications to a JACC provider using wsadmin scripting
Related Reference
Interfaces that support JACC
Security authorization provider troubleshooting tips