Enable an external JACC provider


Use this topic to enable an external JACC provider using the admin console.

The Java Authorization Contract for Containers (JACC) defines a contract between Java EE containers and authorization providers. This contract enables any third-party authorization providers to plug into a Java EE 5 appserver, such as WAS to make the authorization decisions when a Java EE resource is accessed.

 

  1. From the WAS admin console, click Security > Global security > External authorization providers.

  2. Under Related items, click External JACC provider.

  3. The fields are set for TAM by default. If we do not plan to use TAM as the JACC provider, replace these fields with the details for our own external JACC provider.

  4. If any custom properties are required by the JACC provider, click Custom properties under Additional properties and enter the properties.

    When using the TAM, use the TAM properties link instead of the Custom properties link. For more information, see Set the JACC provider for TAM .

  5. On the External authorization providers panel, select the External authorization using a JACC provider option and click OK.

  6. Complete the remaining steps to enable security. If we are using TAM, select LDAP as the user registry and use the same LDAP server.

    See on configuring LDAP registries, see Set LDAP user registries.

  7. Verify that all of the changes are synchronized across all nodes.

    See Synchronizing nodes with wsadmin

  8. In a multinode environment, stop and start the dmgr configuration. Issue the following commands:

    $WP_PROFILE/bin/stopManager.bat 
     -username user_name 
     -password password
    
    
    $WP_PROFILE/bin/startManager.bat

  9. Restart all servers to make these changes effective.


Set the JACC provider for TAM
Administer security users and roles with TAM
Set TAM groups
Set additional authorization servers for TAM
Logging TAM security
Interfaces that support JACC
Enable the JACC provider for TAM
Enable embedded TAM
Disable embedded TAM client
Forcing the unconfiguration of the TAM JACC provider
Propagating security policies and roles for previously deployed applications

 

Related concepts


Authorization providers
TAM integration as the JACC provider
JACC providers
JACC support in WAS

 

Related tasks


Authorizing access to J2EE resources using TAM
Propagating security policy of installed applications to a JACC provider using wsadmin scripting
Authorizing access to J2EE resources using TAM

 

Related


External Java Authorization Contract for Containers provider settings
Interfaces that support JACC
Security authorization provider troubleshooting tips