Enable the JACC provider for Tivoli Access Manager
The Java Authorization Contract for Container (JACC) provider for Tivoli Access Manager is configured by default. Use this topic to enable the JACC provider for TAM.
Restriction: Do not perform this task if we are configuring the JACC provider for TAM to supply authentication services only. Only perform this task for installations that require both TAM authentication and authorization protection. The JACC provider for TAM is configured by default.
The following list shows the JACC provider settings for TAM:
Table 1. JACC provider settings for TAM
Field Value Name TAM Description This field is optional and used as a reference. J2EE policy class name com.tivoli.pd.as.jacc.TAMPolicy Policy configuration factory class name com.tivoli.pd.as.jacc.TAMPolicyConfigurationFactory Role configuration factory class name com.tivoli.pd.as.jacc.TAMRoleConfigurationFactory JACC provider initialization class name com.tivoli.pd.as.jacc.cfg.TAMConfigInitialize Requires the EJB arguments policy context handler for access decisions false Supports dynamic module updates true
To enable the JACC provider for TAM, use the previous settings and complete the following steps:
- Click Security > Global security > External authorization providers.
- Select the External authorization using a JACC provider option, then click Apply.
- Under Related Items, click External JACC provider.
The JACC provider settings for TAM are displayed.
- Verify that the correct settings are present to work with your TAM configuration. For more information, see External Java Authorization Contract for Containers provider settings.
- Under Additional properties, click TAM properties.
- Click the Enable embedded TAM option and verify that the correct TAM server and WAS settings exist.
See TAM JACC provider settings.
- Click OK.
- Save the settings by clicking Save at the top of the page.
- Log out of the WAS admin console.
- Restart WAS. The security configuration is now replicated to managed servers and node agents. These other servers within a cell also require restarting before the security changes take effect.
Set the JACC provider for TAM
Set the JACC provider for TAM using the wsadmin utility
Enable an external JACC provider
External Java Authorization Contract for Containers provider settings
TAM JACC provider settings