Enable the JACC provider for Tivoli Access Manager


The Java Authorization Contract for Container (JACC) provider for Tivoli Access Manager is configured by default. Use this topic to enable the JACC provider for TAM.

Restriction: Do not perform this task if we are configuring the JACC provider for TAM to supply authentication services only. Only perform this task for installations that require both TAM authentication and authorization protection. The JACC provider for TAM is configured by default.

The following list shows the JACC provider settings for TAM:


Table 1. JACC provider settings for TAM

Field Value
Name TAM
Description This field is optional and used as a reference.
J2EE policy class name com.tivoli.pd.as.jacc.TAMPolicy
Policy configuration factory class name com.tivoli.pd.as.jacc.TAMPolicyConfigurationFactory
Role configuration factory class name com.tivoli.pd.as.jacc.TAMRoleConfigurationFactory
JACC provider initialization class name com.tivoli.pd.as.jacc.cfg.TAMConfigInitialize
Requires the EJB arguments policy context handler for access decisions false
Supports dynamic module updates true

To enable the JACC provider for TAM, use the previous settings and complete the following steps:

 

  1. Click Security > Global security > External authorization providers.

  2. Select the External authorization using a JACC provider option, then click Apply.

  3. Under Related Items, click External JACC provider.

    The JACC provider settings for TAM are displayed.

  4. Verify that the correct settings are present to work with your TAM configuration. For more information, see External Java Authorization Contract for Containers provider settings.

  5. Under Additional properties, click TAM properties.

  6. Click the Enable embedded TAM option and verify that the correct TAM server and WAS settings exist.

    See TAM JACC provider settings.

  7. Click OK.

  8. Save the settings by clicking Save at the top of the page.

  9. Log out of the WAS admin console.

  10. Restart WAS. The security configuration is now replicated to managed servers and node agents. These other servers within a cell also require restarting before the security changes take effect.

 

Related tasks


Set the JACC provider for TAM
Set the JACC provider for TAM using the wsadmin utility
Enable an external JACC provider

 

Related


External Java Authorization Contract for Containers provider settings
TAM JACC provider settings