External authorization provider settings



Search Tips   |   Advanced Search


To enable a Java Authorization Contract for Containers (JACC) provider for authorization decisions...

Security | Global security | External authorization providers

The appserver provides a default authorization engine that performs all of the authorization decisions. In addition, the appserver also supports an external authorization provider using the JACC spec to replace the default authorization engine for Java EE applications.

JACC is part of the Java EE specification, which enables third-party security providers such as Tivoli Access Manager to plug into the application server and make authorization decisions.

Unless we have an external JACC provider or want to use a JACC provider for TAM that can handle Java EE authorizations based on JACC, and it is configured and set up to use with the appserver, do not enable External authorization using a JACC provider.

Built-in authorization

Use this option all the time unless you want an external security provider such as the TAM to perform the authorization decision for Java EE applications that are based on the JACC specification.

External JACC provider

Use this link to configure the appserver to use an external JACC provider. For example, to configure an external JACC provider, the policy class name and the policy configuration factory class name are required by the JACC specification.

The default settings that are contained in this link are used by TAM for authorization decisions. If we intend to use another provider, modify the settings as appropriate.


Related tasks

Propagating security policies and roles for previously deployed applications
Use the built-in authorization provider



External Java Authorization Contract for Containers provider settings