JACC policy context handlers

WAS supports all of the policy context handlers that are required by the Java Authorization Contract for Containers (JACC) specification. However, due to performance impacts, the EJB arguments policy context handler is not activated unless it is specifically required by the provider. Performance impacts result if objects must be created for each argument of each EJB method.

If the provider supports and requires this context handler, select the Requires the EJB arguments policy context handler for access decisions check box in the External JACC provider link under the Authorization providers panel or by using scripting. Any changes to this option are effective after the servers are restarted. By default this option is disabled. Disable this option when using TAM as the JACC provider, because the argument values are not required for access decisions.

---

 

Related concepts

Authorization providers
TAM integration as the JACC provider
JACC support in WAS
Authorization providers

 

Related tasks

Enable an external JACC provider
Authorizing access to J2EE resources using TAM
Propagating security policy of installed applications to a JACC provider using wsadmin scripting

 

Related

Interfaces that support JACC
Security authorization provider troubleshooting tips