JACC policy context identifiers (ContextID) format
A policy context identifier is defined as a unique string that represents a policy context. A policy context contains all of the security policy statements as defined by the Java Contract for Containers (JACC) specification that affect access to the resources in a Web or EJB module.
During policy propagation to the JACC provider, a PolicyConfiguration object is created for each policy context. The object is populated with the policy statements, represented by the JACC permission objects that correspond to the context. The object is propagated to the JACC provider using the JACC specification APIs.
WAS makes the contextID unique by using the href:cellName/appName/moduleName string as the contextID format for the modules. The href part of the string indicates that a hierarchical name is passed as the context ID. The cellName represents the name of the dmgr cell or the base cell where the application is installed. After an application is installed in one cell (for example, in a base appserver where the cell name is base1) and is added to a dmgr cell whose name is cell1 by using addNode, the context ID for the modules in the application contain base1 (not cell1 ) as the cell name because the application is initially installed in base1.
The appName part of the string in the context ID represents the application name containing the module. The moduleName refers to the name of the module.
As an example, the context ID for the module Increment.jar file in an application named DefaultApplication that is installed in cell1 is the href:cell1/DefaultApplication/Increment.jar file.
TAM integration as the JACC provider
JACC support in WAS
Enable an external JACC provider
Authorizing access to J2EE resources using TAM
Propagating security policy of installed applications to a JACC provider using wsadmin scripting
Interfaces that support JACC
Security authorization provider troubleshooting tips