Role-based policy framework properties


Although it is very unlikely that you will need to change these properties, use this file to reference supported properties within the role-based policy framework.

The role-based policy framework parameters are located in the Java™ Authorization Contract for Containers (JACC) configuration file and in the authorization configuration file. They are set at the time of JACC provider configuration and authorization server configuration. The role-based policy framework settings for the authorization table and the JACC provider can be modified separately for each WAS instance. The amwas.node_server.authztable.properties configuration file is generated from the authorization table. The amwas.node_name_server_name.amjacc.properties configuration file is generated from the JACC provider. Both files are located in...

$WP_PROFILE/etc/tam

It is very unlikely that we might need to change these properties. The properties are described here for reference.

The settings cannot be changed after configuration. Make changes in the template properties file before any configuration actions are performed. Properties that are changed after configuration will cause access decisions to fail.

com.tivoli.pd.as.rbpf.AMAction=i

Is used to signify that a user is granted access to a role. This value is added to a TAM access control list (ACL) and places invoke access on roles for users and groups.

com.tivoli.pd.as.rbpf.AMActionGroup=WebAppServer

This property sets the TAM action group that serves as a container for the action specified by the com.tivoli.pd.as.rbpf.AMAction property. The permission set in the com.tivoli.pd.as.rbpf.AMAction property goes into this action group.

com.tivoli.pd.as.rbpf.PosRoot=WebAppServer

Is used to determine where roles are stored in the protected object space.

com.tivoli.pd.as.rbpf.ProductId=deployedResources

Location under the root location specified in the posroot property to separate other products in the protected object space. Embedded TAM objects are located in...

/WebAppServer/deployedResources

The default value is deployedResources.

com.tivoli.pd.as.rbpf.ResourceContainerName=Resources

This property specifies the TAM object space container name for the protected resources. Located in...

/WebAppServer/deployedResources/Resources

com.tivoli.pd.as.rbpf.RoleContainerName=Roles

This property specifies the TAM protected object space container name for the security roles. The default location in...

/WebAppServer/deployedResources/Roles





 

Related tasks


Set the JACC provider for TAM

 

Related information


JACC provider configuration properties for TAM