Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Authorizing access to resources
Authorization technology
Authorization information determines whether a user or group has the necessary privileges to access resources.
WAS supports many authorization technologies including the following:
- Authorization involving the web container and Java EE technology
- Authorization involving an enterprise bean application and Java EE technology
- Authorization involving web services and Java EE technology
- JMS
- JACC
WAS supports both a default authorization provider and an authorization provider that is based on the JACC specification. The JACC-based authorization provider enables third-party security providers to handle the Java EE authorization. See JACC support in WAS.
- JAAS
See JAAS.
- Java 2 security
See Java 2 security.
- Naming and administrative authorization
- Pluggable authorization
WAS supports an authorization infrastructure that enables you to plug in an external authorization provider. See Enable an external JACC provider.
Related
Administrative roles and naming service authorization
Role-based authorization
Administrative roles
Authorization providers
Delegations
Web component security
Java 2 security
Multiple security domains
Secure enterprise bean applications
Related
Naming roles