WAS v8.5 > Secure applications > Authorizing access to resources > Authorization technology > Authorization providers

JACC policy context handlers

WebSphere Application Server supports all of the policy context handlers required by the Java Authorization Contract for Containers (JACC) specification. However, due to performance impacts, the EJB arguments policy context handler is not activated unless it is specifically required by the provider. Performance impacts result if objects must be created for each argument of each EJB method.

If the provider supports and requires this context handler, select the Requires the EJB arguments policy context handler for access decisions check box in the External JACC provider link under the Authorization providers panel or using scripting. Any changes to this option are effective after the servers are restarted. By default this option is disabled. Disable this option when using Tivoli Access Manager as the JACC provider, because the argument values are not required for access decisions.


Related concepts:

Authorization providers
Tivoli Access Manager integration as the JACC provider
JACC support in WAS


Related


Enable an external JACC provider
Authorizing access to Java EE resources using Tivoli Access Manager
Propagating security policy of installed applications to a JACC provider using wsadmin.sh


Reference:

Interfaces that support JACC
Security authorization provider troubleshooting tips


+

Search Tips   |   Advanced Search