WAS v8.5 > Secure applications > Authorizing access to resources > Authorizing access to Java EE resources using Tivoli Access Manager > Enable an external JACC provider

Enable embedded Tivoli Access Manager

Embedded Tivoli Access Manager is not enabled by default, and you need to configure it for use.

Enable Tivoli Access Manager security within WebSphere Application Server requires:

• A supported LDAP installed somewhere on your network. This user registry contains the user and group information for both Tivoli Access Manager and WAS.
• Tivoli Access Manager server exists and is configured to use the user registry. For details on the installation and configuration of Tivoli Access Manager, refer to the IBM Tivoli Access Manager for e-business information center.

  WAS contains an embedded client for Tivoli Access Manager. To use Tivoli Access Manager, you must also configure the Tivoli Access Manager server.

  However, the server version must be the same version or later as the client version. For information on the supported version of Tivoli Access Manager, see WAS - Supported Prerequisites.

• WAS is installed either in a single server model or as WAS, Network Deployment.

• When administrative security is configured with a Federal Information Processing Standard (FIPS) provider, the Tivoli Access Manager server must be configured for FIPS as well

To enable embedded Tivoli Access Manager security:

1. Create the security administrative user.

   For more information, see Create the security administrative user for Tivoli Access Manager.

2. Configure the Java Authorization Contract for Containers (JACC) provider for Tivoli Access Manager .

   For more information, see Tivoli Access Manager JACC provider configuration.

3. Enable WAS security. When using Tivoli Access Manager configure LDAP as the user registry.

   For more information, see Configure LDAP user registries.

4. Enable the JACC provider for Tivoli Access Manager.

   For more information, see Enable the JACC provider for Tivoli Access Manager.

Related

Enable an external JACC provider
Create the security administrative user for Tivoli Access Manager
Configure LDAP user registries
Enable the JACC provider for Tivoli Access Manager

Reference:

Tivoli Access Manager JACC provider configuration

+

Search Tips   |   Advanced Search