+

Search Tips   |   Advanced Search

JACC registration of the provider implementation classes

The JACC specification states that providers can plug in their provider using the javax.security.jacc.policy.provider and the javax.security.jacc.PolicyConfigurationFactory.provider system properties.

The javax.security.jacc.policy.provider property is used to set the policy object of the provider, while the javax.security.jacc.PolicyConfigurationFactory.provider property is used to set the provider PolicyConfigurationFactory implementation.

Although both system properties are supported in WebSphere Application Server, it is highly recommended that we use the configuration model provided. We can set these values using either the JACC configuration panel (see Authorizing access to Java EE resources using ISAM for more information) or using wsadmin.sh. One of the advantages of using the configuration model instead of the system properties is that the information is entered in one place at the cell level, and is propagated to all nodes during synchronization. Also, as part of the configuration model, additional properties can be entered, as described in the JACC configuration panel.

Use the configuration model is especially recommended in the case of a WAS ND (ND) environment where multiple application servers can exist in the configuration. If the system properties are used, ensure that each of the JVM processes in the configuration set these properties. If the configuration model is used, the information is propagated to all processes through the synchronization process of the application server.


Related:

  • Authorization providers
  • ISAM integration as the JACC provider
  • JACC support in WAS
  • Enable an external JACC provider
  • Authorizing access to Java EE resources using ISAM
  • Propagating security policy of installed applications to a JACC provider
  • Interfaces that support JACC
  • Security authorization provider troubleshooting tips