Enable an external JACC provider using the console
The Java Authorization Contract for Containers (JACC) defines a contract between Java EE containers and authorization providers. This contract enables any third-party authorization providers to plug into a Java EE 5 application server, such as WebSphere Application Server to make the authorization decisions when a Java EE resource is accessed.
- From the WAS administrative console, click...
Security > Global security > External authorization providers > Related items > External JACC provider
- The fields are set for Security Access Manager by default. If we do not plan to use ISAM as the JACC provider, replace these fields with the details for our own external JACC provider.
- Set any required custom properties.
When using the IBM Security Access Manager, use the IBM Security Access Manager properties link instead of the Custom properties link.
- On the External authorization providers panel, select option:
External authorization using a JACC provider
Click OK.
- Complete the remaining steps to enable security.
If we are using IBM Security Access Manager, select LDAP as the user registry and use the same LDAP server.
- Verify that all of the changes are synchronized across all nodes.
- In a multinode environment, stop and start the deployment manager configuration.
profile_root/bin/stopManager.bat -username user_name -password password
profile_root/bin/startManager
- Restart all servers to make these changes effective.
Subtopics
- Configure the JACC provider for ISAM
- Administer security users and roles with ISAM
- Configure ISAM groups
- Configure additional authorization servers for ISAM
- Logging ISAM security
- Interfaces that support JACC
- Enable the JACC provider for ISAM
- Enable embedded ISAM
- TAMConfig
- Disable embedded ISAM client
- Forcing the unconfiguration of the ISAM JACC provider
- Propagate security policies and roles for previously deployed applications
Related:
Authorization providers ISAM integration as the JACC provider JACC providers JACC support in WAS Authorizing access to Java EE resources using ISAM Propagating security policy of installed applications to a JACC provider Synchronize nodes External Java Authorization Contract for Containers provider settings Interfaces that support JACC Security authorization provider troubleshooting tips