Use the built-in authorization provider

We can extend the capabilities of WebSphere Application Server by plugging in our own authorization provider. Use the built-in authorization or an external JACC authorization provider.

• Use the built-in authorization provider.

  IBM recommends that we do not modify any settings on the authorization provider panels if we use the Built-in authorization option.

• Use an external authorization provider.

  If we use the External authorization using a JACC provider option. The external providers must be based on the Java Authorization Contract for Containers (JACC) specification to handle the Java EE authorization. By default, WAS enables us to configure the Security Access Manager JACC provider as the default external JACC provider.

Subtopics

• External authorization provider settings
  
• External Java Authorization Contract for Containers provider settings
  
• ISAM JACC provider settings