WebSphere Application Server supports all of the policy context handlers that are required by the Java Authorization Contract for Containers (JACC) specification. However, due to performance impacts, the EJB arguments policy context handler is not activated unless it is specifically required by the provider. Performance impacts result if objects must be created for each arguments of each EJB method.
If the provider supports and requires this context handler, select the Requires the EJB arguments policy context handler for access decisions check box in the External JACC provider link under the Authorization providers panel or by using scripting. Any changes to this option are effective after the servers are restarted. By default this option is disabled. Disable this option when using Tivoli Access Manager as the JACC provider, because the argument values are not required for access decisions.
Related tasks
Enabling an external JACC provider
Authorizing access to J2EE resources using Tivoli Access Manager
Propagating security policy of installed applications to a JACC provider
using wsadmin scripting
Related reference
Interfaces that support JACC
Authorization provider troubleshooting tips